held24.ch Open in urlscan Pro
167.86.103.144 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://held24.ch/
Submission: On December 26 via api (December 26th 2023, 7:05:07 am UTC) from CH — Scanned from CH

Summary HTTP 351 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 37 IPs in 12 countries across 46 domains to perform 351 HTTP transactions. The main IP is 167.86.103.144, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is held24.ch.
TLS certificate: Issued by R3 on November 7th 2023. Valid for: 3 months.

This is the only time held24.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
55	167.86.103.144 167.86.103.144	51167 (CONTABO) (CONTABO)
5	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
45	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	52.50.148.141 52.50.148.141	16509 (AMAZON-02) (AMAZON-02)
26	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
39	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
9 37	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
6 12	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 8	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
48	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:aac8:1b9f:b7f8:fd94	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
2	34.160.236.64 34.160.236.64	15169 (GOOGLE) (GOOGLE)
3 3	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
3 3	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
4 4	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1 1	185.196.197.130 185.196.197.130	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	54.211.244.166 54.211.244.166	14618 (AMAZON-AES) (AMAZON-AES)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
3 3	188.42.105.236 188.42.105.236	7979 (SERVERS-COM) (SERVERS-COM)
2 2	3.76.149.124 3.76.149.124	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400a:8::a	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
3 6	23.192.250.178 23.192.250.178	16625 (AKAMAI-AS) (AKAMAI-AS)
6	51.83.212.112 51.83.212.112	16276 (OVH) (OVH)
1	87.118.116.9 87.118.116.9	31103 (KEYWEB-AS) (KEYWEB-AS)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
3	54.37.204.178 54.37.204.178	16276 (OVH) (OVH)
351	37

55 167.86.103.144 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi525362.contaboserver.net

held24.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.148.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-148-141.eu-west-1.compute.amazonaws.com

t.mindtake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 142.250.185.162 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.64.151.101 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.134 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:aac8:1b9f:b7f8:fd94 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.254 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 174.137.133.49 (United States) 3 redirects

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.0.160.131 (United States) 3 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:fa8:8806:13::1370 (Singapore) 4 redirects

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.196.197.130 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.211.244.166 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-244-166.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.105.236 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.76.149.124 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-149-124.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 98.98.134.241 (United States) 2 redirects

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (Schiphol, Netherlands) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400a:8::a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

r5---sn-1gieen7e.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.192.250.178 (Düsseldorf, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-250-178.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.83.212.112 (France)

ASN16276 (OVH, FR)
PTR: ip112.ip-51-83-212.eu

trck.trendtours.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.37.204.178 (France)

ASN16276 (OVH, FR)
PTR: 178.ip-54-37-204.eu

ht.uppr.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148 ade.googlesyndication.com — Cisco Umbrella Rank: 293	659 KB
69	doubleclick.net 13 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	232 KB
56	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25796 ad4m.at — Cisco Umbrella Rank: 11359 assets.ad4m.at — Cisco Umbrella Rank: 35458	666 KB
55	held24.ch held24.ch	570 KB
43	2mdn.net 2 redirects s0.2mdn.net — Cisco Umbrella Rank: 300 gcdn.2mdn.net — Cisco Umbrella Rank: 1193 r5---sn-1gieen7e.c.2mdn.net — Cisco Umbrella Rank: 843092	2 MB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	7 KB
8	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 192580 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 145563	3 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	451 KB
6	trendtours.de trck.trendtours.de	4 KB
6	awin1.com 3 redirects www.awin1.com — Cisco Umbrella Rank: 13930	4 KB
6	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com — Cisco Umbrella Rank: 2	11 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
4	dotomi.com 4 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	2 KB
4	gstatic.com fonts.gstatic.com	717 KB
3	uppr.de ht.uppr.de — Cisco Umbrella Rank: 143474	618 KB
3	medialead.de pv.medialead.de — Cisco Umbrella Rank: 47317	979 B
3	gonet-ads.com 3 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 27586	1 KB
3	rfihub.com 3 redirects a.rfihub.com — Cisco Umbrella Rank: 2935	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 681	998 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	2 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	653 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	e-volution.ai 2 redirects rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 8960	968 B
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1226	298 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	1 KB
2	mindtake.com t.mindtake.com — Cisco Umbrella Rank: 114079	763 B
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2814 pixel.wp.com — Cisco Umbrella Rank: 2796	3 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	139 KB
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 97477	549 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 1072	675 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1209	684 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	388 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 702	1 KB
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 9014	291 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	554 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	610 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 7973	489 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327	776 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	540 B
1	w.org s.w.org — Cisco Umbrella Rank: 3043	761 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	2 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
351	46

	Domain	Requested by
55	held24.ch	held24.ch
45	pagead2.googlesyndication.com	held24.ch pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
39	s0.2mdn.net	held24.ch s0.2mdn.net googleads.g.doubleclick.net
37	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
26	tpc.googlesyndication.com	held24.ch tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net pagead2.googlesyndication.com
24	assets.ad4m.at	as.ad4m.at
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com held24.ch googleads.g.doubleclick.net
16	ad4m.at	as.ad4m.at ad4m.at
16	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
8	ad.doubleclick.net	4 redirects held24.ch as.ad4m.at
7	www.googletagservices.com	held24.ch googleads.g.doubleclick.net
6	trck.trendtours.de	as.ad4m.at trck.trendtours.de
6	www.awin1.com	3 redirects as.ad4m.at
5	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
5	fonts.googleapis.com	held24.ch pagead2.googlesyndication.com
4	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
4	static-de.ad4mat.net	as.ad4m.at
4	googleads4.g.doubleclick.net	held24.ch
4	dclk-match.dotomi.com	4 redirects
4	fonts.gstatic.com	fonts.googleapis.com
3	ht.uppr.de	as.ad4m.at trck.trendtours.de
3	pv.medialead.de	as.ad4m.at
3	sync.gonet-ads.com	3 redirects
3	a.rfihub.com	3 redirects
2	ade.googlesyndication.com
2	r5---sn-1gieen7e.c.2mdn.net
2	gcdn.2mdn.net	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	pm.w55c.net	2 redirects
2	d5p.de17a.com	2 redirects
2	rtb2-useast.e-volution.ai	2 redirects
2	odr.mookie1.com	googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	t.mindtake.com	held24.ch
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	held24.ch www.googletagmanager.com
1	banner.congstar.de	as.ad4m.at
1	t.adx.opera.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	ads.travelaudience.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	dsp.adkernel.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
1	s.w.org	held24.ch
1	region1.google-analytics.com	www.googletagmanager.com
1	pixel.wp.com	held24.ch
1	cdnjs.cloudflare.com	held24.ch
1	stats.wp.com	held24.ch
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
351	61

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
plus.google.com
www.pinterest.com
www.youtube.com
nakigmbh.ch
mysterythemes.com

Subject Issuer	Validity	Valid
held24.ch R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.mindtake.com Amazon RSA 2048 M01	`2023-03-21` - `2024-04-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
ad4mat.net GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-11-21` - `2024-02-19`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
trck.trendtours.de R3	`2023-12-14` - `2024-03-13`	3 months	crt.sh
ht.uppr.de R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh

This page contains 52 frames:

Primary Page: https://held24.ch/
Frame ID: 54DF49A5AD5CBCA9C1A358805DDD8095
Requests: 83 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 6EB8460BB6AD78DCB7C6972741CC4A0E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&adk=1812271804&adf=3025194257&lmt=1703574301&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574300764&bpp=2&bdt=335&idt=301&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1544876262172&frm=20&pv=2&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=322
Frame ID: 678BB3C63F330D6AD123F219595B857A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=1403818051&adf=3784560394&pi=t.aa~a.508635323~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=363x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=75
Frame ID: 3660879DF04EF56BE47A5F9B3D836061
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=3303847354&adf=1582290432&pi=t.aa~a.1227727605~rp.4&w=376&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=376x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280&nras=3&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=101
Frame ID: 1C5C4F8E50D1DD8043ABE8EC04DB3097
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=280808517&adf=501350246&pi=t.aa~a.3437311115~rp.3&w=384&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=384x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1088&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280%2C376x280&nras=4&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=615&ady=1664&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=111
Frame ID: 142C69A3B0CE2FB1D0B830171857A97C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=250&adk=1035717735&adf=2321017761&pi=t.aa~a.374586502~rp.2&w=321&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=321x250&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1088&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280%2C376x280%2C384x280&nras=5&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1043&ady=1999&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=114
Frame ID: 411CBE278D2D94C17B93A1759D1D58BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=2492854786&adf=113491572&pi=t.aa~a.4074808907~rp.1&w=376&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=376x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280%2C376x280%2C384x280%2C321x250&nras=6&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=117
Frame ID: C9035FAF63CF9BB2D5843A085D476EFE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=200&adk=3264140195&adf=696333606&pi=t.aa~a.3174712542~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=363x200&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1088&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280%2C376x280%2C384x280%2C321x250%2C376x280&nras=7&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2585&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=119
Frame ID: 255F37A246F03D7558C02503ADE68A2E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 627B019E5AE3A309AE6AA543E0EC7E4F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 32022D3F50C26767589A67C51F808D83
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 05FBE188B9C983A7C38181CA4FFA1842
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIHh1PsBMAE&v=APEucNVn75_xxn7qxFUoU1afowM-wttb2KHdhg7wbD-UlmwdRxMWwj3fQSMdbvIV3VkS6rR6p1F7eGAmputGo0xXfTYwH9jhgw
Frame ID: 19B479DF5A226F19D8A60D16DCCFF8E3
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 9982BB1D6592D6738B555EAD5A864B01
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIHh1PsBMAE&v=APEucNVb28v9NMdGhlV3HhkW-BCrhCz15daJzMmaqOBu-3oiI6ftrik7shjt6aS-QpRAMJq5z8E4mB4kmoGTCCTUM2Zy7W-JAw
Frame ID: A5026C608263F5A7F2AEBBDAC39BF7A0
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 83E6D881B8B9D67241E0EB0724FE7CA7
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhiXoL_lATAB&v=APEucNWYfAlq1-5tCLgn3d26tSbDv071a6IjtwZj1qA17_Y-42pwgkxRkrNs136OJ2XDNSd-i5nOG6MOClq1tTOLseVtUp9ZVw
Frame ID: 273FECBE83F2B86B3C490E845E48C612
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: B50E842DF8E39E4BB44A489EC8DAC9E6
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7E94D4575840CA200446C5EDF92F16DF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250
Frame ID: 902DA6131EFB0B9BA84FDCB98ADF511D
Requests: 32 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jfes3zj08e34e8seenyed041y90j7ds1kzcdsn320gabjjmerqq742ydtg7jvkwtehmd6q51pexd8cgp3dta1ax6c98k6ggvgmwnfznjecw281qgt9sktd4hqa808z4zm75pcvnk23ncrqwg689rzandn38agg7q1vdvnv6e1s788dty839we4bg4mcpbqwqhpgvnkvj4c1sgqd622182h55rcfvewhfpvdp5htt69j7w89yhsy2znyqec6z72kajvrftrb0nvj4hbzmjjhbh97k6n815c35w5r90n6p4qhmshcgz1n1t4mekp99k438k7n8yc692nd0wewerh5desfcmqff884tn72km27p9069qagd74kp4hx6bxk0bz62vms6rqzw0jtd5r30tp8ckqh4wq6v1888dhjcapms8v21ndqj568904b0hsq63m31d2crsc62g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%26client%3Dca-pub-4525684120003226%26adurl%3D
Frame ID: 27C37EE6B46B5CAC0F25DE0B968A9E85
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: 29DA18620F6FDE2A11748F3D99A647E0
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D681431780263390B5BC35C512BE2A2E
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1khbc6085qxqbyvwghymzsnypth0t07c1n6qqtyvrdd632acmfej4dk060c6584bskfyzq59y7z7epetbne0rs27wke4q3cqnxqtyy63fk1jtbc27czntrnfrdfw5qp3ec1v2ta75q4n7k9xen6s9614qn97m1vj5xyky068v6e4w5jwv3p9aesbd6fwreav5kwb2k4tsta93zzg3n8br2j2kkd9jhnv3pwpp01zabheqemv5azq6t6p6rd1c049a02by572djekkjzc9x1apffh4ewzc107gdzwxch8gr7nef73qvvgs6mss3w8panwfgh84yv4zk5zd61w3f5gxemc0ax3vktanz6a2hky44w5aky0km9a37vt0gdw9531cpe4nka5ay6vh45tqp68ck5w4j3m8rzgrk4ndxj4fygssmg1snfk2hqk0bmtbaa41h8rt9eftr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5HP1HXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdJHRs3JNDERK-TYkjdRy33vMFVio1AQE_p6wmvr_fbX9ZTHUn-z8yCl9gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zZurvkJBg-QZv81Hpy8OuTpe5Lw%26client%3Dca-pub-4525684120003226%26adurl%3D
Frame ID: 7C156BC94A62A8F163ECFC95B7A7371E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: B8D109F14C0EE1B9E53B2E4DC423DD8B
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4E28F842EFDF88CE1D2EDD6F74943E91
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gjdpfkd8nhgsgygpp1t0gsacyjt6hyafpmbrgngq1mdb191bnatg8bew0v5rdzpv3cpxpzww8kg6nh10zvh2t01w8vy7b2n65bnan4t9j292m4zq3qy1ytqyecm6sy5cx6cmzvedw4r3n7frbjwr0htw6pnew5cem2xefv9vxdknx1f1y4nyaxcxcrndmj3jrs9v98hwh8ys9qj43njasdq5ykd1vgmm147s3740akbm4pa08cmter508v8s733sw02ckmpazeykj66r7szae7nxdfjftsnd0d5b2wd4w58mpbczeyrb3dd07g7hy8x46xecw97v6x3ggdx1ep8nk11nqqytqfw04qgdmaw5xfxya9ft9x1gzamcybaww97eqrfyyenfhkxbv48s6dege7x8je2mgs9n62cqzeawje2abetyr3yhfepe7asd95zfg345hzp7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%26client%3Dca-pub-4525684120003226%26adurl%3D
Frame ID: 32C9C0EFB2A5022F2DF59A2C884D58DB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: A7DA0C6321959B4BD357B06085CACCE2
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C9016D9F789B2EF443C65465E539200E
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1jc0ngz3as7czqwbh3vdamdaewqy7a0j18tn7yw44dpsrtr8b2zb1snye9h2582g3emgxx0das00spr7a0yekq010yzjxq1bbrjbfdyfyb1dmr17q2t7712j1rgambpnfxx37sarkx8x7z1zmfjrrrx988mbz6hq7fv8v5angzzch9k6wsmnv9vrmfb0gaay55e8txc2k7350pwje03m20jt4b81dzepa75fj1cfd8q6yrhzxvw6n6jtpsdwjsk5fy0k89622b80gf1t36cq2qdb8be76kee6m1d6qctyx3fbxmafsys3j3dvb2k6zhnref8awx0kr9pntej37pprk19nem1j08hjev5fh8a2hntdzeqgpkdctswpsfebt6am4j530g715r5607py271d4n5byx74ms5h25wz40y14mzedzmdxj69yme98r9w45n8tec68cfyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%26client%3Dca-pub-4525684120003226%26adurl%3D
Frame ID: CC0E04FD49986B957C3C49D8DC867F5C
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Frame ID: 9E1ADBC158150357DDB909073B7609A4
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8CD47F0346238EE12847841A346C2F60
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8512166502049628260/index.html?e=69&leftOffset=0&topOffset=0&c=Qzh5vFBy6C&t=1&renderingType=2&ev=01_250
Frame ID: 4BBFDF27805A9EAB5F8AEE508C963D3E
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 202D65C0614900621A0188FA0AE21790
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A414558A70C8AD6EBDFF43D8A08452B9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8512166502049628260/index.html?e=69&leftOffset=0&topOffset=0&c=PqkQDIZN2x&t=1&renderingType=2&ev=01_250
Frame ID: 4347925970596D5A61F91AAD6917BCCF
Requests: 6 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 83B4805B59AF40C73C82AFFB7B3487E0
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: C7E588347643936E2D66496A9255D44C
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: C3E8B57B2C4E328903E2DEAB4B6A1046
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 0EEAF5D19F292D9050F28595577CD065
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: B60BEDD88D8C2E24960503CBB5DB8D6E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 5111D154DD7DCED115B07A302268364D
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34719%2C19840%2C63352&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J&c=300&d=250&e=&g=eae246ed8b90a0f192700ffb52eabc67%2F13591470410687926641&i=26474%2C22610%2C28908&j=41%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302564&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k99zy3hdpzppcw0g6bsck32jn44h910x50hgsyehhbs4y4hzpw7r9xd6rqqdja81731yyk1xsxbca3sppxfgbsg5gw6x1j3j5pw7tgzmrkwyxegf2se3wwz85fk556fe9h9063pv08qmetsb8zeh6etpqvj7g6t4kk215daj8q6jv42vgpr0zvmdyc61dvxzsqh33xss4vx7xtg88npmqssqwkdag03aypnpk1783nggqqbggw9n9a3bhtz8p7aexn5zsg5ehqrcvvm366x2zgr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Frame ID: 7DE6289F1DCEE975743D3A47C28187F5
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 3A37F8F91C243E9CC20257A703D7DEDA
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579%2C11184%2C19840&b=1xVfbfKfZd1c9HdH9tAtb9rC2SKTGGmUx73J%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem&f=wqZHdfjf1j4SEHRH2tEC867tzSATmmJCKJpP%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ&c=300&d=250&e=&g=edfeb25695cd45b09b5a4a3c6f8e7bad%2F3477082243280992167&i=26474%2C20374%2C22610&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302568&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fkafk4am2m85xbqxxx8sf7yjwwecv88bb8v73bkzemewk9716bfpy938ka9y4h6jbn541hywxraz83a614akyvwnxm0q914r23zp3jdggkj92mhfxw266y4gdvmnz20ck37jyzew2v6trfk9rhja1rdr3yjgxqap1qkdkqh37cnyqgamgf78gn6vhhg318zxndrjes56s3axgrr5xd6ka62yxzt9rhgnprgqm8223eav94w3f8qp39hxa7b7j5gnpqnrw8t4zyfj6ek2bp5vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5HP1HXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdJHRs3JNDERK-TYkjdRy33vMFVio1AQE_p6wmvr_fbX9ZTHUn-z8yCl9gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zZurvkJBg-QZv81Hpy8OuTpe5Lw%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Frame ID: 4A80353FFE0894FC3B5A623BB2668E18
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=34719%2C63352%2C11184&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7&c=300&d=250&e=&g=a642404264b2020e9af9ab715732166f%2F2487855907477922609&i=26474%2C28908%2C20374&j=41%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302586&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjk57gj86c9vj4vn5sam325csxhgsm60sbjfejxg0ftkt86mpaqkzntqf634k2wkptxxsjwe5dc1wrnhs38e5e56tfy1fhw0vmvkn3b26qw31gzwvzcd7swpxpk2zz8tcy3h8w0pzr6zj4gees6p01dtm4ny0rk9av47ccss2dpsnwg31d4dh3kkmd67c93v7jwphsc5gsxqx6rqcb6jcv0f9gdgh6c0vmcs2ndv4m8xb2e2bskb3vm04246t202ek5n6k30qq2r5n9mbb6r21y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Frame ID: D09D082991A7799BDC2E41573ED4B7D7
Requests: 12 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=63352%2C19840%2C196438&b=9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2CPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8&f=1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2Cbj2SQfZf59KdsYHbHzt8Cpb1tbSJTMMqTKqem&c=300&d=250&e=&g=b1b2ee0a0dabf9512b8c7b0f7b504fe4%2F10345385199233203248&i=28908%2C22610%2C25174&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302596&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hds7z1q4kkk2sg32b3k3e0x29wg416qd2nava6kfktc3fae852fw6cehp7k9qrt9v04ahr5j0mk9dtg9d48q9gcafm27gj80m12cgm2a6qdfm66tx75v103xz38tja915jm63eazbt1re0dryabkz2wtt4xbkh2a134k54cxcb34tczst104ajdyw01jhrbcx4cjpqzhdtmj4dy2q5ge69zrm668xa20m1ryetbghjw4mrym5ng6wgkthr4tp0bypew3b6rfntghqw7bc9d8mxy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Frame ID: E1B98A3742394E5953E7BB053F047961
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 04AB91DBAEA6B9B05B8E9DCC5FEB783E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 728BCA5E0D3C10ADA85DA9104F301ECA
Requests: 2 HTTP requests in this frame

Frame: https://trck.trendtours.de/trck/htlp/htlp.html?utm_medium=affiliate&campaign_id=165&pvid=658a7b1eb3766501af9f451f&gdpr=0&gdpr_consent=&gdpr_pd=0
Frame ID: 1DE49B77F6834F8D8417DA9F41B9C019
Requests: 1 HTTP requests in this frame

Frame: https://trck.trendtours.de/trck/htlp/htlp.html?utm_medium=affiliate&campaign_id=165&pvid=658a7b1eb3766501af9f451d&gdpr=0&gdpr_consent=&gdpr_pd=0
Frame ID: 3776985E889575E5D595F7FDEC989867
Requests: 1 HTTP requests in this frame

Frame: https://trck.trendtours.de/trck/htlp/htlp.html?utm_medium=affiliate&campaign_id=165&pvid=658a7b1eb3766501af9f451b&gdpr=0&gdpr_consent=&gdpr_pd=0
Frame ID: BE18B0ABD79ED2A623DFB6C9BDB6DAC0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Held24

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

351
Requests

89 %
HTTPS

42 %
IPv6

46
Domains

61
Subdomains

37
IPs

12
Countries

5804 kB
Transfer

11587 kB
Size

59
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/mysterythemes/

Search URL Search Domain Scan URL

URL: https://twitter.com/mystery_themes

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/mysterythemes

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/115111659652623704481

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/mysterythemes

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCnGp3UHMB4DH8W_KmSmrCEw

Search URL Search Domain Scan URL

URL: http://nakigmbh.ch/

Search URL Search Domain Scan URL

URL: https://nakigmbh.ch/

Search URL Search Domain Scan URL

URL: https://mysterythemes.com/
Title: Mystery Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECJ5aFPjSgc6hBu0n8iLmX0&google_cver=1

Request Chain 113

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYp7HWnFd23V9YzuJlda9gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyk9zARXAl8F8Ci9ZAFpdg&google_cver=1

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECJ5aFPjSgc6hBu0n8iLmX0&google_cver=1

Request Chain 116

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYp7HRUuvDYxbh-dirAr4QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyk9zARXAl8F8Ci9ZAFpdg&google_cver=1

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECJ5aFPjSgc6hBu0n8iLmX0&google_cver=1

Request Chain 119

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYp7HdbmOd3AM8hU755jGAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyk9zARXAl8F8Ci9ZAFpdg&google_cver=1

Request Chain 184

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPJIUEyzLR4kZQ3axh6WSZs&google_cver=1&google_push=AXcoOmRdvnPVkBuhRzRBbcG-OksXBQ6EEC4jEVXy3goTJuqengwO9m7BDu48JH-qaZm67G_srjWmL_TOUm6IoLpe15O7anb2PWY88kU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPJIUEyzLR4kZQ3axh6WSZs&google_push=AXcoOmRdvnPVkBuhRzRBbcG-OksXBQ6EEC4jEVXy3goTJuqengwO9m7BDu48JH-qaZm67G_srjWmL_TOUm6IoLpe15O7anb2PWY88kU

Request Chain 185

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEMM29nOFynNPduEFvPVIvCI&google_cver=1&google_push=AXcoOmS_kXlqPjJI-mDybN-pgZSSGcbwWgfQ0Wjc21aPGJ5J7tWCY3yce4Qg7B_dvVlEw7HTfZ53iRHTjY-zyP0Jifg-UxMbsGvTJkM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS_kXlqPjJI-mDybN-pgZSSGcbwWgfQ0Wjc21aPGJ5J7tWCY3yce4Qg7B_dvVlEw7HTfZ53iRHTjY-zyP0Jifg-UxMbsGvTJkM

Request Chain 186

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPocpA1QHXArspNnMvw8V7M&google_cver=1&google_push=AXcoOmQNsiFCfGayGoWBYt3Zm3PPTVKke1e7s2iuWo7io6M5l5vfC_186TpUIHH3pBFJofCNwL0iFJsOsAQYSVQnTI1vbLSJZRU-PA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQNsiFCfGayGoWBYt3Zm3PPTVKke1e7s2iuWo7io6M5l5vfC_186TpUIHH3pBFJofCNwL0iFJsOsAQYSVQnTI1vbLSJZRU-PA&google_hm=eS1UTXpjTXRKRTJwR0taSW5ZbXEwdm5BZlBZbGd1c2pYMX5B

Request Chain 187

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOZrEoZivwZpWDyE9YqpuV4&google_cver=1&google_push=AXcoOmSKFgHtDH_-igINyM14UAASSYDp6iTTQPGyMJs6vIgsZwcHzZm1OsncUUGHqJhiK6FlzgiF7zKkn-1LGsvoS4FO_ZSf9a8_j44 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOZrEoZivwZpWDyE9YqpuV4&google_cver=1&google_push=AXcoOmSKFgHtDH_-igINyM14UAASSYDp6iTTQPGyMJs6vIgsZwcHzZm1OsncUUGHqJhiK6FlzgiF7zKkn-1LGsvoS4FO_ZSf9a8_j44 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIxODM0NzkxODgxMTY3NzM2NQ&google_push=AXcoOmSKFgHtDH_-igINyM14UAASSYDp6iTTQPGyMJs6vIgsZwcHzZm1OsncUUGHqJhiK6FlzgiF7zKkn-1LGsvoS4FO_ZSf9a8_j44

Request Chain 189

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESENpscrN79pYtRXVYzN7FaLE&google_cver=1&google_push=AXcoOmQvbNQWVYYLqumQEcz8JhULs8OIVCwK6IYR_DWvdC-k-8XuRpitaUErqYQfPVKPeqW341eKEOVfS5HABmi0Q0ReSJVtsIekImW4 HTTP 302
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESENpscrN79pYtRXVYzN7FaLE%26google_cver%3D1%26google_push%3DAXcoOmQvbNQWVYYLqumQEcz8JhULs8OIVCwK6IYR_DWvdC-k-8XuRpitaUErqYQfPVKPeqW341eKEOVfS5HABmi0Q0ReSJVtsIekImW4 HTTP 302
https://rtb2-useast.e-volution.ai/sync?adkuid=A5513383713192395317&exchange=193&google_gid=CAESENpscrN79pYtRXVYzN7FaLE&google_cver=1&google_push=AXcoOmQvbNQWVYYLqumQEcz8JhULs8OIVCwK6IYR_DWvdC-k-8XuRpitaUErqYQfPVKPeqW341eKEOVfS5HABmi0Q0ReSJVtsIekImW4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTU1MTMzODM3MTMxOTIzOTUzMTc&google_push=AXcoOmQvbNQWVYYLqumQEcz8JhULs8OIVCwK6IYR_DWvdC-k-8XuRpitaUErqYQfPVKPeqW341eKEOVfS5HABmi0Q0ReSJVtsIekImW4

Request Chain 190

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDBzw_L-4IWhyxs74cdfpF4&google_cver=1&google_push=AXcoOmQv2Rt2A020ydyPNtNCHKvjU1qx0_lk-xK3ORp6NQHwIA-v3vUzOtowPkC70irDhtlHJ5EWgfij6fjxuGLaKL_ydIGGkY9XLHqK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQv2Rt2A020ydyPNtNCHKvjU1qx0_lk-xK3ORp6NQHwIA-v3vUzOtowPkC70irDhtlHJ5EWgfij6fjxuGLaKL_ydIGGkY9XLHqK&google_hm=MTI3NDE1MTcxNDY2MTY3MzQzMw==

Request Chain 196

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOUt39Olqt5ba3NR3VQ0Rds&google_cver=1&google_push=AXcoOmQz41eiEAqQCNyFDHAGyhe4ZWH0a2E-SO2Q2JDGFrzobcZjQ7srWUwe4iDptMbkNMAOX5eFAXiFxDYtvYIoQKZ-etYlFxaVLM3f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQwMzk0NTI4ODMxMzU4MzkxNA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKvXpO9HmuAykr7744gT6Vo&google_cver=1

Request Chain 197

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOY2KP09KrJPnCUoleg3ND4&google_cver=1&google_push=AXcoOmTB_UHbE7DWFxdMSQXXP9gDprl0gmzhO-fBlkMDtqVSi18ImXjZgoNbNQh9K-UhK-y8cnWM8pJuvhTMoNtFayhByQYAnZswktyB HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=101bb70cbc1915b6&is_secure=true&networkId=14000&version=1&google_gid=CAESEOY2KP09KrJPnCUoleg3ND4&google_cver=1&google_push=AXcoOmTB_UHbE7DWFxdMSQXXP9gDprl0gmzhO-fBlkMDtqVSi18ImXjZgoNbNQh9K-UhK-y8cnWM8pJuvhTMoNtFayhByQYAnZswktyB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIBSOwfVV8-ANftjcLAAAAAAA&expiration=1703660702&google_cver=1&is_secure=true&google_gid=CAESEOY2KP09KrJPnCUoleg3ND4&google_push=AXcoOmTB_UHbE7DWFxdMSQXXP9gDprl0gmzhO-fBlkMDtqVSi18ImXjZgoNbNQh9K-UhK-y8cnWM8pJuvhTMoNtFayhByQYAnZswktyB

Request Chain 198

https://a.tribalfusion.com/i.match?p=b6&u=CAESENZnxB9Fnl7_pfsznAQarCA&google_cver=1&google_push=AXcoOmRs_baQ9hvElTI0wD0s_ldHDS8im-WfqscCh1FRc6CWUxwFhC9dm-E2dLlL_4lW427rpCMlaO12wNDeannFifZERI7J5nrUgS25&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRs_baQ9hvElTI0wD0s_ldHDS8im-WfqscCh1FRc6CWUxwFhC9dm-E2dLlL_4lW427rpCMlaO12wNDeannFifZERI7J5nrUgS25%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENZnxB9Fnl7_pfsznAQarCA&google_cver=1&google_push=AXcoOmRs_baQ9hvElTI0wD0s_ldHDS8im-WfqscCh1FRc6CWUxwFhC9dm-E2dLlL_4lW427rpCMlaO12wNDeannFifZERI7J5nrUgS25&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRs_baQ9hvElTI0wD0s_ldHDS8im-WfqscCh1FRc6CWUxwFhC9dm-E2dLlL_4lW427rpCMlaO12wNDeannFifZERI7J5nrUgS25%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 199

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAfjJM29zdWKWyuK70syXMY&google_cver=1&google_push=AXcoOmTKNM7w62QNtS-nTO66NUu08w3AHH54U4bB0GrqvHAurezPWat8W_wYgjRf-RGNLjieBhLsvolLlTQJ3C_ax_de6MdpJ37ZCgy- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTKNM7w62QNtS-nTO66NUu08w3AHH54U4bB0GrqvHAurezPWat8W_wYgjRf-RGNLjieBhLsvolLlTQJ3C_ax_de6MdpJ37ZCgy-&google_hm=foyHsditQPelcdw3cl7OflY

Request Chain 200

https://ads.travelaudience.com/google_pixel?google_gid=CAESENQlv-NRUEdNnZMhhKVl4f0&google_cver=1&google_push=AXcoOmRhP4jgs8G2Kahmnxj4XMv6qWF-jir-kfD78fhRO6o2N7tUSjXd3j0luevHZQsGnhCt1Mu5tSojW1EtW63kOH6K6OTrwiqkM1o HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=D-LGv9OTTAUKezx0cvV2Cw&google_push=AXcoOmRhP4jgs8G2Kahmnxj4XMv6qWF-jir-kfD78fhRO6o2N7tUSjXd3j0luevHZQsGnhCt1Mu5tSojW1EtW63kOH6K6OTrwiqkM1o

Request Chain 201

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI_QwPvc_MFfT64YiGsiaOA&google_cver=1&google_push=AXcoOmSAKHg5kNHePw8DfcGXpvjZpUEcCa2C4Su8sPEe21AGgBfSRBqy7PS-1s7vUgD15KaWOjwumDIfT1_HCgR6F4bS58kYoElIMcKh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSAKHg5kNHePw8DfcGXpvjZpUEcCa2C4Su8sPEe21AGgBfSRBqy7PS-1s7vUgD15KaWOjwumDIfT1_HCgR6F4bS58kYoElIMcKh&google_hm=eS1EcmJNbEo5RTJwRl9VRjRNVm9XTHYua2lXSDRLV3BGUn5B

Request Chain 202

https://d5p.de17a.com/cookies/google?google_gid=CAESEIwi0K8A6RJifYgCMPGJv14&google_cver=1&google_push=AXcoOmSIfF4dk9M2x4DjTaTAErPMETcIz0iY47FInEB-_EXwdyU9_wcZqDQ8zMznP1MY8PZcl_CYR7a8gh_8NluwPyAPqTwWhDXLzU8 HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIwi0K8A6RJifYgCMPGJv14&google_cver=1&google_push=AXcoOmSIfF4dk9M2x4DjTaTAErPMETcIz0iY47FInEB-_EXwdyU9_wcZqDQ8zMznP1MY8PZcl_CYR7a8gh_8NluwPyAPqTwWhDXLzU8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSIfF4dk9M2x4DjTaTAErPMETcIz0iY47FInEB-_EXwdyU9_wcZqDQ8zMznP1MY8PZcl_CYR7a8gh_8NluwPyAPqTwWhDXLzU8

Request Chain 207

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBERBkKURYC2XSIhUjjCFLY&google_cver=1&google_push=AXcoOmROF-qoLuArl4O05TXY1cMhs5Y6zs7Vmxr7d3diqrSvVYKrHJB1nIMR1swwDWY0J6Vs9NKIAx0KN1i6TSNvu_4V8enkca7hIA HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=27634bfc96b185a&is_secure=true&networkId=14000&version=1&google_gid=CAESEBERBkKURYC2XSIhUjjCFLY&google_cver=1&google_push=AXcoOmROF-qoLuArl4O05TXY1cMhs5Y6zs7Vmxr7d3diqrSvVYKrHJB1nIMR1swwDWY0J6Vs9NKIAx0KN1i6TSNvu_4V8enkca7hIA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHtp_bSrKqzQM_AhNKAAAAAAA&expiration=1703660702&google_cver=1&is_secure=true&google_gid=CAESEBERBkKURYC2XSIhUjjCFLY&google_push=AXcoOmROF-qoLuArl4O05TXY1cMhs5Y6zs7Vmxr7d3diqrSvVYKrHJB1nIMR1swwDWY0J6Vs9NKIAx0KN1i6TSNvu_4V8enkca7hIA

Request Chain 209

https://s.uuidksinc.net/match/47/?remote_uid=CAESECSg-PRl7XXVfWhkJw10iPo&c_param1=AXcoOmRviizOGrblUNTkg_xC3JyE8NzUKP_JknDKWcLpiYrfEs8BOSnEB1c9KxCsWkgsGj6adAPTs0eoC5NkqEt8ic5cLO9DwOqhmVE&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRviizOGrblUNTkg_xC3JyE8NzUKP_JknDKWcLpiYrfEs8BOSnEB1c9KxCsWkgsGj6adAPTs0eoC5NkqEt8ic5cLO9DwOqhmVE

Request Chain 210

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJ_At6h-rlp5VZ0Rx3stmfM&google_cver=1&google_push=AXcoOmQYVFnfooHb9oFGEieDCWAlwHjdgxsn1PONcMOk_1zYoNg8derg9nLIdHW_qNQp6LXfFganpU_Puw9meVAxqowf6EWDpvTkzzY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=hyPmtSl3USlcCUjwoPcKO5VYG1Y&google_push=AXcoOmQYVFnfooHb9oFGEieDCWAlwHjdgxsn1PONcMOk_1zYoNg8derg9nLIdHW_qNQp6LXfFganpU_Puw9meVAxqowf6EWDpvTkzzY

Request Chain 211

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPVP4HmGzTgpAIGAN7nqFs8&google_cver=1&google_push=AXcoOmQH2n4YbiZre5B3CTpbnOzpyuKqbkhL2r8aW0m_Ibdhg77ON7qRK420kXg95l72s8GNuXzu6UfM1pQBGvTMSA59Ry4-hwBXp3w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQH2n4YbiZre5B3CTpbnOzpyuKqbkhL2r8aW0m_Ibdhg77ON7qRK420kXg95l72s8GNuXzu6UfM1pQBGvTMSA59Ry4-hwBXp3w

Request Chain 212

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEInyuGHKLvcQvC2H1s3w-yM&google_cver=1&google_push=AXcoOmTZHBTSdzzGbkKrS-Cb7FyB0ZLTnikhLnQZDHQYLkwBdNReUQ8hjvfSYVtyrbofP5JNi4xaEdFjxrAqFT_Pp56CvngrLsp1euM2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTZHBTSdzzGbkKrS-Cb7FyB0ZLTnikhLnQZDHQYLkwBdNReUQ8hjvfSYVtyrbofP5JNi4xaEdFjxrAqFT_Pp56CvngrLsp1euM2&google_hm=MzYyMjIzODI1NjEyNDk3MTEyNw==

Request Chain 213

https://sync.gonet-ads.com/match/google?google_gid=CAESEO0mI8EalXuLnjmPFb4I4S8&google_cver=1&google_push=AXcoOmR8krz-t20fu_sySdDqyr1MDfpIx1ynzTl5HgmBjLXDw7teTcYzAh1-BPDQk9CHsJTj_2EIn72YtQNmWjDD6o6BYtm8LlBWmdw HTTP 302
https://sync.gonet-ads.com/match/google?google_gid=CAESEO0mI8EalXuLnjmPFb4I4S8&google_cver=1&google_push=AXcoOmR8krz-t20fu_sySdDqyr1MDfpIx1ynzTl5HgmBjLXDw7teTcYzAh1-BPDQk9CHsJTj_2EIn72YtQNmWjDD6o6BYtm8LlBWmdw&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NmQ2Y2U1N2EwYzYxYWE0Mg&google_push=AXcoOmR8krz-t20fu_sySdDqyr1MDfpIx1ynzTl5HgmBjLXDw7teTcYzAh1-BPDQk9CHsJTj_2EIn72YtQNmWjDD6o6BYtm8LlBWmdw HTTP 302
https://sync.gonet-ads.com/match/google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NmQ2Y2U1N2EwYzYxYWE0Mg&google_push= HTTP 302
https://s0.2mdn.net/dot.gif?google_error=5

Request Chain 218

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHuttdUOrIfvh22ICGwUL1A&google_cver=1&google_push=AXcoOmQDfCV5tmZSSywbPgzfknrpI2vk6jJnGw1eF3RWqGR2CvuNJgNi-A4LbNDmOJL-QY9pL_5oRAdE5xOG0sR5KfktBFla3b_0I0g HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHuttdUOrIfvh22ICGwUL1A&google_cver=1&google_push=AXcoOmQDfCV5tmZSSywbPgzfknrpI2vk6jJnGw1eF3RWqGR2CvuNJgNi-A4LbNDmOJL-QY9pL_5oRAdE5xOG0sR5KfktBFla3b_0I0g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eWtMVUM4R1kxUmkxdVM1&google_gid=CAESEHuttdUOrIfvh22ICGwUL1A&google_cver=1&google_push=AXcoOmQDfCV5tmZSSywbPgzfknrpI2vk6jJnGw1eF3RWqGR2CvuNJgNi-A4LbNDmOJL-QY9pL_5oRAdE5xOG0sR5KfktBFla3b_0I0g

Request Chain 220

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEP0Jac2mPKqH_pee_eZj1oI&google_cver=1&google_push=AXcoOmRSvA6CELfiWp6UWEemY91SYKZ-VHiD-sSSU9FpDbCpF5IQzrpb4bczQvL8R_8gQhtG0LfeiO7rPR12jmgsMs4yJyqR68B-aGQ HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEP0Jac2mPKqH_pee_eZj1oI&google_cver=1&google_push=AXcoOmRSvA6CELfiWp6UWEemY91SYKZ-VHiD-sSSU9FpDbCpF5IQzrpb4bczQvL8R_8gQhtG0LfeiO7rPR12jmgsMs4yJyqR68B-aGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=3i6wdpf8R_2k01xwwtNSw2WKex4

Request Chain 221

https://ums.acuityplatform.com/tum?umid=4&uid=CAESECR7D8MkfGLlq0MTQUlDbvk&google_cver=1&google_push=AXcoOmRit2Fefbo-QG5BAuPHFdr5_9UmgsS28iaVJ2YwJO5_XVSSljctiKN--SXropMLbk623P8k2DvKZeuDiWabLr9wHMO4plNq5mo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=869334896357&us_privacy=1---

Request Chain 223

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEBRvIJ7Dl3bOe7zDYn4n8AM&google_cver=1&google_push=AXcoOmQwNRz-mq0fMicEo8MGZHaDEEum8dFXhMvV4MwnnSTlR018f2OY2fcUYbBRmUXDEra8W93OizuN_ZoZZzXjmrO2UUYibGJqqiVk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQwNRz-mq0fMicEo8MGZHaDEEum8dFXhMvV4MwnnSTlR018f2OY2fcUYbBRmUXDEra8W93OizuN_ZoZZzXjmrO2UUYibGJqqiVk&google_hm=MzUzMjUwNTc0NTU2NTcyNTMzOQ==

Request Chain 224

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQAib2F8AQbsXVe8dKOIuUMP7QLiqTA8AVZxEl3mOUvpLR5Q5el43cKCit5vzgdATZIdi4yEYmXf3zzklnwBXo9cZXTwY57RD8&google_gid=CAESEEafCHPNx47rh45ugShpNQ4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEafCHPNx47rh45ugShpNQ4&google_hm=T1BVYTJkNDY3ZjU1ZWQ1NGI1YWE2Njk0NzM2YjAwNmRkNTQ&google_nid=opera_norway_as&google_push=AXcoOmQAib2F8AQbsXVe8dKOIuUMP7QLiqTA8AVZxEl3mOUvpLR5Q5el43cKCit5vzgdATZIdi4yEYmXf3zzklnwBXo9cZXTwY57RD8

Request Chain 272

https://gcdn.2mdn.net/videoplayback/id/b724c99b88314837/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735110301/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/0C92B47BABB9EA5918584E681139DE700BFD2E6E.0C193E0BD8E6C35D26AA5E411A1F6E565E3641ED/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-1gieen7e.c.2mdn.net/videoplayback/id/b724c99b88314837/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735110301/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3D052A063DAD9D667EE0A7048984641A7B5EC2E5.82386A07D4579410AE5866F57D9434EC9BF1EE88/key/cms1/cms_redirect/yes/mh/Ko/mip/2a02:6ea0:d418:0:5b7::1/mm/42/mn/sn-1gieen7e/ms/onc/mt/1703572960/mv/u/mvi/5/pl/44/file/file.mp4

Request Chain 273

https://gcdn.2mdn.net/videoplayback/id/b724c99b88314837/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735110301/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/2DC7CDC2393326E9D0BCBEC0959192ABFE9BF0D2.874E080B68C01819A986819C9769A85B2A0B4924/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-1gieen7e.c.2mdn.net/videoplayback/id/b724c99b88314837/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735110301/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/127FE2FF8BB186EED7EE1F80FEDC8EF9F435CBDE.30DF14099FF782C3F1057E057E12D34EED335492/key/cms1/cms_redirect/yes/mh/Ko/mip/2a02:6ea0:d418:0:5b7::1/mm/42/mn/sn-1gieen7e/ms/onc/mt/1703572960/mv/u/mvi/5/pl/44/file/file.mp4

Request Chain 314

https://www.awin1.com/cshow.php?s=2389702&v=11953&q=363641&r=412871&pv=1&pref3=oneidEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbkoneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_pre=CL7XrenErIMDFXQKVQgdKNAJGg;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 327

https://www.awin1.com/cshow.php?s=2389702&v=11953&q=363641&r=412871&pv=1&pref3=oneidEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbkoneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_pre=CM2IrunErIMDFUmZ_QcdqZ0B_g;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 337

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8oneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CL33punErIMDFV6DgwcdxqcIHg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8oneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8oneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703574302_17354ea1-a3bd-11ee-9488-2234841a3abe

351 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
held24.ch/ 124 KB
20 KB 2460ms
2340ms Document
text/html 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PHP/7.4.33 PleskLin
Resource Hash: 5328a0758b3ea3b95de403f4076bc30da4a810175522b10907f3b1e73f6e2a97

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

cache-control: no-store, no-cache, must-revalidate max-age=0, no-cache, s-maxage=10
content-encoding: gzip
content-length: 20053
content-type: text/html; charset=utf-8
date: Tue, 26 Dec 2023 07:05:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://held24.ch/wp-json/>; rel="https://api.w.org/", <https://held24.ch/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://held24.ch/>; rel=shortlink
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-mod-pagespeed: 1.14.36.1-0
x-powered-by: PHP/7.4.33 PleskLin

GET
H2 200 style.min.css
held24.ch/wp-includes/css/dist/block-library/ 107 KB
14 KB 49ms
46ms Stylesheet
text/css 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://held24.ch/wp-includes/css/dist/block-library/style.min.css?ver=f89740e42ad35afdd18be9772e76b61f

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 12 Nov 2023 14:04:36 GMT
server: nginx
x-original-content-length: 110035
etag: "1add3-609f50898be20"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 14345
expires: Tue, 26 Dec 2023 07:08:45 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
held24.ch/wp-includes/js/mediaelement/ 11 KB
3 KB 123ms
120ms Stylesheet
text/css 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://held24.ch/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Sep 2023 18:36:09 GMT
server: nginx
x-original-content-length: 11256
etag: "2bf8-604dd401491ca"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 2580
expires: Tue, 26 Dec 2023 07:08:45 GMT

GET
H2 200 wp-mediaelement.min.css
held24.ch/wp-includes/js/mediaelement/ 4 KB
1 KB 65ms
63ms Stylesheet
text/css 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://held24.ch/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=f89740e42ad35afdd18be9772e76b61f

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Sep 2023 18:36:09 GMT
server: nginx
x-original-content-length: 4186
etag: "105a-604dd401491ca"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 1150
expires: Tue, 26 Dec 2023 07:08:45 GMT

GET
H2 200 usp.css
held24.ch/wp-content/plugins/user-submitted-posts/resources/ 13 KB
3 KB 90ms
88ms Stylesheet
text/css 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://held24.ch/wp-content/plugins/user-submitted-posts/resources/usp.css?ver=20231102

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

f65f13d1b628aede91412c609036d4969892955c977e0bc8a066dad79fa0c141

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 03 Nov 2023 03:06:41 GMT
server: nginx
x-original-content-length: 13404
etag: "345c-60936cb23d226"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 2803
expires: Tue, 26 Dec 2023 07:08:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
2 KB 88ms
34ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300italic%2C400italic%2C700italic%2C400%2C300%2C700%7CRoboto%3A300%2C400%2C400i%2C500%2C700%7CTitillium+Web%3A400%2C600%2C700%2C300&subset=latin%2Clatin-ext

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15d39db75538fef846e94fc234b7a5fa5e5c635a6ba0cc6528a3f3007fa8cc22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 26 Dec 2023 05:43:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Dec 2023 07:05:00 GMT

GET
H2 200 font-awesome.min.css
held24.ch/wp-content/themes/news-portal/assets/library/font-awesome/css/ 30 KB
7 KB 84ms
82ms Stylesheet
text/css 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://held24.ch/wp-content/themes/news-portal/assets/library/font-awesome/css/font-awesome.min.css?ver=4.7.0

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Nov 2023 03:06:36 GMT
server: nginx
x-original-content-length: 31004
etag: "791c-6090e8f32619d"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 6934
expires: Tue, 26 Dec 2023 07:08:45 GMT

GET
H2 200 lightslider.min.css
held24.ch/wp-content/themes/news-portal/assets/library/lightslider/css/ 5 KB
2 KB 80ms
78ms Stylesheet
text/css 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://held24.ch/wp-content/themes/news-portal/assets/library/lightslider/css/lightslider.min.css?ver=1.1.6

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

5cf0d589127ea8b98dac129f74506b8a199d7b613cab0cf586ae95ee69428a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Nov 2023 03:06:36 GMT
server: nginx
x-original-content-length: 5536
etag: "15a0-6090e8f32907d"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 1374
expires: Tue, 26 Dec 2023 07:08:45 GMT

GET
H2 200 style.css
held24.ch/wp-content/themes/news-portal/ 61 KB
11 KB 110ms
109ms Stylesheet
text/css 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://held24.ch/wp-content/themes/news-portal/style.css?ver=1.3.8

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

b2ef0537cdf3bc830d32e94eea8aeb729859c83fdca8c4925f0d8a4c8a0b03a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Nov 2023 03:06:36 GMT
server: nginx
x-original-content-length: 62122
etag: "f2aa-6090e8f32bf5d"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 10883
expires: Tue, 26 Dec 2023 07:08:45 GMT

GET
H2 200 np-responsive.css
held24.ch/wp-content/themes/news-portal/assets/css/ 9 KB
2 KB 130ms
128ms Stylesheet
text/css 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://held24.ch/wp-content/themes/news-portal/assets/css/np-responsive.css?ver=1.3.8

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

068d730a228680f875cf30f88297ceb890a52ae37ecfcdcc67d2ccf3952ecff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Nov 2023 03:06:36 GMT
server: nginx
x-original-content-length: 9483
etag: "250b-6090e8f3251fd"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 1738
expires: Tue, 26 Dec 2023 07:08:45 GMT

GET
H2 200 chatbox.css
held24.ch/wp-content/plugins/aone-messaging/css/ 30 KB
5 KB 130ms
129ms Stylesheet
text/css 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://held24.ch/wp-content/plugins/aone-messaging/css/chatbox.css

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

b4cfa3299bd172bd3872533f109584f69126bcf952fea96f69b3a12fe3aaf64e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 22:08:13 GMT
server: nginx
x-original-content-length: 30671
etag: "77cf-60bca78851fff"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 5299
expires: Tue, 26 Dec 2023 07:08:45 GMT

GET
H2 200 uploadifive.css
held24.ch/wp-content/plugins/aone-messaging/lib/uploadifive/ 2 KB
957 B 110ms
109ms Stylesheet
text/css 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://held24.ch/wp-content/plugins/aone-messaging/lib/uploadifive/uploadifive.css

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

f1fe82579d8f1099fd843df64fb1e3cc94193fe7248511ca29d85677fc5ed90f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 22:08:13 GMT
server: nginx
x-original-content-length: 2219
etag: "8ab-60bca7886875f"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 663
expires: Tue, 26 Dec 2023 07:08:45 GMT

GET
H2 200 jquery.emoji.css
held24.ch/wp-content/plugins/aone-messaging/css/ 4 KB
1 KB 68ms
67ms Stylesheet
text/css 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://held24.ch/wp-content/plugins/aone-messaging/css/jquery.emoji.css

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

291517512623ed07cd4fc1c914576a0ae9442e3fba5e712919aff84ff2927176

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 22:08:13 GMT
server: nginx
x-original-content-length: 3678
etag: "e5e-60bca78854edf"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 840
expires: Tue, 26 Dec 2023 07:08:45 GMT

GET
H2 200 railscasts.css
held24.ch/wp-content/plugins/aone-messaging/css/ 2 KB
822 B 73ms
72ms Stylesheet
text/css 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL

https://held24.ch/wp-content/plugins/aone-messaging/css/railscasts.css

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

c56b3403a5ac4fe6af110d8844ac82fa94f855b6b085291b8afe08e8e5bb3324

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 22:08:13 GMT
server: nginx
x-original-content-length: 1635
etag: "663-60bca78854edf"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 528
expires: Tue, 26 Dec 2023 07:08:45 GMT

GET
H2 200 jquery.min.js,qver=3.7.1.pagespeed.jm.PoWN7KAtLT.js Show response
held24.ch/wp-includes/js/jquery/ 85 KB
30 KB 97ms
96ms Script
text/javascript 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://held24.ch/wp-includes/js/jquery/jquery.min.js,qver=3.7.1.pagespeed.jm.PoWN7KAtLT.js
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: fa6dbf56efed1b69b023b1601a9632014760997b1ac750af80088e8ca2fb5439

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
last-modified: Tue, 26 Dec 2023 07:03:47 GMT
server: nginx
x-original-content-length: 87553
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30277
expires: Wed, 25 Dec 2024 07:03:47 GMT

GET
H2 200 wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==3.4.1+wp-content,_plugins,_user-submitted-posts,_resources,_jquery.cookie.js,qver==20231102+wp-content,_plugins,_user-submitted-posts,_resources... Show response
held24.ch/ 58 KB
17 KB 79ms
78ms Script
application/javascript 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://held24.ch/wp-includes,_js,_jquery,_jquery-migrate.min.js,qver==3.4.1+wp-content,_plugins,_user-submitted-posts,_resources,_jquery.cookie.js,qver==20231102+wp-content,_plugins,_user-submitted-posts,_resources,_jquery.parsley.min.js,qver==20231102.pagespeed.jc.rcD9aUapfQ.js
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: d5e4dc4425331a2fac2ce6812d317c1aadabcfb510a50e1c80baa7e96f848b90

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
last-modified: Tue, 26 Dec 2023 07:03:47 GMT
server: nginx
x-original-content-length: 57990
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 17023
expires: Wed, 25 Dec 2024 07:03:47 GMT

GET
H2 200 jquery.usp.core.js,qver=20231102.pagespeed.jm.zr848TuZz5.js Show response
held24.ch/wp-content/plugins/user-submitted-posts/resources/ 6 KB
2 KB 108ms
108ms Script
text/javascript 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://held24.ch/wp-content/plugins/user-submitted-posts/resources/jquery.usp.core.js,qver=20231102.pagespeed.jm.zr848TuZz5.js
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 31d79447702bb609a219a0924247bab64f2ee02fdea19985f951775f18ac7573

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
last-modified: Tue, 26 Dec 2023 07:03:47 GMT
server: nginx
x-original-content-length: 7158
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1813
expires: Wed, 25 Dec 2024 07:03:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 96ms
39ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-196902677-3

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

080951f2334464958a0c2a8c84ead3d417f21af9d3c0c9bce7520b95c16da623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64898
x-xss-protection: 0
last-modified: Tue, 26 Dec 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Dec 2023 07:05:00 GMT

GET
H2 200 js,_jquery.mCustomScrollbar.min.js+lib,_uploadifive,_jquery.uploadifive.min.js+js,_jquery.emoji.min.js.pagespeed.jc.T4EmTVliPU.js Show response
held24.ch/wp-content/plugins/aone-messaging/ 60 KB
18 KB 114ms
113ms Script
application/javascript 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://held24.ch/wp-content/plugins/aone-messaging/js,_jquery.mCustomScrollbar.min.js+lib,_uploadifive,_jquery.uploadifive.min.js+js,_jquery.emoji.min.js.pagespeed.jc.T4EmTVliPU.js
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 419fc2d77e2ff149c939cd8059c6c26dec13adf55ed86cf1b1d96c35578c2400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
last-modified: Tue, 26 Dec 2023 07:03:47 GMT
server: nginx
x-original-content-length: 59432
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18224
expires: Wed, 25 Dec 2024 07:03:47 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 129ms
72ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4525684120003226&host=ca-host-pub-2644536267352236

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f5719420315156e616fcc0eae83f3a9493a5c7fe355c15002bd9aeec039bfa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://held24.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51279
x-xss-protection: 0
server: cafe
etag: 4468379739830396106
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 26 Dec 2023 07:05:00 GMT

GET
BLOB 200
OK 80d9dcc8-3a99-43b6-9f87-5f8d5996115d
https://held24.ch/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://held24.ch/80d9dcc8-3a99-43b6-9f87-5f8d5996115d
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 cropped-held.jpg
held24.ch/wp-content/uploads/2023/01/ 5 KB
5 KB 98ms
97ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://held24.ch/wp-content/uploads/2023/01/cropped-held.jpg

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

b947d7034e1ed3b674b4bf27cc37fc77a2dd19192b576a849b647cdeb43f851e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 Sep 2023 18:36:04 GMT
server: nginx
etag: "1439-604dd3fc4107e"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 5177
expires: Tue, 26 Dec 2023 07:08:45 GMT

GET
H2 200 banner-768x166.jpg
held24.ch/wp-content/uploads/2023/09/ 26 KB
26 KB 107ms
106ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://held24.ch/wp-content/uploads/2023/09/banner-768x166.jpg

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

e01a51e4d911428e3d37cf80e0c53c895aeaf53b74a327f7cc2615223565749c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 09 Sep 2023 21:11:00 GMT
server: nginx
etag: "6872-604f387b9b194"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 26738
expires: Tue, 26 Dec 2023 07:08:45 GMT

GET
H2 200 moderne-helle-wohnung-moenchengladbach-ohler-sonnenbalkon-einzelgarage-carport-keller-in-moenchengladbach.jpeg
held24.ch/wp-content/uploads/2023/12/ 19 KB
19 KB 86ms
85ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://held24.ch/wp-content/uploads/2023/12/moderne-helle-wohnung-moenchengladbach-ohler-sonnenbalkon-einzelgarage-carport-keller-in-moenchengladbach.jpeg

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

597eaccbdd58fb88b44c384555bff097c57071730baf3c1136e89202b28d8dd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Dec 2023 16:17:23 GMT
server: nginx
etag: "4b23-60d57e6ab889c"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 19235
expires: Tue, 26 Dec 2023 07:10:00 GMT

GET
H2 200 zuverlaessige-r-und-genuegsame-r-mieter-in-gesucht-in-oberweser-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 3 KB
3 KB 39ms
39ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://held24.ch/wp-content/uploads/2023/12/zuverlaessige-r-und-genuegsame-r-mieter-in-gesucht-in-oberweser-136x102.jpeg

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

01d4ecf94464857d66d8cbc33cbde19c95ad6a712caf583b131a046535b11c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Dec 2023 16:17:30 GMT
server: nginx
etag: "a05-60d57e71955e3"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 2565
expires: Tue, 26 Dec 2023 07:10:00 GMT

GET
H2 200 mitbewohnerin-gesucht-in-berlin-neukoelln-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 3 KB
3 KB 38ms
38ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://held24.ch/wp-content/uploads/2023/12/mitbewohnerin-gesucht-in-berlin-neukoelln-136x102.jpeg

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

50d6bd49dedfc7a641677101843f62872fe8f90175d962867c282cca26f166d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Dec 2023 16:17:33 GMT
server: nginx
etag: "a9f-60d57e7420bb9"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 2719
expires: Tue, 26 Dec 2023 07:10:00 GMT

GET
H2 200 einfamilienhaus-mit-einliegerwohnung-in-thuengersheim-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 3 KB
3 KB 72ms
67ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://held24.ch/wp-content/uploads/2023/12/einfamilienhaus-mit-einliegerwohnung-in-thuengersheim-136x102.jpeg

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

002ef7b4a29a3f983551e8b073d8ec4d2c265f84fb5ea7b45e1e40ed04e58f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Dec 2023 16:17:38 GMT
server: nginx
etag: "bc8-60d57e7883c69"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 3016
expires: Tue, 26 Dec 2023 07:10:00 GMT

GET
H2 200 wohngemeinschaft-zimmer-in-koeln-bickendorf-stressfrei-zu-vermieten-an-sie-in-koeln-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 2 KB
3 KB 116ms
112ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/wohngemeinschaft-zimmer-in-koeln-bickendorf-stressfrei-zu-vermieten-an-sie-in-koeln-136x102.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 9205eb0db5e48f4105622db6139619b98b447f444b6e8c548e4e56aafd2b9aaa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:17:40 GMT
server: nginx
etag: "9ec-60d57e7aae761"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 2540

GET
H2 200 suche-mini-nebenjob-in-muenchen.jpeg
held24.ch/wp-content/uploads/2023/12/ 21 KB
21 KB 207ms
203ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://held24.ch/wp-content/uploads/2023/12/suche-mini-nebenjob-in-muenchen.jpeg

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

1400303e5121c39a70117fa5fe06f89d134cb9f987a18c23f5ebce06e0f40e65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Dec 2023 16:19:27 GMT
server: nginx
etag: "54b6-60d57ee12bac1"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 21686
expires: Tue, 26 Dec 2023 07:10:00 GMT

GET
H2 200 bueroassistenz-mit-it-affinitaet-sucht-in-bielefeld-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 3 KB
3 KB 242ms
238ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/bueroassistenz-mit-it-affinitaet-sucht-in-bielefeld-136x102.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 002ef7b4a29a3f983551e8b073d8ec4d2c265f84fb5ea7b45e1e40ed04e58f44

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:19:30 GMT
server: nginx
etag: "bc8-60d57ee3f29b7"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 3016

GET
H2 200 steuerfachangestellter-mit-juristischem-background-in-berlin-friedrichshain-kreuzberg-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 2 KB
2 KB 165ms
161ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/steuerfachangestellter-mit-juristischem-background-in-berlin-friedrichshain-kreuzberg-136x102.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 395ad641638f39d9905f7b21f2d151bb987809302244b5219ab1fffe51180aba

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:19:34 GMT
server: nginx
etag: "650-60d57ee7e9408"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 1616

GET
H2 200 stellengesuch-in-altdorf-nuernberg-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 3 KB
3 KB 115ms
111ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/stellengesuch-in-altdorf-nuernberg-136x102.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: af53c5f5187e75a414a988d2da582ee0640b6a89a974e85d8389257d9198bdcf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:19:41 GMT
server: nginx
etag: "ce3-60d57eee5ba30"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 3299

GET
H2 200 tamm-gmbh-co-kg-in-essen-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 3 KB
3 KB 145ms
142ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/tamm-gmbh-co-kg-in-essen-136x102.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: b7a0960dbb83d463418017ff78f73277cf5b1fc98e962e8926451068227fcea5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:19:45 GMT
server: nginx
etag: "a24-60d57ef1bbe43"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 2596

GET
H2 200 offener-mann-sucht-job-raum-eu-ac-bn-in-euskirchen-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 3 KB
4 KB 231ms
227ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/offener-mann-sucht-job-raum-eu-ac-bn-in-euskirchen-136x102.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 2c17d41ec4703caecc59dd5ea1eb0cc741cd430d86e7b17a132238981afd23d7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:19:48 GMT
server: nginx
etag: "d88-60d57ef47eeb9"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 3464

GET
H2 200 mercedes-benz-w123-in-boppard.jpeg
held24.ch/wp-content/uploads/2023/12/ 26 KB
26 KB 75ms
72ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/mercedes-benz-w123-in-boppard.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 6e87397773b5cd8972e246dd9e598091959bf20fcf46ae722b85dc7ae8edf3e7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:22:00 GMT
server: nginx
etag: "6906-60d57f72fe980"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 26886

GET
H2 200 fiat-panda-zu-verkaufen-tuev-neu-mit-winterreifen-von-falken-4-tuerer-in-schleiden-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 3 KB
3 KB 247ms
243ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/fiat-panda-zu-verkaufen-tuev-neu-mit-winterreifen-von-falken-4-tuerer-in-schleiden-136x102.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: d4097394a0f80464feb5d850c78e3ae9469e61e3306230a655bd4e0e1e8fc009

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:22:03 GMT
server: nginx
etag: "a5e-60d57f758ed77"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 2654

GET
H2 200 smart-fortwo-last-edition-leder-automatic-unfallfrei-neuwertig-garantie-in-treuenbrietzen-zentrum-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 3 KB
3 KB 218ms
215ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/smart-fortwo-last-edition-leder-automatic-unfallfrei-neuwertig-garantie-in-treuenbrietzen-zentrum-136x102.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 438ec5bb1e20ed26b69f5a15905af976f3b9415b995978358e45cef6bb4bb058

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:22:05 GMT
server: nginx
etag: "c66-60d57f776d5b0"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 3174

GET
H2 200 peugeot-206-1-4-benzin-in-heilsbronn-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 3 KB
3 KB 117ms
114ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/peugeot-206-1-4-benzin-in-heilsbronn-136x102.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: fef172aa11731a106c312e669f85891af331b49a59c4a42798b460705ba10aea

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:22:07 GMT
server: nginx
etag: "a82-60d57f79c5f07"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 2690

GET
H2 200 vw-new-beetle-cabrio-in-selm-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 3 KB
3 KB 118ms
115ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/vw-new-beetle-cabrio-in-selm-136x102.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: a93e10c4768666d63e75d5ba14657b746921a22c4bedd18111c2ac2383e8e2e9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:22:10 GMT
server: nginx
etag: "af9-60d57f7c0cf1e"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 2809

GET
H2 200 fiat-punto-schwarz-in-neusaess-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 3 KB
3 KB 93ms
90ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/fiat-punto-schwarz-in-neusaess-136x102.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 367cb6c696672368fa3fc69032564e0268524d0db61476f97643071d4ebbbc04

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:22:12 GMT
server: nginx
etag: "bb7-60d57f7e5cbd6"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 2999

GET
H2 200 montageteam-messebau-ladenbau-in-potsdam.jpeg
held24.ch/wp-content/uploads/2023/12/ 26 KB
26 KB 119ms
116ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/montageteam-messebau-ladenbau-in-potsdam.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 7ce387849b027ffe085479dabcef0eb5a4a467496e32b404b69a4175d83d5a26

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:23:36 GMT
server: nginx
etag: "67fb-60d57fce42c4b"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 26619

GET
H2 200 hawaiianische-massage-lomi-lomi-in-paderborn-136x102.jpeg
held24.ch/wp-content/uploads/2023/10/ 2 KB
3 KB 73ms
70ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/10/hawaiianische-massage-lomi-lomi-in-paderborn-136x102.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 014e0e2eddb09f4c9fea4a3bb8a7fdd66ba6165b5e9153e64e187f8bd2b77f8c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Tue, 10 Oct 2023 16:17:28 GMT
server: nginx
etag: "979-6075f0b0a84bb"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 2425

GET
H2 200 wunderschoene-bkh-kitten-britisch-langhaar-kurzhaar-katzen-in-fulda.jpeg
held24.ch/wp-content/uploads/2023/11/ 14 KB
15 KB 112ms
109ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/11/wunderschoene-bkh-kitten-britisch-langhaar-kurzhaar-katzen-in-fulda.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 85bc3c92e747827208646cc3f307a87f0fe08cdde19402c2f80b85d842955eb5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 27 Nov 2023 14:22:29 GMT
server: nginx
etag: "39c3-60b230832f254"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 14787

GET
H2 200 welche-dame-besucht-mich-fuer-ein-tg-in-agathenburg-340x316.jpeg
held24.ch/wp-content/uploads/2023/12/ 4 KB
5 KB 125ms
122ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/welche-dame-besucht-mich-fuer-ein-tg-in-agathenburg-340x316.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 3c38dcab2b3dc7725bee4c3c6d8bac07bcbd94c980f0affb82a5999ddf793ed9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:11:11 GMT
server: nginx
etag: "11a6-60d57d07eac91"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 4518

GET
H2 200 golden-shower-in-augsburg-340x316.jpeg
held24.ch/wp-content/uploads/2023/12/ 26 KB
26 KB 94ms
92ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/golden-shower-in-augsburg-340x316.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 1c17853a24a2838943d26f2cd8aa51d31ecb366238937813802f57e477dd005c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:11:15 GMT
server: nginx
etag: "6879-60d57d0bf3022"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 26745

GET
H2 200 master-suchte-devote-sie-in-stade-hansestadt-340x316.jpeg
held24.ch/wp-content/uploads/2023/12/ 13 KB
13 KB 166ms
163ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/master-suchte-devote-sie-in-stade-hansestadt-340x316.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: b1a77564cec4d7dd5ff14dff5579a260908e3a8ea9dc7e8f757bc86b7c88a216

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:11:19 GMT
server: nginx
etag: "33ea-60d57d0f4d675"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 13290

GET
H2 200 para.jpg
held24.ch/wp-content/uploads/2023/09/ 54 KB
54 KB 231ms
229ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/09/para.jpg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: bd031d768f7c1d2e9829b60d82ae388d1cf562611976c1f9d2dc69c61fe93b00

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Sat, 09 Sep 2023 21:09:59 GMT
server: nginx
etag: "d64f-604f3840ad36f"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 54863

GET
H2 200 lego-herr-der-ringe-9471-in-kassel-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 2 KB
3 KB 167ms
165ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://held24.ch/wp-content/uploads/2023/12/lego-herr-der-ringe-9471-in-kassel-136x102.jpeg

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

235f05f73222554d536281f75fe9179d4c1aaaacebcf46d7a2c7bec90e4fcf9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Dec 2023 16:20:52 GMT
server: nginx
etag: "9b7-60d57f32212f3"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 2487
expires: Tue, 26 Dec 2023 07:08:45 GMT

GET
H2 200 eichenbar-mit-3-hockern-in-kaiserslautern-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 4 KB
4 KB 141ms
139ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/eichenbar-mit-3-hockern-in-kaiserslautern-136x102.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 1fb7258dbd3ec61d75e6662c640f7975166e3c5d285a0ed5a46695e8a8eb7da5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:20:55 GMT
server: nginx
etag: "f27-60d57f3472eea"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 3879

GET
H2 200 leoparden-geckos-komplett-set-in-muenchen-pasing-obermenzing-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 2 KB
3 KB 133ms
131ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/leoparden-geckos-komplett-set-in-muenchen-pasing-obermenzing-136x102.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 0890f8b51f425eb893b1b2cbc3a8759e58d6e2b4c890906df38ed5195789194c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:20:57 GMT
server: nginx
etag: "9a2-60d57f36b7fc1"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 2466

GET
H2 200 tisch-stuehle-set-guenstig-abzugeben-in-oldenburg-136x102.jpeg
held24.ch/wp-content/uploads/2023/12/ 3 KB
3 KB 134ms
132ms Image
image/jpeg 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://held24.ch/wp-content/uploads/2023/12/tisch-stuehle-set-guenstig-abzugeben-in-oldenburg-136x102.jpeg
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: c777c31531c1ca8f8600c8946ff1305c28cf309a50b45ca86b664e3ddb80585e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Mon, 25 Dec 2023 16:21:00 GMT
server: nginx
etag: "d09-60d57f3928fb8"
x-powered-by: PleskLin
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 3337

GET
H2 200 bootstrapValidator.js.pagespeed.jm.8jD9tsruwH.js Show response
held24.ch/wp-content/plugins/aone-sms//js/ 133 KB
29 KB 193ms
188ms Script
text/javascript 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://held24.ch/wp-content/plugins/aone-sms//js/bootstrapValidator.js.pagespeed.jm.8jD9tsruwH.js
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: d4cfbfae77f927305dec8a698d1987780f4540c417a26641ad66b02d7149cc06

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
last-modified: Tue, 26 Dec 2023 07:03:47 GMT
server: nginx
x-original-content-length: 325844
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 29012
expires: Wed, 25 Dec 2024 07:03:47 GMT

GET
H2 200 wp-content,_themes,_news-portal,_assets,_js,_navigation.js,qver==1.3.8+wp-content,_themes,_news-portal,_assets,_library,_sticky,_jquery.sticky.js,qver==20150416+wp-content,_themes,_news-portal,_ass... Show response
held24.ch/ 57 KB
18 KB 106ms
101ms Script
application/javascript 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://held24.ch/wp-content,_themes,_news-portal,_assets,_js,_navigation.js,qver==1.3.8+wp-content,_themes,_news-portal,_assets,_library,_sticky,_jquery.sticky.js,qver==20150416+wp-content,_themes,_news-portal,_assets,_js,_skip-link-focus-fix.js,qver==1.3.8+wp-content,_themes,_news-portal,_assets,_library,_lightslider,_js,_lightslider.min.js,qver==1.1.6+wp-includes,_js,_jquery,_ui,_core.min.js,qver==1.13.2+wp-includes,_js,_jquery,_ui,_tabs.min.js,qver==1.13.2+wp-content,_themes,_news-portal,_assets,_library,_sticky,_theia-sticky-sidebar.min.js,qver==1.7.0.pagespeed.jc._ZowxDwEd9.js
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 9cf195414bc2eadbdae3d8d80b4ac8ae415d12086b4a6b9456548447ac23b17e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
last-modified: Tue, 26 Dec 2023 07:03:47 GMT
server: nginx
x-original-content-length: 66020
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 17766
expires: Wed, 25 Dec 2024 07:03:47 GMT

GET
H2 200 np-custom-scripts.js,qver=1.3.8.pagespeed.jm.GuXZpvWp3q.js Show response
held24.ch/wp-content/themes/news-portal/assets/js/ 4 KB
2 KB 145ms
141ms Script
text/javascript 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://held24.ch/wp-content/themes/news-portal/assets/js/np-custom-scripts.js,qver=1.3.8.pagespeed.jm.GuXZpvWp3q.js
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 923c49455918cd3d4e0d69b7431dd8a1aec94ddc2dcb2a688884450b76f3af09

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
last-modified: Tue, 26 Dec 2023 07:03:47 GMT
server: nginx
x-original-content-length: 7465
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1444
expires: Wed, 25 Dec 2024 07:03:47 GMT

GET
H2 200 e-202352.js Show response
stats.wp.com/ 7 KB
3 KB 64ms
18ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202352.js
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1695421998473.3982
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Wed, 25 Dec 2024 04:07:10 GMT

GET
H2 200 otpsignup.js.pagespeed.jm.JTIaPAIMsx.js Show response
held24.ch/wp-content/plugins/aone-sms//js/ 13 KB
2 KB 119ms
114ms Script
text/javascript 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://held24.ch/wp-content/plugins/aone-sms//js/otpsignup.js.pagespeed.jm.JTIaPAIMsx.js
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: e2c0665fa20a2ffced66b11f09e48ca31399319a6858792841cae58b4295e2dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
last-modified: Tue, 26 Dec 2023 07:03:47 GMT
server: nginx
x-original-content-length: 17246
etag: W/"0"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1760
expires: Wed, 25 Dec 2024 07:03:47 GMT

GET
H2 200 jquery.mousewheel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/ 3 KB
2 KB 66ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js

Requested by

Host: held24.ch
URL: https://held24.ch/wp-includes/js/jquery/jquery.min.js,qver=3.7.1.pagespeed.jm.PoWN7KAtLT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2266583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1046
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-ad3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2BlWb0uEeI9YrUgjrZ8ixEPQke%2FzGXpS8hTBr%2Fw92rq%2BroQDzDT80ZtyyWErfoMrcsTOMStLZ7NKmVWQQ3foPIQe5c3y6%2BjtCjPL7CdwatF41d%2FCfZ%2Brdq%2BxfxahW9adlFHXq%2BmeheYU3vxQ5PpNZr5C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83b77912efec2c5d-FRA
expires: Sun, 15 Dec 2024 07:05:00 GMT

GET
H2 200 menu-shadow.png
held24.ch/wp-content/themes/news-portal/assets/images/ 7 KB
7 KB 111ms
111ms Image
image/png 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://held24.ch/wp-content/themes/news-portal/assets/images/menu-shadow.png

Requested by

Host: held24.ch
URL: https://held24.ch/wp-content/themes/news-portal/style.css?ver=1.3.8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

vmi525362.contaboserver.net

Software

nginx / PleskLin

Resource Hash

f97f50780895cb200405df8c7bd49cf19ff8b443e2273064aeb1608b55b43e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 01 Nov 2023 03:06:36 GMT
server: nginx
etag: "1b0d-6090e8f32619d"
x-powered-by: PleskLin
content-type: image/png
cache-control: max-age=300, s-maxage=10
accept-ranges: bytes
content-length: 6925
expires: Tue, 26 Dec 2023 07:07:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 83ms
29ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A300italic%2C400italic%2C700italic%2C400%2C300%2C700%7CRoboto%3A300%2C400%2C400i%2C500%2C700%7CTitillium+Web%3A400%2C600%2C700%2C300&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://held24.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 17:28:03 GMT
x-content-type-options: nosniff
age: 49017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Dec 2024 17:28:03 GMT

GET
H2 200 fontawesome-webfont.woff2
held24.ch/wp-content/themes/news-portal/assets/library/font-awesome/fonts/ 75 KB
76 KB 149ms
148ms Font
font/woff2 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://held24.ch/wp-content/themes/news-portal/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: held24.ch
URL: https://held24.ch/wp-content/themes/news-portal/assets/library/font-awesome/css/font-awesome.min.css?ver=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.google.com/
Origin: https://held24.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
last-modified: Wed, 01 Nov 2023 03:06:36 GMT
server: nginx
etag: "12d68-6090e8f32907d"
x-powered-by: PleskLin
content-type: font/woff2
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 77160

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 76ms
23ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://held24.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:53:59 GMT
x-content-type-options: nosniff
age: 598261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:53:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 102ms
49ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://held24.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:10:14 GMT
x-content-type-options: nosniff
age: 597286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:10:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 78ms
24ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-196902677-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Dec 2023 05:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6155
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 26 Dec 2023 07:22:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
76 KB 42ms
42ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-552WCQ8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-196902677-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb1888bd025791c9b4ffcfdf60d55dbfa3652698697f939e9fb3a1010ea47ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77299
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Dec 2023 07:05:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 146ms
97ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4525684120003226&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0be3ae4135141dc59b1c92061820d114988fd3705b4df22b81ee363a265c40aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137931
x-xss-protection: 0
server: cafe
etag: 7851410836007187946
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 07:05:00 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 6EB8 9 KB
4 KB 81ms
23ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4525684120003226&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://held24.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

age: 62122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Mon, 08 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 28ms
18ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=194455107&post=5&tz=2&srv=held24.ch&j=1%3A12.9.3&host=held24.ch&ref=&fcp=2656&rand=0.9567454252350487
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 26 Dec 2023 07:05:00 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 wp-emoji-release.min.js Show response
held24.ch/wp-includes/js/ 18 KB
5 KB 74ms
74ms Script
text/javascript 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://held24.ch/wp-includes/js/wp-emoji-release.min.js?ver=f89740e42ad35afdd18be9772e76b61f
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:00 GMT
content-encoding: gzip
last-modified: Fri, 08 Sep 2023 18:36:09 GMT
server: nginx
etag: "4904-604dd40152e0a-gzip"
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/javascript
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 5039

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 86ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JNW7GGM0LX&gtm=45Pe3bt0v9104391736&_p=1703574300572&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=488114919.1703574301&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703574300&sct=1&seg=0&dl=https%3A%2F%2Fheld24.ch%2F&dt=Held24&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2898
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-552WCQ8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://held24.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 31ms
30ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1991567452&t=pageview&_s=1&dl=https%3A%2F%2Fheld24.ch%2F&ul=en-us&de=UTF-8&dt=Held24&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=1013523230&gjid=444047009&cid=488114919.1703574301&tid=UA-196902677-3&_gid=1162492497.1703574301&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1036760529

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://held24.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1f600.svg
s.w.org/images/core/emoji/14.0.0/svg/ 450 B
761 B 70ms
19ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f600.svg

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

41478e547c5b6ad66bfcf91ead5350fa0bc247956c3ff912020327e3e9ad0d2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 26 Dec 2023 07:05:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 450
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 678B 239 KB
64 KB 333ms
333ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&adk=1812271804&adf=3025194257&lmt=1703574301&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574300764&bpp=2&bdt=335&idt=301&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1544876262172&frm=20&pv=2&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=322

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a8c598a7f274fe47d24861dcab1e7b1054a890f51b5ec612cd86413fa813129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://held24.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 65543
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:01 GMT
expires: Tue, 26 Dec 2023 07:05:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 118ms
118ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc2ab2774f0572fdc80c8cea27095c4b249ba628ae83ec41300b482fb4fe17e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56010
x-xss-protection: 0
server: cafe
etag: 3995871780833024925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 07:05:01 GMT

GET
H2 200 ca-pub-4525684120003226 Show response
fundingchoicesmessages.google.com/i/ 23 KB
10 KB 106ms
53ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4525684120003226?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ac9caa59450894552d35ffc309351ea38abd142a933c4eef84850bb81af140b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-wdg8VreWKIm_JpkC76y_PQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:01 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-wdg8VreWKIm_JpkC76y_PQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44808454&hl=de&pvc=2048463497000382

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
498 B 37ms
36ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b4993341938410743791ff9af6016389543dcc9daedfdc8d23dfcfc1cc41859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 26 Dec 2023 07:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 26 Dec 2023 07:05:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Dec 2023 07:05:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
731 B 33ms
33ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500%2C700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0de0a1e343c53355f109cdfefb4e4cab0609f38cf0c387c7914ec1a22ae2fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 26 Dec 2023 07:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 26 Dec 2023 05:29:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Dec 2023 07:05:01 GMT

GET
H2 200 css2
fonts.googleapis.com/ 591 B
486 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Google+Symbols:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69a80c644be546f4d35fa8ce6923116693e712f6a6f4e0f216f602e85dbbdf85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 26 Dec 2023 07:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 26 Dec 2023 07:05:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Dec 2023 07:05:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
731 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500,700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0de0a1e343c53355f109cdfefb4e4cab0609f38cf0c387c7914ec1a22ae2fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 26 Dec 2023 07:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 26 Dec 2023 05:52:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 26 Dec 2023 07:05:01 GMT

GET
H2 200 HhzZU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1d8Yp7AudBnt3CPar1JFWjoLAUv3G-tSXmA.woff2
fonts.gstatic.com/s/googlesymbols/v242/ 669 KB
669 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesymbols/v242/HhzZU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1d8Yp7AudBnt3CPar1JFWjoLAUv3G-tSXmA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8b236d10c0e2ed290e99d6bed2185dcc8f53ae6a6394b0a0409e7077d42afce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://held24.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 21:43:24 GMT
x-content-type-options: nosniff
age: 379297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 685024
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 01:51:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 21:43:24 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3660 47 KB
17 KB 302ms
302ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=1403818051&adf=3784560394&pi=t.aa~a.508635323~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=363x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=75

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb70d3e85dd6dcb38e197792d2fd12c7e2458516bff30410e0672c3097695f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://held24.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17362
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:01 GMT
expires: Tue, 26 Dec 2023 07:05:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1C5C 48 KB
17 KB 282ms
282ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=3303847354&adf=1582290432&pi=t.aa~a.1227727605~rp.4&w=376&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=376x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280&nras=3&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e5051bc73f1ef348b99a85bb8648f9bbab671eafba784470d8f4fd2d268bbf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://held24.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17331
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:01 GMT
expires: Tue, 26 Dec 2023 07:05:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 142C 47 KB
17 KB 309ms
309ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=280808517&adf=501350246&pi=t.aa~a.3437311115~rp.3&w=384&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=384x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1088&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280%2C376x280&nras=4&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=615&ady=1664&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=111

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

001a2258543cdfb1a64870e366d0d343197d7d326351bcb87a046fc0ac3bbd58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://held24.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17405
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:01 GMT
expires: Tue, 26 Dec 2023 07:05:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 411C 714 B
382 B 109ms
109ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=250&adk=1035717735&adf=2321017761&pi=t.aa~a.374586502~rp.2&w=321&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=321x250&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1088&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280%2C376x280%2C384x280&nras=5&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1043&ady=1999&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=114

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e8fa76948cd97127badfe945a1d20bb7fbd84cff7a47ff45f199ea917b1d697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://held24.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:01 GMT
expires: Tue, 26 Dec 2023 07:05:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C903 47 KB
17 KB 293ms
293ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=2492854786&adf=113491572&pi=t.aa~a.4074808907~rp.1&w=376&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=376x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280%2C376x280%2C384x280%2C321x250&nras=6&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=117

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5a112cb60cdb6cc6c169ec10c012ca87084dab7c1f742effda95ab780c3b3d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://held24.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17297
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:01 GMT
expires: Tue, 26 Dec 2023 07:05:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 255F 714 B
382 B 234ms
233ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=200&adk=3264140195&adf=696333606&pi=t.aa~a.3174712542~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=363x200&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1088&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280%2C376x280%2C384x280%2C321x250%2C376x280&nras=7&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=2585&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=6&fsb=1&dtd=119

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6579024f213909db812a013dcea4dc6ee10f50bcab9a06f0dea3bae30ce367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://held24.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:01 GMT
expires: Tue, 26 Dec 2023 07:05:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 627B 9 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://held24.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

age: 10074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Tue, 09 Jan 2024 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 3202 9 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://held24.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

age: 10074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Tue, 09 Jan 2024 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 05FB 9 KB
4 KB 23ms
23ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://held24.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

age: 10074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Tue, 09 Jan 2024 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 19B4 478 B
199 B 63ms
62ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIHh1PsBMAE&v=APEucNVn75_xxn7qxFUoU1afowM-wttb2KHdhg7wbD-UlmwdRxMWwj3fQSMdbvIV3VkS6rR6p1F7eGAmputGo0xXfTYwH9jhgw

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:01 GMT
expires: Tue, 26 Dec 2023 07:05:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9982 89 KB
31 KB 142ms
141ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 07:05:01 GMT

GET
H2 200 trace.js Show response
t.mindtake.com/tag/cid/5531K7/ Frame 9982 1 B
382 B 194ms
50ms Script
text/html 52.50.148.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.mindtake.com/tag/cid/5531K7/trace.js?gdpr=&gdpr_consent=&DMP=10099&BannerFormat=160x600&BannerSujetName=banner_160x600_family-holiday_at-de-ch_pauli-immer-da_umarmung&Misc1=image-familie&Misc2=impressions&CAttrib1=https://held24.ch/&uid=1703574301112686
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.148.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-148-141.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: text/html
access-control-max-age: 0
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Access-Control-Allow-Origin, X-HTTP-Method-Override, Content-Type, Authorization, Accept

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9982 3 KB
1 KB 117ms
49ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:41:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9982 20 KB
8 KB 93ms
26ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9982 203 KB
65 KB 83ms
32ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 07:05:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9982 42 B
63 B 58ms
57ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BsA-B8fVAFUUuOujucgVpWvoynmLFEBxewi1ct0Srrw-rdwzq2OE18YC0BGtGSLT0k5OiBuTRP9JtelTWlQnEWtTZdzdK1QB022coRe30Q5HpX4b4

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A502 478 B
199 B 62ms
61ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIHh1PsBMAE&v=APEucNVb28v9NMdGhlV3HhkW-BCrhCz15daJzMmaqOBu-3oiI6ftrik7shjt6aS-QpRAMJq5z8E4mB4kmoGTCCTUM2Zy7W-JAw

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:01 GMT
expires: Tue, 26 Dec 2023 07:05:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 83E6 89 KB
31 KB 135ms
134ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 26 Dec 2023 07:05:01 GMT

GET
H2 200 trace.js Show response
t.mindtake.com/tag/cid/5531K7/ Frame 83E6 1 B
381 B 184ms
50ms Script
text/html 52.50.148.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.mindtake.com/tag/cid/5531K7/trace.js?gdpr=&gdpr_consent=&DMP=10099&BannerFormat=160x600&BannerSujetName=banner_160x600_family-holiday_at-de-ch_pauli-immer-da_umarmung&Misc1=image-familie&Misc2=impressions&CAttrib1=https://held24.ch/&uid=1703574301112687
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.148.141 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-148-141.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, GET, PUT, DELETE, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
content-type: text/html
access-control-max-age: 0
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Access-Control-Allow-Origin, X-HTTP-Method-Override, Content-Type, Authorization, Accept

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 83E6 3 KB
1 KB 105ms
48ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:41:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 83E6 20 KB
9 KB 79ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83E6 203 KB
64 KB 120ms
80ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 07:05:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 83E6 42 B
63 B 58ms
57ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BmizORSgjhGcAZeGbVuwSHjc2Gx2R5sJDbUqLRUSd60DL6W9F6SoAbIeVdw0MjrhCPldIey4sz21En4XHSlozUqhsAWg5pcIJljUTNSb5MoGCEcWY

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 273F 478 B
195 B 62ms
61ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhiXoL_lATAB&v=APEucNWYfAlq1-5tCLgn3d26tSbDv071a6IjtwZj1qA17_Y-42pwgkxRkrNs136OJ2XDNSd-i5nOG6MOClq1tTOLseVtUp9ZVw

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame B50E 172 KB
61 KB 77ms
23ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26157
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Dec 2023 23:49:04 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame B50E 7 KB
3 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:59:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 08:59:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame B50E 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 00:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 00:43:32 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B50E 41 KB
14 KB 62ms
50ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 305993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 18:05:08 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B50E 3 KB
1 KB 61ms
50ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:41:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B50E 20 KB
8 KB 42ms
30ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B50E 203 KB
64 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 07:05:01 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B50E 42 B
63 B 57ms
57ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BT9ki4nucFQ0Fe0Nqv3yUU8_foPofM2zjD1AF6Hiqjqt_Ss4rbKymmeSIsXMjTdQNzwH-XOaqpeAQv9St3XCPljmsk0t5442S8B1PCD0qWeX69u5w

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 19B4 170 B
243 B 105ms
32ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIHh1PsBMAE&v=APEucNVn75_xxn7qxFUoU1afowM-wttb2KHdhg7wbD-UlmwdRxMWwj3fQSMdbvIV3VkS6rR6p1F7eGAmputGo0xXfTYwH9jhgw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 19B4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECJ5aFPjSgc6hBu0n8iLmX0&google_cver=1

43 B
734 B

45ms
44ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECJ5aFPjSgc6hBu0n8iLmX0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIHh1PsBMAE&v=APEucNVn75_xxn7qxFUoU1afowM-wttb2KHdhg7wbD-UlmwdRxMWwj3fQSMdbvIV3VkS6rR6p1F7eGAmputGo0xXfTYwH9jhgw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDk69Jcj03KgQNoFMQwKMKk%2F%2Fka6vQfQVb76cjMQX9qzDMymy4oD6ieGj9HBzzK%2F1td0nOGIsVf8CuBE00i07ce403USR%2FynzEFnAY0Tjf6WyN88MB%2BgA9wej0DGQCSM42AYvRAXtFVzig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b7791aea7165d0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECJ5aFPjSgc6hBu0n8iLmX0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 19B4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYp7HWnFd23V9YzuJlda9gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyk9zARXAl8F8Ci9ZAFpdg&google_cver=1

43 B
737 B

36ms
35ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyk9zARXAl8F8Ci9ZAFpdg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIHh1PsBMAE&v=APEucNVn75_xxn7qxFUoU1afowM-wttb2KHdhg7wbD-UlmwdRxMWwj3fQSMdbvIV3VkS6rR6p1F7eGAmputGo0xXfTYwH9jhgw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FaJzsQTctgXKvdliHjgd856iDarvoyxhd0dB%2Bf6O4C84DgtvKqy1sCFI7EVZ9KfcGU5WDD7m2CKkdrAmLnR1tDiw%2F%2BB9pMyHVKY6V%2BrpgfHSrZwPpk%2Fyxowxnx3bgrifs7VCB7aIMk%2FvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b7791b4acd65d0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyk9zARXAl8F8Ci9ZAFpdg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame A502 170 B
232 B 104ms
33ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIHh1PsBMAE&v=APEucNVb28v9NMdGhlV3HhkW-BCrhCz15daJzMmaqOBu-3oiI6ftrik7shjt6aS-QpRAMJq5z8E4mB4kmoGTCCTUM2Zy7W-JAw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A502
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECJ5aFPjSgc6hBu0n8iLmX0&google_cver=1

43 B
738 B

39ms
39ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECJ5aFPjSgc6hBu0n8iLmX0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIHh1PsBMAE&v=APEucNVb28v9NMdGhlV3HhkW-BCrhCz15daJzMmaqOBu-3oiI6ftrik7shjt6aS-QpRAMJq5z8E4mB4kmoGTCCTUM2Zy7W-JAw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgR3%2BtEwHkUA7eLVoaJM6bO%2F1Jn5G%2FMjCi%2Fd08cq0E2c7tUPSuQ1qNJKWA%2FSvq6J6%2FHCOqtKOA3Zhe9IKYEk3TQAlt6boIo2s8EiwUS8X6vF8q%2BhIkRm8bpQLkU1GWsQgEKx%2BHxerQKRAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b7791b0a9165d0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECJ5aFPjSgc6hBu0n8iLmX0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A502
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYp7HRUuvDYxbh-dirAr4QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyk9zARXAl8F8Ci9ZAFpdg&google_cver=1

43 B
736 B

36ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyk9zARXAl8F8Ci9ZAFpdg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_kmq0EEPyP_K0EGIHh1PsBMAE&v=APEucNVb28v9NMdGhlV3HhkW-BCrhCz15daJzMmaqOBu-3oiI6ftrik7shjt6aS-QpRAMJq5z8E4mB4kmoGTCCTUM2Zy7W-JAw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRWhMxtflkRFnsPxsu0L%2BRFCuzli1nK93jwm5B5X1CJu%2F1zS8ctsxTJr1QQ%2FycfSsOQ8M0sywUQ9GN8UM1nBTDoNYVaeGC4D8PmxVkF2yhuSy4XVm%2FI3zqDh%2BHR7kT6magqskkPBXh5%2Fbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b7791b4ad165d0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyk9zARXAl8F8Ci9ZAFpdg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 273F 170 B
232 B 67ms
33ms Image
image/png 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhiXoL_lATAB&v=APEucNWYfAlq1-5tCLgn3d26tSbDv071a6IjtwZj1qA17_Y-42pwgkxRkrNs136OJ2XDNSd-i5nOG6MOClq1tTOLseVtUp9ZVw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 273F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECJ5aFPjSgc6hBu0n8iLmX0&google_cver=1

43 B
772 B

35ms
34ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECJ5aFPjSgc6hBu0n8iLmX0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhiXoL_lATAB&v=APEucNWYfAlq1-5tCLgn3d26tSbDv071a6IjtwZj1qA17_Y-42pwgkxRkrNs136OJ2XDNSd-i5nOG6MOClq1tTOLseVtUp9ZVw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdnw4KGg5LyYEUiZcDLuaa3Of7piK06b1Ror6ncj%2BC%2FNGrJ7uKF4RZH%2FGh0dTzRPK5wcz8OeIBQ%2FTF1hUUTLxSmFn%2Fef50NQt184Xw8dXa0TVbY40ewkTr%2FUhw%2FtiwWwePprmuudorjqBg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b7791aea7265d0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECJ5aFPjSgc6hBu0n8iLmX0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 273F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYp7HdbmOd3AM8hU755jGAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyk9zARXAl8F8Ci9ZAFpdg&google_cver=1

43 B
736 B

40ms
39ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyk9zARXAl8F8Ci9ZAFpdg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNbvhAIQqpujAhiXoL_lATAB&v=APEucNWYfAlq1-5tCLgn3d26tSbDv071a6IjtwZj1qA17_Y-42pwgkxRkrNs136OJ2XDNSd-i5nOG6MOClq1tTOLseVtUp9ZVw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xLxzJ09OPR4K1XN%2FYXRMlLfJZBps5rOhzeefl0xOjm5fSdvMD5CqGTDO5buIxlu5XnyZG%2FA91nR5xQpCZDPORuLAQCl7XAf8zYBFlatDpYiu7%2Fc%2BKCmJdKXnCnFpsl4agj%2BKx7Aw6oqXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b7791b4acf65d0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHyk9zARXAl8F8Ci9ZAFpdg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B50E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80e695879b02c74e338e745020ef1969aed7589d0bd49c6c98ab360f915d6650

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7E94 38 KB
13 KB 23ms
23ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

accept-ranges: bytes
age: 597094
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:13:27 GMT
expires: Wed, 18 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9982 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4555035495823&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9982 0
20 B 57ms
57ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4555035495823&version=m202309260101&ct=119&x=1&cor=12508712737948238000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9982 91 KB
38 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVhVqwY6FU2eVRFnS3MKXBDi6bwPZRXg3MPnjUwlvK71mD9H1pGJl2r_cuDAz55dqQB1Em8CHN-M4a71jtrm9AWhl1gsRpWqy7v79UV9E9wx7h1ev5u6seaEvJ4juTvQhMdrihYI9Lo9ao5eooC_T_quhopI52ordz0QGPOJDIQAptgR8uM3NtgClIhaGAewm3bfVm&cry=1&dbm_d=AKAmf-B8Zk1pCNp3T-LEM46qjlsxfYXoyhY8Zt8B9XJxUCmvq61nfp3CV7bJ8QMv35PLCIrxdhHBQLHbLO3S2PCLwc3TRN1T-dtnRAg-sByDcVusIVYAfw4STQK_kNdtQDiM6CG_aHCMcx3Vstmzkrbeyh17VyUv3TVe-l7gBFIiMEKTEAYtuRmjmznr0O4sdv3BIg1PCMl-rhEeHoISH6crOP8KEbsOLsm7RWLZvFlHCVaMwUNwi5AFbkL5CAzC8KNRvUvgv8oOp34xy17aqH0lqmzfjBcrxEQTQ5WrsO__uJbI6xKyCAhYni5H-Qgyk5o3_iAN6AGv-ZwAFgty8jI92xzVBRVDwY1AfS2Wf76ccLxc9yCMCgfddGzPOr_bMAxNMLVLNO7uaTLxp21XJhJBH0OOW5siITPPJn-XxUxYVZNwKb7OVPiQcEknQyUi7AYtyndW3En-2yfENtfa9xOg-5dAWsMCjM-OjMaa14_SHI-OeRkhsX5YwK72TSHOtUx5MnWmRFJTXOA_k67SRKeGOfc-SG66Dcbgq_qv6Og9Nv2dKwuTTE3Pa9_JzH_-SvuvPBz3y3SEjv67wY5O3j4E-jTKsWY4i8ySF5g7QU38pk_O5U5V88EWAkyq5gdKW1RhbzRNqcdhhAtIqTBZyxvbeNUCEYxTyBurTCZKtZr9pXKDwOkypSNg2NZkyFLlMtF9KHAsDL-7J06lEQRrbhdbkq8tdJ-FYEl68eDteV4N50KvkAamU4_y9r6kX-GHz9uCoqDNgDIE7Vg7iYDM8pHn0lvdHgDgW5szFoZEHZgcsmILqr39OvPQoGDdaqF55LluLUuN2gBmiLwSS_mU9ACMg2EDIG7iYMqqxeU0jX0Eg1KWvKNJBWrWOLeX14bntKCifpY7Iy1_jkynnKMcVEvvparpf6-4l_j1BDNjlEQlS5KuP7pk_iwe4NgYyRNmZ_-28b0D_AhNOfv_WFnmysNHwMPEUXkzKrTgcPKfc1p87Ag0GetCSJqekikHfHrsu9slz4Z8TcKeCjCiFThvGJ1nuhAUrtqD0zjCUZDHEB7r-_MZPHMRuI9vkTUL243ytjRqspqN7vA33vog9rt0DGnpf4wDRDjzit6n04hGKZ6i9_cjQsbGc9T3m2zFZzLsUtp7JSDwlYSM5D5m9WwcDp33kSKTVX-FYUCUczm-lXDgRX5Uyk-Bl5T69VrBDg0NL9iq6UM-JPeXsLReFvQIpsCTmpI3mxbsMlq7tXDMfb9u9LSV8BRb1tka4ldXbI2elKhNXgWQQwpM_kZ36jg2ku0TFW0059Lh82GfWKd9No6-Wb7QjvQHA7IAOs8SJzQrmj3sfjjm3UXwA1cekH3l53mf22M990TI_sSSNb8XEUMbiXDn59JL1iaDWZpCBS8ZWo08vxKhLyhupVT_CrwnUpO6ZwLLU7Xd-2OFzIi8zNe2MHxlGpQykmDitzhuOLZ5xeNjHzIicnRZ-esAFitcq11VV9yv9Z4H5EScqH9orxpjTerWHvXHahxtaWUAG--gu5TLxYFkYuPsDpO8rEmqyJYy3umv9LSt-vh_CbUZINVlhi3nWNSGByBH7rsTLfUzxN7UVewQN_l8EZhPb0Tf_gulcXxONJfK4r7QVM7-hugVus2aaJEo_HCqqhqElWUpiEhE6imuzqbufCtqkhK1f-kZQvLk_rZFEfZVBv0QgEeDvpDmwtdPeN1mNls0Qp3Zxee_iCzAsvYW7YeevxGQRI1tLxk7TzutXTFRf5TfAy8fm3GNqvPTtaSF-AABKQJ6RWPvOw1SNcs1TRKQAOa-TzY8L6HKHgRqtkQfdEkpLqnZemBW2Ni_pH05xSFUCVAQLtefcC-Tfz_5B70gRONXgb-BzNc3Wj5YEuC-uEany67vJ_dbtHctW5vjczpRBpWZ7apteGfSfV1gmB9oB_827peBZTzGPiAHlrYah1A0PmvUStKzHsEwQ68k8yfVx9KcCWxqiO8QjOf9TVw4FFQyPIJoF9MVjpoK_w-d2k546KOdAEMW6DhTIyKj-Urzh1SUl5rHoPYpcW23NcxMNQw8zGmzTl-giCyw4pAR_BRhdHFVPKFpK3Kx1KiK1ackb_95wesBra82IwtX3rNuT262XOZtI3aJMnri2ZBmR97hTB99iEt1Yn8DRwpD3RzTgoB6MpfQEWgHqFa0aNrUcFlIfABu5jjNVvCHOj-8iNPjgr48uEI5hLWxbIgXSEjuna1sBNuWOBY7AqA1JPzHg2ggiASUrPCFvZfZpGp4w5nmtzBezwQ737l5wJ3KQhnBrcweOas9Ivi0ugAwClPgz0bvkalVOUgCz8JpEfO71gqYrBxsyiAZx0jjuKe3Ag5PKEyZ4jWwcyvs4uxihkcKAYjI24KhUsTTwrYxoyl3957SQo_WpDzNzqa8b69Z_X3h6H1anXdfZytwAItDdmChTNDynOBfS518_DWxBHW8uLNy2WutooK8_j-1AyL2vE1F5HawXTHWXv4r847xUMsmFQdoH_E0sxH_HE3S0RlxKidpswOp_pK8EaBWSV7yHJtI-hX8PMyIJ52pH2O2H8Uffs0xLmVzy-PzoT047n6sdphqf2yAXqHdoWsPRzYu6mcLcGbzuMBUG126RTkUO8t9HXFSRGns69ELHpy0tpWRFigRJq011hbHCPP2W0xHDoQ4aEjJ1ZGc1Lkzbjux3OHHBuFQEEpeRdG7B4k9UXyW5FZByEeRc1fZmbKydj-x45RDpjhILBSxH2MkBdmJmkznPURqwBcDVc3jBFTS8FZuvP91mFkj1_Vv3c5NTDaE7Hb7q3DjAVpWPWajguc7K6AelzKUsd23N4GnDNap27ixjEJTY61REsc9eL4k31l6cwg-yVZ6w5y8WiWSYzVwVhLHiZEhpCBKnnMyGcxOLDOb5mgTR03Jv1fboEeabK4zbvnh4IaBjNzVIbUZQby6fZ4uN1vXMS2jvN8TZilI7K7RCsWGn1OsSFtKRs3h0SzBrSrD4zZsgmhlUCv9ajqwN1TAZZJxr-jEnaQqZ2-34Xq7U55q5G8AdJu2xSApToiRIdqXpaT_5luFoC-TaTqgn6FO_lY_W4y9PcOhRf7jrEZAln-OKcinB2JnIoGFPywphoslVcanEv4PlafD0cXOUWGU95iespd0lWSF78X66I13iGNqEVtZi2vfGglXStUr67wRCTGrsO3v4h5ynJsWDywYBzomt3O2zC9QqqIrKHUj90dNoRtrFxFcsOTtPZBiFBRHzii8c_wiQAsOAUIBhfcHgOUbMeYdXTUP5dW3gfASty8kN5RMbQFPUZ5J2xkxExzUzoTB7HiBs7BswiKeH5lAf-PTHOpt5wUuLuI7vnd2Foq6BrLioX4aW60OIUOYkOWxEwEJOvYxrZnJDTJvMOedWJuEhTE5rLEoYf4-5GCZntCvo7cDWXykTi3DqlVGJZiXgebHYuaeDMGOGApBojcUcAjmAdQIDeo8xL39Xlx2wrBGY6e3qqoxB7PiidBqAfrqE0Mt_xvPdSALXtX_1I0vPN3tziIJVd5Y-ZbC7NGpdc8cig08g3Xogk9eTM6sorVseop_DN6zYAb-Ik8W6d-OksAFq2OuJ4Kp0yNYIO6R6W--ce0ENw3SzTeEzeiahUluvI9v58KjYvXr44uAkXrs6fFz1SV1c99CwOXfCz9__VP3ssJ5uMwpfOZiRCBLvvH8YMAFOkJbUfhBAuA9U_tImDmvIX3bjtBUaQiqUSTHz2FD0zqCFMUq6COPgelG5YVNiXiDngTki6fFcBGcSafhzVQrvWFI2zIx6k8QS05EpaMALKUgjyK-DgArzAthu-rmh69Zu-f4n_ml8AQfcCOSaUd6AIZOH_28SY_S0N6gQoj0cfKr0qmSyQRVELxAI3YHZ4q6LDm2NTSV3YW9-zzW5ONoiqgd5HlY4BUbBr1WTfRzVvpSdcG2dY_1bGoFIScj6CzGmfjup0ATkEFkGvm1W_yJifGDgxaoTQp7NwvBrngXluh3Ie4KUvUFTloFgxSsKRd3VuWRRq2F6wXNgJnyEBFt22n0oUoWIVfchYy9O8Ssr1drzVcZRBFWjXufs28IE77qdOq1c1Hc9aCeharHf8Xi23rpLRRdswMzU7rKehWBek87AONdl39VAP0LpMIfz2AFaaDPfjNqmgs81l3VzNRo_o877wAsPKGIuiaO1PXBuDBV_S_pbzWg991z4YoavB7jVz2YEIdBAQbPBRH2vsGREbIn8CDHIPeKtUTSqfKyxu_m_Rfp8rvf6B0xxU1UCOOElGON8JkcvAzrUxgDsLNCOkVr9bx1_kpUOtDAJZgofORhVcbX32DOD9M&cid=CAQSTgAvHhf_GQtqz569Jf-N0HiGmCfjkwSIaULGeKNNvE3pl7hX-Q_j7SccQqUkCX0BYeD6krzmFKWfsFk1_rGTm0MfKHuXr7i3TTrh3I11_RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fheld24.ch%2F&ds=l&xdt=1&iif=1&cor=12508712737948238000&adk=2515327513&idt=155&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eebc43233c3478ae63cd2e6761ac57cc58ed325ffd0ceb4ffa0f8f6d5d6582e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38964
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 83E6 0
20 B 58ms
58ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5820193961933&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 83E6 0
20 B 58ms
58ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5820193961933&version=m202309260101&ct=119&x=1&cor=14761453971653396000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 83E6 92 KB
38 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AT1BLs9Cp-l_gGiTKbKrXF8e0eJskrhD7RpQ1IyDEkzudyqXWz8PWgb5otTBqpwU1xDOWmG7sSA1j6skstTFEd5iyv3xKO_Y_T6wIQp8g18bKUpoBBqePKaVmwAielNA1vEok4-u1tZ451ph16-womZ-McpXDR4Vz2l7J9fC01ZoGVhWkVeOEYgGyXDaKTWnGdgBCM&cry=1&dbm_d=AKAmf-CZ6FGxGpC1MuZmXOoQwSC7hyL97o3TukY_KDWlMAzPADI3sUIgMCetJ4ry0abA91U7NpugH3sCKvf4gV94ilYYbP0nLX3-6aLr4u306GBhvKJfvkaX1SOwAgylCTdiZ6rxRIbdtuef6SbDGZiNh50jTJnGhjPvWUdMhcBlL6O0Ef4GQuF-JXaoHs-5HxQH1xRXUTduZhy6guAaaUPtmshrb4HSFru_HBYHcmjHBGP53cGrxs0mzMATfEFyJyPyMvGL23EAxJfVmEuX4_77U2LLkbwoVWGVo-OIU7qjraNpxPZkWGR9uysrywZHN-IDcuCE7z7wge-FSTAq-k-Loc1qVSLDO8WM7AQUQWweSzJB0HGc002xM5Ks4DFpClX8pIIgCBQ2PiG6waosNQPQo7rIrX8AxEtPoLHjD88wTKPXHTaRcn02sUZRO-ijJT2-cQUsHSgge4ERMfruK9RlFiexOeRPlX9hMQSfj3N-DzuRPhf626Cahnfqxxoo6iyE2aRNBigAbJRuOJkdccgKAQyX9l8HRQGmvcBJc3qoIbe8CnVIA3obg_POz-nvfPmYGRqTi3eDrUZaAZKbSotjagoRIRjiuJyPg6W8qbBjDW5Eu7gZSSHdgscISX659RqSq7BCTeeT7v1I4WOmix1D7hOtWjDHsamWFuOY6ZqcYg_RWJwwbJZJzg57KIMCnU7SeT-Qu_bCfMNPCPOjFMdSWEHuicZHqVK8MVn5h7ASNNq54sPwX2xQYVukwt9_Spn41Q9ArfycrGOPjWuqxi1MvO3QVe9LtpWkJDbGOrmqyoXwqcmVX3VwcMvDjno7eZueqUoiql_h0AntFPkaog2EBxxG0QaiMse_Xm9JQzmKMrpeWx9JXYF67skjKADAuN86B3bxZezz0MpiMwre8Ij1BXk-wzE21YITQryLNT01x8NtxU8mE22d60gUz5I9sm48qxt-rhvgv4q-XFMSTLPCeOQn2fcgiJm8c4QQtoAxLBUglxx1tm4t_ZZddyeftx_IVy9eXSViOifYaAbVOzr5PXeINJPRPr0Y1SCZ2xiKGdB-EIXxRPTTWpT5fKnu5KXxHw9daTviAUy7_AE1sHFr28fZe1dXrRu0bsIAEPkkTVuyKKlXKANrSdGPpq4d8DLJCsmVY6toRP5WEk3pdS2_0ifdoqMTeNdnV8nI6F9lG3Ab9toKfP0GkgG0uSb5rz4C7Ghd6E4B2stNN-iTCrRMQbfA3lMM1moDTzQ86qsoxlEhEvegDO8guTjPUmAsWfdIbN5xogDd8Ci3r240L2Ihn5arDaEu_nWLLeQVCuBzs5HJY2iqFXnD-ZZSXdfcJL4orNLY04rA0Dm2ZVsz_5MWYHA48DzXsAh00qFWx31NlS9h-mKIrZf2MYMiEPr8f2n6D9MkMqdfyFEqtjPOyEzj0B1FgjoBoHhkIREoOg12pyVnclfA_8NrWUGApbe8KZ3Uou9RR-FK6RpHe8oZ5CCK0itJ_VlwBaQvPabCwCUn-daWsEwmhWmF6dWupYQCKVhR8BK3G1E4rcMiDlV7e6FMKCZdoXNAo1ifv_selmjZ_K4VLXaCP3HJL27hyOzV-fi1_3X15IU3PIyPM3gd-3OV5ecjyrIwxMhFPRlb7KTMKqWiA1nUWjo-egr9mjbYw8rE1nnV30YwYVNuwzMmrKxxf5Kh03HoL6ZY5lq6SogyZx2nginVteQe37-yi-ee9vaxlLAH8O-4x-htbEDcw9fZrYIo6PRps1Ych63hENEUwCOcpJIkQSkPbKtIM7drK2vdqUTk0x4Y01zogCKUic9mlRCH3bMWywG43mGV0t-Rjvc3IbkPmyhiXzlBmQ3bVqL_G37jlZGDq-45tDuAPnwEcseeVMQwR6VhzUzjbZqzu2MRKcbOcQgU7onAXCb_xMBN8mjhtPgRxhGmTPqJf2rgwiPXVfbSFeHErPiJkP22Q9FoTOQGe0yEUf9wETp7fwICxX37ND_qb75Y_B4X97_76Me-bxKRC1N6W9NmpHFUbmz00Yl0ZkStWliNXxewsDGVqkOk-K1tZ-9m25YaHuR1g0fO3JoZbZgiRqp16Ud5QzR504R14O-fstLP6pHR7wZZ7WLevktpzRec3eISvLGxrpnV584JipfKeTtqO2OwVh1sO2VqJRr0ZEeuGeDvwow8Ek_d6RaAX8a7CCLePQ8kEJOuyQ8xgvIf8XWu1LQtUcHn0mNorjPud5C9u48HhLfEWZNfVFqZ0yT-r2YgCEGFwJAuz2CLh8BARIa3m6Xh4aKNywhnFXo09l6zYnafPHFUe6z3tDThUApA50C7X87imy6IWQNE_roayWmxM2QnPQuyPuh57Xr3SzkQtLN940gxgjDFqMHOrygfM5YbB4vEwXjHqX-X_bftt3PNWgRUpQ8QHuzdF-oBwcp1z72lJjlyH56Dl8zobHB-Rz-o9eVcfzXSXGNnRqNLNqScnFcuQDOWMIvIaaj2xFMLfN9M5tBK1ydlcFpzpq0Yu9qzVDmy2_ONDCY4F9nBh6WfOAmnSVOtI6suMZ3K2MOnoHkASEHVPiBPpUzuFfya8r_B7fn3JKYW9ivG4rJ0aVZ-5Z4mV-b7mw7sQBwxigtONjd-nc7QlcNNYmVlrRQ352do6NOql1M14CrORlo35-Hr2paMR0IsRXIAUtX3jX7aKKBq6E8yuHBZiQOOn-qIWV39goj-54_0S6Q7oxwbjFDaPEIz6DfV6zikl3t7Hrg2tgJPd9U7bvAsNle0r29ApMWihK774rHdaoC5NRDlF2Z4gikPDvoi8fFmqLIU5zHthClzJooMoAh9h7FzznO0M6WTxLxN8hr2jiUESFQjH1pIbz5l_isNClRDfCWCmfpFiJlirjSP866HHgCdqQ5jZdghW_HDTtzDDzqg4S74XRimwmdnEuU8oFHowAE0UBp1oUkQkzH-SQ5YMKIegJK6gpAD24P2i7rYoOBd3aVwMZGgdS-uvySryxT_vLxIJRXOGk8okSj10snOReX9zjc6I2QUr3k5ZDc57ApWpuiia-WObHiYKKSnpZmhIPYx5qIQ70gDW8riu9HQqWsVJn8i0rbmaaA29b_XxSqQDPgAIDNPjSc9w4yBtbQCZC8J9gQWapa1ZjNwiqqcBnL5pDTwmZxo-vpNEcpWxJNuG_gDqaCl7U7SanUNAsNViT2eyzmWm0Zw22fQRfXAIjNdUPxGcdGXTgA1cP5COulOydMh5fWg6LVUHTo4OpPkvCoV0Mn8zGsRMXg2QG5vmRpjjdeW1qtQQfsgzK4d438dYvgedT0omCJOcglJRbEgxfZ2lrCeS1lOWvBBSYf5dJw9XVxEnScSXULOXprc6AjK2PHRgVnOOyJrOc3M3yXRbhu9KRAg2N22ZYrMbBAr-PZ-Qr7VYn63srjaDfIh-H2nLZkU7zaot1Kmjtar9HO0R1r0qaLwf4fwJCQePwfR_HzHI682zQhCBMhNVDHWFkrgWBuyUzyDEEocNa1XylJ2Ro4Lq9PzhcFhlR6w6EXDXs0t2U_Dnz-FfpPNZyA6_f_4vtETt3ul7GFs4NDy6fSVb6DiF2YZkcxlnN_9kUWBJh-XaGuKtSMv344wZyLgj2DbhP7ayM0w5DVGS9glezsbRnvna9x6RBqjTMuutMQdH-Fyx8SJ4bV3Eg-aCC2jWIOWc-W71ykCYa-oA5TWqKOnrMZwRoWVigAH27CU1CafegAb3fSx0hio8iStl5CSXKfM8SGagxVxbQQCOwmr93ji96u80xdIX7WM520JVI5EYTF8hAc7bePGlWoN_APeRYMK8F7D06DVOsh-xPixrXQFQkl425aX6puXmCONo_85OfAYxROLMd7m49mU_2-WU9BbPMyP32QPWZSKC6PtGalN6iFk8Hgsap04oHYX5aPX0on2OMw6d4t115_YVWz7sAKsmXFoINZq6EjCCnE9qG1RFS87yeJj2crBvj0CygkUhHAPDqUsJq5bIph_cORnBNXhr4aKDG9ZtMTl0Q-BTLvtvEXbi7g0qPzRqtiRoyxDQfTokvCOQrEm0MM3QKvuOt9lh_jdplhQ-Xm-NP97gnuX0ZlQOhsjIu8cA11ix8MLG6Pnh1EVjJm3zBCi_Tcx6rbRQfDpsV0rJzutC9pzYCp2p9Hq3BIdIJ3us1-MeBYQOWmWYdTpUYX04iKvv0Rg3oGTKkiWQFuHbEsTHUximWSbUPEkkhawgadCYvJhgx-1NxZIegBA8kqlNEwG1gQJuDcXU1Mi4LF3gFiXw9WunpnhFNB98sP2prcx-lGBDomOgl6-_8Ye7H3clOTirdUpXXahjzSLmaSpOtivRLwOaggBNbU&cid=CAQSTgAvHhf_GQtqz569Jf-N0HiGmCfjkwSIaULGeKNNvE3pl7hX-Q_j7SccQqUkCX0BYeD6krzmFKWfsFk1_rGTm0MfKHuXr7i3TTrh3I11_RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fheld24.ch%2F&ds=l&xdt=1&iif=1&cor=14761453971653396000&adk=3062569611&idt=150&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73043fc759e9c46576434c2d2a1c61751437a69ba8c137b6a97be9b098fd28a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39121
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 40 KB
5 KB 79ms
33ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5360dc94380bd7d473bf4bbc2a7f6d5fcaede07a391f14ecb28a5df05c72e29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:02 GMT
expires: Wed, 25 Dec 2024 07:05:02 GMT
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame B50E 0
0 141ms
72ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssekJYEaFPiXV3BDcH75CHOCQy8uSRCzu-Q6-V2T3YbcloJBmSLOF-BYelqRazvNU6vNNVEaZwybZrEo7fx8ayXZrc_z-VNdTVYRFaXVhq3WlWp7s_xpLVI6hP-MWeHs5Z4Zwo-Tbx0BGrbJbUkTF4U3gNlCG1zG60Z7ortl2BCoYJJJBMOiurkifPS_zZ53ksNnWwaeskQy3uQxsnj_Wey1jVrO8tvFVRSMVqEyTiUj4z3HZgRSru9cf4UjEygwY-M0UiZGqcJEd1_UA2aLrETOfpNXIev9WddntjeQzBReikY2bWUeUiCNZ5dQieMnyvrsRjgcP4sWueCm-fcPVe7USiBSk4ly5kzcrrostlTaoIl0Oax7WwVADNc4xYhoCRvKQPlPhVogW_VZbLTpSyWGdXKyw2ALZFLJde3rLnj-D605FtSlhm6vaEQmwGlbLZdn7zdKQYC6ZccCcpca8PUCpp5L5x1M-0Xcn1JMEwDefYmL5U_XK5j8DLjwQyQEQFOQyW9bj6LHH4JRO_Ta1MgsHJUh7b8AflmLn4faY0wDYKHeCsQafw-k55YJaMCjyaJBrjP4rPppvUeVe7rKn6ZuDhSfaSpe-_LGEqS1c2coHgYqPnDV7l85X0giDN18kc1GiMjJy5iutfGG60TvKmxX7_aOA0A2IAYG8tRyk32BPbjhSh-JsvvsAKKww22qsjV96r0_iU_IWucjS1aJfYamj0AIZNno0OVCdjkXtcTyHuAKqzoksJCtmKe2jp6t5U7EChiKhYVjnswUs8YBjChbuvrpXjy36vsFVM5jxySdnE20Ec3yMeat5PEyIhXO5wch9F90YVcjtiCqiYGnoExR_VixIsmT3EksnaOAJ18ccsT3fNe4l0-pn9Cvw7-KhL--U7kwyrwHD2z3-8I_xfmD6Wk4LzJWfJYfqVB2XyOQ8H_dobwV5Jz23GEl5jqDfezuTvOUqxwxU1lFt_QD4ZNJVtutUzHsHG-enzMw9BmJWDIb02gfGUbqwPQqZ1dqd0mUMTnm3LPqto_FWfuHg1dhxYY7DEnC5W55C3OS1dc_u7tDt70yk-26ORQoJ0Cvmt6S0ggSqgsVYse7mw8jy1Wn0ySKvgkN0N_BUv-id1-20gzUzyv6Nzl4rXwHuHNObKQ28mr3gTqskTmYtj8l2FytJwvXPKlWhDEsAWyWf_42V4HG6frfKL_XwTsTTJ02f6LoON7Jp8SiKxf3du3xfhdNTV61GCO6LQJc7WZeqsXLIKlOIkW-H6xeLMhDU40BfPBGG2NDocm_Q32Angn_elOtc1XHa0JReqUGOulaRP6nIl-eD2uUrNDPs6NJiL_z11Lx-ZFMPxzjw2FqYe26qLIHYfp5DIeQd1206ShjcjdcrmP_LUKh4B7&sai=AMfl-YQdfWPMEZn9CbCmYbApkBISeNkmE0i-SPzbboKZWg2QHBJQHUiCbPxrpr4juU9mDHF7bgA3D2_IvSrhTyoh6cSUb9WXIRLUawDJd7M6G_ONL4TdDCSFowwNK4qdRsCb6sQT7gbdSsrgMRq7iCfM5Cl9hg6bQ8D9C0kzWDoqJ_5Qs-u5rWPBQQeVnsZlFIIMRzfmuepAJoHd3Pwpji4SWKVW645o-1cuozxy6KGhhxbODR_q60qa38n68K0tINLBnytnYXLgsRhjP5sH14C47X2RXE183vb2FPX8R1RH-gUCuvOHJSAkoCvg1I2fYi3hAVrFVuIqmqYpwS1y6zpxdxHKbCAZkKbfo_paUzR95uLBZI7Mt4ZE8FSjZHl4mxZ-UWxO0e5HZR9tPrxl2lQDZjOrjvO4smiCw0837OFYyc3_Nlbwdy1TlrRJAgroTnAgE2yMmHBuVfw9F9ORN6GgjXSAi-kWA9ZqSrjI2LeTHI7KzN0xUGsnVT0bbnQJ0wK6xqOKdw&sig=Cg0ArKJSzEX8JX4OhlVXEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yYWRpc3NvbmhvdGVscy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=178&cbvp=1&cstd=173&cisv=r20231207.05439&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 27C3 2 KB
3 KB 104ms
54ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jfes3zj08e34e8seenyed041y90j7ds1kzcdsn320gabjjmerqq742ydtg7jvkwtehmd6q51pexd8cgp3dta1ax6c98k6ggvgmwnfznjecw281qgt9sktd4hqa808z4zm75pcvnk23ncrqwg689rzandn38agg7q1vdvnv6e1s788dty839we4bg4mcpbqwqhpgvnkvj4c1sgqd622182h55rcfvewhfpvdp5htt69j7w89yhsy2znyqec6z72kajvrftrb0nvj4hbzmjjhbh97k6n815c35w5r90n6p4qhmshcgz1n1t4mekp99k438k7n8yc692nd0wewerh5desfcmqff884tn72km27p9069qagd74kp4hx6bxk0bz62vms6rqzw0jtd5r30tp8ckqh4wq6v1888dhjcapms8v21ndqj568904b0hsq63m31d2crsc62g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%26client%3Dca-pub-4525684120003226%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=1403818051&adf=3784560394&pi=t.aa~a.508635323~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=363x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

715054e2b63c0a104ab34f2d8edc9f72e20bf45b71098b022053d0dc645cfb7a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b7791bae193614-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:02 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 29DA 3 KB
1 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:41:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D681 1 KB
643 B 26ms
23ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

age: 37507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 26 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 29DA 20 KB
8 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 29DA 0
0 90ms
32ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRd68Jcql2O-CmZDESSTc_PainUW7u-XbvkUBUlnbBqSX2K9yqdV6pYX7nxmcIwRyY2gec-P29R3n_54nOjypKkG9WyXg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=1403818051&adf=3784560394&pi=t.aa~a.508635323~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=363x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=75
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 29DA 203 KB
64 KB 117ms
113ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 07:05:02 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 7C15 2 KB
1 KB 94ms
55ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1khbc6085qxqbyvwghymzsnypth0t07c1n6qqtyvrdd632acmfej4dk060c6584bskfyzq59y7z7epetbne0rs27wke4q3cqnxqtyy63fk1jtbc27czntrnfrdfw5qp3ec1v2ta75q4n7k9xen6s9614qn97m1vj5xyky068v6e4w5jwv3p9aesbd6fwreav5kwb2k4tsta93zzg3n8br2j2kkd9jhnv3pwpp01zabheqemv5azq6t6p6rd1c049a02by572djekkjzc9x1apffh4ewzc107gdzwxch8gr7nef73qvvgs6mss3w8panwfgh84yv4zk5zd61w3f5gxemc0ax3vktanz6a2hky44w5aky0km9a37vt0gdw9531cpe4nka5ay6vh45tqp68ck5w4j3m8rzgrk4ndxj4fygssmg1snfk2hqk0bmtbaa41h8rt9eftr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5HP1HXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdJHRs3JNDERK-TYkjdRy33vMFVio1AQE_p6wmvr_fbX9ZTHUn-z8yCl9gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zZurvkJBg-QZv81Hpy8OuTpe5Lw%26client%3Dca-pub-4525684120003226%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=3303847354&adf=1582290432&pi=t.aa~a.1227727605~rp.4&w=376&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=376x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280&nras=3&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9197d73a9972e30740497c820689b4e863a7f5ea265ee5efd1f617f6260ddfc3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b7791bae1e3614-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:02 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B8D1 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:41:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4E28 1 KB
643 B 24ms
23ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

age: 37507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 26 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame B8D1 20 KB
8 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B8D1 0
0 78ms
33ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSK3EQB6X7YFSFAfgEYvtYafC6MVV0z_JJn0MQJ40TqFaLGYJYQoM1skJJpQLUDB2dE5xURDrNxFZn_KTVRJnCgfA8FWw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=3303847354&adf=1582290432&pi=t.aa~a.1227727605~rp.4&w=376&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=376x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280&nras=3&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=101
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B8D1 203 KB
64 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 07:05:02 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 32C9 2 KB
1 KB 85ms
62ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gjdpfkd8nhgsgygpp1t0gsacyjt6hyafpmbrgngq1mdb191bnatg8bew0v5rdzpv3cpxpzww8kg6nh10zvh2t01w8vy7b2n65bnan4t9j292m4zq3qy1ytqyecm6sy5cx6cmzvedw4r3n7frbjwr0htw6pnew5cem2xefv9vxdknx1f1y4nyaxcxcrndmj3jrs9v98hwh8ys9qj43njasdq5ykd1vgmm147s3740akbm4pa08cmter508v8s733sw02ckmpazeykj66r7szae7nxdfjftsnd0d5b2wd4w58mpbczeyrb3dd07g7hy8x46xecw97v6x3ggdx1ep8nk11nqqytqfw04qgdmaw5xfxya9ft9x1gzamcybaww97eqrfyyenfhkxbv48s6dege7x8je2mgs9n62cqzeawje2abetyr3yhfepe7asd95zfg345hzp7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%26client%3Dca-pub-4525684120003226%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=2492854786&adf=113491572&pi=t.aa~a.4074808907~rp.1&w=376&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=376x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280%2C376x280%2C384x280%2C321x250&nras=6&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=117

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f63e133d6c8913624670c7df93ba3ce2aa5870c5e69bc62a983ddb452d3290fe

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b7791bae1a3614-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:02 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A7DA 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:41:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C901 1 KB
643 B 24ms
24ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

age: 37507
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 26 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A7DA 20 KB
8 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18642
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A7DA 0
0 63ms
33ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwmT-fOk8NWkRrbbT1TXB14rDvmzQj6Bxj1FXY0n_MU65yAq35NPWlFIwn6cYhrmJGCPBEYnzeqp8eehfDdRwIE1EHzw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=2492854786&adf=113491572&pi=t.aa~a.4074808907~rp.1&w=376&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=376x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280%2C376x280%2C384x280%2C321x250&nras=6&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=117
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A7DA 203 KB
64 KB 101ms
100ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 07:05:02 GMT

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame CC0E 2 KB
1 KB 69ms
56ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1jc0ngz3as7czqwbh3vdamdaewqy7a0j18tn7yw44dpsrtr8b2zb1snye9h2582g3emgxx0das00spr7a0yekq010yzjxq1bbrjbfdyfyb1dmr17q2t7712j1rgambpnfxx37sarkx8x7z1zmfjrrrx988mbz6hq7fv8v5angzzch9k6wsmnv9vrmfb0gaay55e8txc2k7350pwje03m20jt4b81dzepa75fj1cfd8q6yrhzxvw6n6jtpsdwjsk5fy0k89622b80gf1t36cq2qdb8be76kee6m1d6qctyx3fbxmafsys3j3dvb2k6zhnref8awx0kr9pntej37pprk19nem1j08hjev5fh8a2hntdzeqgpkdctswpsfebt6am4j530g715r5607py271d4n5byx74ms5h25wz40y14mzedzmdxj69yme98r9w45n8tec68cfyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%26client%3Dca-pub-4525684120003226%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=280808517&adf=501350246&pi=t.aa~a.3437311115~rp.3&w=384&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=384x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1088&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280%2C376x280&nras=4&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=615&ady=1664&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

982c8e5b88d12c2a906130391925d23ff6a6533c16111f9c81234fbd0f7ec613

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b7791bae1c3614-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:02 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9E1A 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:41:59 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8CD4 1 KB
643 B 25ms
24ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

age: 37508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 26 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 9E1A 20 KB
8 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9E1A 0
0 52ms
32ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQymakVEZ8aXibXk7GDeg0RC19xgw4RHRUe5d9Vxi10T5_mJhpOBWtECCg7OQ3mTpDtR2W8s2ZDIjwfCdEgJeUUPDyT7Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=280808517&adf=501350246&pi=t.aa~a.3437311115~rp.3&w=384&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=384x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1088&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280%2C376x280&nras=4&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=615&ady=1664&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E1A 203 KB
64 KB 92ms
90ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 07:05:02 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 9982 172 KB
60 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26158
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Dec 2023 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 9982 11 KB
4 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DVhVqwY6FU2eVRFnS3MKXBDi6bwPZRXg3MPnjUwlvK71mD9H1pGJl2r_cuDAz55dqQB1Em8CHN-M4a71jtrm9AWhl1gsRpWqy7v79UV9E9wx7h1ev5u6seaEvJ4juTvQhMdrihYI9Lo9ao5eooC_T_quhopI52ordz0QGPOJDIQAptgR8uM3NtgClIhaGAewm3bfVm&cry=1&dbm_d=AKAmf-B8Zk1pCNp3T-LEM46qjlsxfYXoyhY8Zt8B9XJxUCmvq61nfp3CV7bJ8QMv35PLCIrxdhHBQLHbLO3S2PCLwc3TRN1T-dtnRAg-sByDcVusIVYAfw4STQK_kNdtQDiM6CG_aHCMcx3Vstmzkrbeyh17VyUv3TVe-l7gBFIiMEKTEAYtuRmjmznr0O4sdv3BIg1PCMl-rhEeHoISH6crOP8KEbsOLsm7RWLZvFlHCVaMwUNwi5AFbkL5CAzC8KNRvUvgv8oOp34xy17aqH0lqmzfjBcrxEQTQ5WrsO__uJbI6xKyCAhYni5H-Qgyk5o3_iAN6AGv-ZwAFgty8jI92xzVBRVDwY1AfS2Wf76ccLxc9yCMCgfddGzPOr_bMAxNMLVLNO7uaTLxp21XJhJBH0OOW5siITPPJn-XxUxYVZNwKb7OVPiQcEknQyUi7AYtyndW3En-2yfENtfa9xOg-5dAWsMCjM-OjMaa14_SHI-OeRkhsX5YwK72TSHOtUx5MnWmRFJTXOA_k67SRKeGOfc-SG66Dcbgq_qv6Og9Nv2dKwuTTE3Pa9_JzH_-SvuvPBz3y3SEjv67wY5O3j4E-jTKsWY4i8ySF5g7QU38pk_O5U5V88EWAkyq5gdKW1RhbzRNqcdhhAtIqTBZyxvbeNUCEYxTyBurTCZKtZr9pXKDwOkypSNg2NZkyFLlMtF9KHAsDL-7J06lEQRrbhdbkq8tdJ-FYEl68eDteV4N50KvkAamU4_y9r6kX-GHz9uCoqDNgDIE7Vg7iYDM8pHn0lvdHgDgW5szFoZEHZgcsmILqr39OvPQoGDdaqF55LluLUuN2gBmiLwSS_mU9ACMg2EDIG7iYMqqxeU0jX0Eg1KWvKNJBWrWOLeX14bntKCifpY7Iy1_jkynnKMcVEvvparpf6-4l_j1BDNjlEQlS5KuP7pk_iwe4NgYyRNmZ_-28b0D_AhNOfv_WFnmysNHwMPEUXkzKrTgcPKfc1p87Ag0GetCSJqekikHfHrsu9slz4Z8TcKeCjCiFThvGJ1nuhAUrtqD0zjCUZDHEB7r-_MZPHMRuI9vkTUL243ytjRqspqN7vA33vog9rt0DGnpf4wDRDjzit6n04hGKZ6i9_cjQsbGc9T3m2zFZzLsUtp7JSDwlYSM5D5m9WwcDp33kSKTVX-FYUCUczm-lXDgRX5Uyk-Bl5T69VrBDg0NL9iq6UM-JPeXsLReFvQIpsCTmpI3mxbsMlq7tXDMfb9u9LSV8BRb1tka4ldXbI2elKhNXgWQQwpM_kZ36jg2ku0TFW0059Lh82GfWKd9No6-Wb7QjvQHA7IAOs8SJzQrmj3sfjjm3UXwA1cekH3l53mf22M990TI_sSSNb8XEUMbiXDn59JL1iaDWZpCBS8ZWo08vxKhLyhupVT_CrwnUpO6ZwLLU7Xd-2OFzIi8zNe2MHxlGpQykmDitzhuOLZ5xeNjHzIicnRZ-esAFitcq11VV9yv9Z4H5EScqH9orxpjTerWHvXHahxtaWUAG--gu5TLxYFkYuPsDpO8rEmqyJYy3umv9LSt-vh_CbUZINVlhi3nWNSGByBH7rsTLfUzxN7UVewQN_l8EZhPb0Tf_gulcXxONJfK4r7QVM7-hugVus2aaJEo_HCqqhqElWUpiEhE6imuzqbufCtqkhK1f-kZQvLk_rZFEfZVBv0QgEeDvpDmwtdPeN1mNls0Qp3Zxee_iCzAsvYW7YeevxGQRI1tLxk7TzutXTFRf5TfAy8fm3GNqvPTtaSF-AABKQJ6RWPvOw1SNcs1TRKQAOa-TzY8L6HKHgRqtkQfdEkpLqnZemBW2Ni_pH05xSFUCVAQLtefcC-Tfz_5B70gRONXgb-BzNc3Wj5YEuC-uEany67vJ_dbtHctW5vjczpRBpWZ7apteGfSfV1gmB9oB_827peBZTzGPiAHlrYah1A0PmvUStKzHsEwQ68k8yfVx9KcCWxqiO8QjOf9TVw4FFQyPIJoF9MVjpoK_w-d2k546KOdAEMW6DhTIyKj-Urzh1SUl5rHoPYpcW23NcxMNQw8zGmzTl-giCyw4pAR_BRhdHFVPKFpK3Kx1KiK1ackb_95wesBra82IwtX3rNuT262XOZtI3aJMnri2ZBmR97hTB99iEt1Yn8DRwpD3RzTgoB6MpfQEWgHqFa0aNrUcFlIfABu5jjNVvCHOj-8iNPjgr48uEI5hLWxbIgXSEjuna1sBNuWOBY7AqA1JPzHg2ggiASUrPCFvZfZpGp4w5nmtzBezwQ737l5wJ3KQhnBrcweOas9Ivi0ugAwClPgz0bvkalVOUgCz8JpEfO71gqYrBxsyiAZx0jjuKe3Ag5PKEyZ4jWwcyvs4uxihkcKAYjI24KhUsTTwrYxoyl3957SQo_WpDzNzqa8b69Z_X3h6H1anXdfZytwAItDdmChTNDynOBfS518_DWxBHW8uLNy2WutooK8_j-1AyL2vE1F5HawXTHWXv4r847xUMsmFQdoH_E0sxH_HE3S0RlxKidpswOp_pK8EaBWSV7yHJtI-hX8PMyIJ52pH2O2H8Uffs0xLmVzy-PzoT047n6sdphqf2yAXqHdoWsPRzYu6mcLcGbzuMBUG126RTkUO8t9HXFSRGns69ELHpy0tpWRFigRJq011hbHCPP2W0xHDoQ4aEjJ1ZGc1Lkzbjux3OHHBuFQEEpeRdG7B4k9UXyW5FZByEeRc1fZmbKydj-x45RDpjhILBSxH2MkBdmJmkznPURqwBcDVc3jBFTS8FZuvP91mFkj1_Vv3c5NTDaE7Hb7q3DjAVpWPWajguc7K6AelzKUsd23N4GnDNap27ixjEJTY61REsc9eL4k31l6cwg-yVZ6w5y8WiWSYzVwVhLHiZEhpCBKnnMyGcxOLDOb5mgTR03Jv1fboEeabK4zbvnh4IaBjNzVIbUZQby6fZ4uN1vXMS2jvN8TZilI7K7RCsWGn1OsSFtKRs3h0SzBrSrD4zZsgmhlUCv9ajqwN1TAZZJxr-jEnaQqZ2-34Xq7U55q5G8AdJu2xSApToiRIdqXpaT_5luFoC-TaTqgn6FO_lY_W4y9PcOhRf7jrEZAln-OKcinB2JnIoGFPywphoslVcanEv4PlafD0cXOUWGU95iespd0lWSF78X66I13iGNqEVtZi2vfGglXStUr67wRCTGrsO3v4h5ynJsWDywYBzomt3O2zC9QqqIrKHUj90dNoRtrFxFcsOTtPZBiFBRHzii8c_wiQAsOAUIBhfcHgOUbMeYdXTUP5dW3gfASty8kN5RMbQFPUZ5J2xkxExzUzoTB7HiBs7BswiKeH5lAf-PTHOpt5wUuLuI7vnd2Foq6BrLioX4aW60OIUOYkOWxEwEJOvYxrZnJDTJvMOedWJuEhTE5rLEoYf4-5GCZntCvo7cDWXykTi3DqlVGJZiXgebHYuaeDMGOGApBojcUcAjmAdQIDeo8xL39Xlx2wrBGY6e3qqoxB7PiidBqAfrqE0Mt_xvPdSALXtX_1I0vPN3tziIJVd5Y-ZbC7NGpdc8cig08g3Xogk9eTM6sorVseop_DN6zYAb-Ik8W6d-OksAFq2OuJ4Kp0yNYIO6R6W--ce0ENw3SzTeEzeiahUluvI9v58KjYvXr44uAkXrs6fFz1SV1c99CwOXfCz9__VP3ssJ5uMwpfOZiRCBLvvH8YMAFOkJbUfhBAuA9U_tImDmvIX3bjtBUaQiqUSTHz2FD0zqCFMUq6COPgelG5YVNiXiDngTki6fFcBGcSafhzVQrvWFI2zIx6k8QS05EpaMALKUgjyK-DgArzAthu-rmh69Zu-f4n_ml8AQfcCOSaUd6AIZOH_28SY_S0N6gQoj0cfKr0qmSyQRVELxAI3YHZ4q6LDm2NTSV3YW9-zzW5ONoiqgd5HlY4BUbBr1WTfRzVvpSdcG2dY_1bGoFIScj6CzGmfjup0ATkEFkGvm1W_yJifGDgxaoTQp7NwvBrngXluh3Ie4KUvUFTloFgxSsKRd3VuWRRq2F6wXNgJnyEBFt22n0oUoWIVfchYy9O8Ssr1drzVcZRBFWjXufs28IE77qdOq1c1Hc9aCeharHf8Xi23rpLRRdswMzU7rKehWBek87AONdl39VAP0LpMIfz2AFaaDPfjNqmgs81l3VzNRo_o877wAsPKGIuiaO1PXBuDBV_S_pbzWg991z4YoavB7jVz2YEIdBAQbPBRH2vsGREbIn8CDHIPeKtUTSqfKyxu_m_Rfp8rvf6B0xxU1UCOOElGON8JkcvAzrUxgDsLNCOkVr9bx1_kpUOtDAJZgofORhVcbX32DOD9M&cid=CAQSTgAvHhf_GQtqz569Jf-N0HiGmCfjkwSIaULGeKNNvE3pl7hX-Q_j7SccQqUkCX0BYeD6krzmFKWfsFk1_rGTm0MfKHuXr7i3TTrh3I11_RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fheld24.ch%2F&ds=l&xdt=1&iif=1&cor=12508712737948238000&adk=2515327513&idt=155&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 03:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 03:36:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 9982 31 KB
12 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 9982 41 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 305994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 18:05:08 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 83E6 172 KB
60 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26158
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Dec 2023 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 83E6 11 KB
4 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AT1BLs9Cp-l_gGiTKbKrXF8e0eJskrhD7RpQ1IyDEkzudyqXWz8PWgb5otTBqpwU1xDOWmG7sSA1j6skstTFEd5iyv3xKO_Y_T6wIQp8g18bKUpoBBqePKaVmwAielNA1vEok4-u1tZ451ph16-womZ-McpXDR4Vz2l7J9fC01ZoGVhWkVeOEYgGyXDaKTWnGdgBCM&cry=1&dbm_d=AKAmf-CZ6FGxGpC1MuZmXOoQwSC7hyL97o3TukY_KDWlMAzPADI3sUIgMCetJ4ry0abA91U7NpugH3sCKvf4gV94ilYYbP0nLX3-6aLr4u306GBhvKJfvkaX1SOwAgylCTdiZ6rxRIbdtuef6SbDGZiNh50jTJnGhjPvWUdMhcBlL6O0Ef4GQuF-JXaoHs-5HxQH1xRXUTduZhy6guAaaUPtmshrb4HSFru_HBYHcmjHBGP53cGrxs0mzMATfEFyJyPyMvGL23EAxJfVmEuX4_77U2LLkbwoVWGVo-OIU7qjraNpxPZkWGR9uysrywZHN-IDcuCE7z7wge-FSTAq-k-Loc1qVSLDO8WM7AQUQWweSzJB0HGc002xM5Ks4DFpClX8pIIgCBQ2PiG6waosNQPQo7rIrX8AxEtPoLHjD88wTKPXHTaRcn02sUZRO-ijJT2-cQUsHSgge4ERMfruK9RlFiexOeRPlX9hMQSfj3N-DzuRPhf626Cahnfqxxoo6iyE2aRNBigAbJRuOJkdccgKAQyX9l8HRQGmvcBJc3qoIbe8CnVIA3obg_POz-nvfPmYGRqTi3eDrUZaAZKbSotjagoRIRjiuJyPg6W8qbBjDW5Eu7gZSSHdgscISX659RqSq7BCTeeT7v1I4WOmix1D7hOtWjDHsamWFuOY6ZqcYg_RWJwwbJZJzg57KIMCnU7SeT-Qu_bCfMNPCPOjFMdSWEHuicZHqVK8MVn5h7ASNNq54sPwX2xQYVukwt9_Spn41Q9ArfycrGOPjWuqxi1MvO3QVe9LtpWkJDbGOrmqyoXwqcmVX3VwcMvDjno7eZueqUoiql_h0AntFPkaog2EBxxG0QaiMse_Xm9JQzmKMrpeWx9JXYF67skjKADAuN86B3bxZezz0MpiMwre8Ij1BXk-wzE21YITQryLNT01x8NtxU8mE22d60gUz5I9sm48qxt-rhvgv4q-XFMSTLPCeOQn2fcgiJm8c4QQtoAxLBUglxx1tm4t_ZZddyeftx_IVy9eXSViOifYaAbVOzr5PXeINJPRPr0Y1SCZ2xiKGdB-EIXxRPTTWpT5fKnu5KXxHw9daTviAUy7_AE1sHFr28fZe1dXrRu0bsIAEPkkTVuyKKlXKANrSdGPpq4d8DLJCsmVY6toRP5WEk3pdS2_0ifdoqMTeNdnV8nI6F9lG3Ab9toKfP0GkgG0uSb5rz4C7Ghd6E4B2stNN-iTCrRMQbfA3lMM1moDTzQ86qsoxlEhEvegDO8guTjPUmAsWfdIbN5xogDd8Ci3r240L2Ihn5arDaEu_nWLLeQVCuBzs5HJY2iqFXnD-ZZSXdfcJL4orNLY04rA0Dm2ZVsz_5MWYHA48DzXsAh00qFWx31NlS9h-mKIrZf2MYMiEPr8f2n6D9MkMqdfyFEqtjPOyEzj0B1FgjoBoHhkIREoOg12pyVnclfA_8NrWUGApbe8KZ3Uou9RR-FK6RpHe8oZ5CCK0itJ_VlwBaQvPabCwCUn-daWsEwmhWmF6dWupYQCKVhR8BK3G1E4rcMiDlV7e6FMKCZdoXNAo1ifv_selmjZ_K4VLXaCP3HJL27hyOzV-fi1_3X15IU3PIyPM3gd-3OV5ecjyrIwxMhFPRlb7KTMKqWiA1nUWjo-egr9mjbYw8rE1nnV30YwYVNuwzMmrKxxf5Kh03HoL6ZY5lq6SogyZx2nginVteQe37-yi-ee9vaxlLAH8O-4x-htbEDcw9fZrYIo6PRps1Ych63hENEUwCOcpJIkQSkPbKtIM7drK2vdqUTk0x4Y01zogCKUic9mlRCH3bMWywG43mGV0t-Rjvc3IbkPmyhiXzlBmQ3bVqL_G37jlZGDq-45tDuAPnwEcseeVMQwR6VhzUzjbZqzu2MRKcbOcQgU7onAXCb_xMBN8mjhtPgRxhGmTPqJf2rgwiPXVfbSFeHErPiJkP22Q9FoTOQGe0yEUf9wETp7fwICxX37ND_qb75Y_B4X97_76Me-bxKRC1N6W9NmpHFUbmz00Yl0ZkStWliNXxewsDGVqkOk-K1tZ-9m25YaHuR1g0fO3JoZbZgiRqp16Ud5QzR504R14O-fstLP6pHR7wZZ7WLevktpzRec3eISvLGxrpnV584JipfKeTtqO2OwVh1sO2VqJRr0ZEeuGeDvwow8Ek_d6RaAX8a7CCLePQ8kEJOuyQ8xgvIf8XWu1LQtUcHn0mNorjPud5C9u48HhLfEWZNfVFqZ0yT-r2YgCEGFwJAuz2CLh8BARIa3m6Xh4aKNywhnFXo09l6zYnafPHFUe6z3tDThUApA50C7X87imy6IWQNE_roayWmxM2QnPQuyPuh57Xr3SzkQtLN940gxgjDFqMHOrygfM5YbB4vEwXjHqX-X_bftt3PNWgRUpQ8QHuzdF-oBwcp1z72lJjlyH56Dl8zobHB-Rz-o9eVcfzXSXGNnRqNLNqScnFcuQDOWMIvIaaj2xFMLfN9M5tBK1ydlcFpzpq0Yu9qzVDmy2_ONDCY4F9nBh6WfOAmnSVOtI6suMZ3K2MOnoHkASEHVPiBPpUzuFfya8r_B7fn3JKYW9ivG4rJ0aVZ-5Z4mV-b7mw7sQBwxigtONjd-nc7QlcNNYmVlrRQ352do6NOql1M14CrORlo35-Hr2paMR0IsRXIAUtX3jX7aKKBq6E8yuHBZiQOOn-qIWV39goj-54_0S6Q7oxwbjFDaPEIz6DfV6zikl3t7Hrg2tgJPd9U7bvAsNle0r29ApMWihK774rHdaoC5NRDlF2Z4gikPDvoi8fFmqLIU5zHthClzJooMoAh9h7FzznO0M6WTxLxN8hr2jiUESFQjH1pIbz5l_isNClRDfCWCmfpFiJlirjSP866HHgCdqQ5jZdghW_HDTtzDDzqg4S74XRimwmdnEuU8oFHowAE0UBp1oUkQkzH-SQ5YMKIegJK6gpAD24P2i7rYoOBd3aVwMZGgdS-uvySryxT_vLxIJRXOGk8okSj10snOReX9zjc6I2QUr3k5ZDc57ApWpuiia-WObHiYKKSnpZmhIPYx5qIQ70gDW8riu9HQqWsVJn8i0rbmaaA29b_XxSqQDPgAIDNPjSc9w4yBtbQCZC8J9gQWapa1ZjNwiqqcBnL5pDTwmZxo-vpNEcpWxJNuG_gDqaCl7U7SanUNAsNViT2eyzmWm0Zw22fQRfXAIjNdUPxGcdGXTgA1cP5COulOydMh5fWg6LVUHTo4OpPkvCoV0Mn8zGsRMXg2QG5vmRpjjdeW1qtQQfsgzK4d438dYvgedT0omCJOcglJRbEgxfZ2lrCeS1lOWvBBSYf5dJw9XVxEnScSXULOXprc6AjK2PHRgVnOOyJrOc3M3yXRbhu9KRAg2N22ZYrMbBAr-PZ-Qr7VYn63srjaDfIh-H2nLZkU7zaot1Kmjtar9HO0R1r0qaLwf4fwJCQePwfR_HzHI682zQhCBMhNVDHWFkrgWBuyUzyDEEocNa1XylJ2Ro4Lq9PzhcFhlR6w6EXDXs0t2U_Dnz-FfpPNZyA6_f_4vtETt3ul7GFs4NDy6fSVb6DiF2YZkcxlnN_9kUWBJh-XaGuKtSMv344wZyLgj2DbhP7ayM0w5DVGS9glezsbRnvna9x6RBqjTMuutMQdH-Fyx8SJ4bV3Eg-aCC2jWIOWc-W71ykCYa-oA5TWqKOnrMZwRoWVigAH27CU1CafegAb3fSx0hio8iStl5CSXKfM8SGagxVxbQQCOwmr93ji96u80xdIX7WM520JVI5EYTF8hAc7bePGlWoN_APeRYMK8F7D06DVOsh-xPixrXQFQkl425aX6puXmCONo_85OfAYxROLMd7m49mU_2-WU9BbPMyP32QPWZSKC6PtGalN6iFk8Hgsap04oHYX5aPX0on2OMw6d4t115_YVWz7sAKsmXFoINZq6EjCCnE9qG1RFS87yeJj2crBvj0CygkUhHAPDqUsJq5bIph_cORnBNXhr4aKDG9ZtMTl0Q-BTLvtvEXbi7g0qPzRqtiRoyxDQfTokvCOQrEm0MM3QKvuOt9lh_jdplhQ-Xm-NP97gnuX0ZlQOhsjIu8cA11ix8MLG6Pnh1EVjJm3zBCi_Tcx6rbRQfDpsV0rJzutC9pzYCp2p9Hq3BIdIJ3us1-MeBYQOWmWYdTpUYX04iKvv0Rg3oGTKkiWQFuHbEsTHUximWSbUPEkkhawgadCYvJhgx-1NxZIegBA8kqlNEwG1gQJuDcXU1Mi4LF3gFiXw9WunpnhFNB98sP2prcx-lGBDomOgl6-_8Ye7H3clOTirdUpXXahjzSLmaSpOtivRLwOaggBNbU&cid=CAQSTgAvHhf_GQtqz569Jf-N0HiGmCfjkwSIaULGeKNNvE3pl7hX-Q_j7SccQqUkCX0BYeD6krzmFKWfsFk1_rGTm0MfKHuXr7i3TTrh3I11_RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fheld24.ch%2F&ds=l&xdt=1&iif=1&cor=14761453971653396000&adk=3062569611&idt=150&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 03:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 09 Jan 2024 03:36:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 83E6 31 KB
12 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37355
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 83E6 41 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 305994
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 18:05:08 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7E94 39 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 10:15:22 GMT

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 55 B
104 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 04:46:12 GMT
date: Tue, 26 Dec 2023 04:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8330
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 731 B
264 B 32ms
30ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 09:01:06 GMT
date: Tue, 19 Dec 2023 09:01:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597836
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 24 B
73 B 31ms
29ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 03:20:57 GMT
date: Tue, 26 Dec 2023 03:20:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 303 B
203 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 09:05:23 GMT
date: Tue, 19 Dec 2023 09:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597579
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdattached_style.css
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 26 B
75 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 09:02:13 GMT
date: Tue, 19 Dec 2023 09:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597769
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdtaparea_style.css
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 157 B
145 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 08:54:11 GMT
date: Tue, 19 Dec 2023 08:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598251
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 20 KB
6 KB 48ms
46ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 04:00:41 GMT
date: Tue, 26 Dec 2023 04:00:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11061
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6266
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 3 KB
1 KB 42ms
41ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 05:32:11 GMT
date: Mon, 25 Dec 2023 05:32:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 8 KB
3 KB 47ms
45ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 20:28:04 GMT
date: Mon, 25 Dec 2023 20:28:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38218
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3136
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 902D 120 KB
41 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Dec 2023 12:23:29 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 13 KB
4 KB 45ms
44ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 15:55:36 GMT
date: Tue, 19 Dec 2023 15:55:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 572966
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4427
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 5 KB
2 KB 43ms
42ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 04:46:12 GMT
date: Tue, 26 Dec 2023 04:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8330
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2014
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdattached_min.js Show response
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 1 KB
620 B 44ms
43ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 21 Dec 2024 08:29:25 GMT
date: Fri, 22 Dec 2023 08:29:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340537
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 590
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdtexthelper_min.js Show response
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 4 KB
2 KB 41ms
40ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 08:58:34 GMT
date: Tue, 19 Dec 2023 08:58:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597988
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1725
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdtaparea_min.js Show response
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 3 KB
1 KB 49ms
48ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 09:05:23 GMT
date: Tue, 19 Dec 2023 09:05:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597579
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1355
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdgpadataprovider_min.js Show response
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 3 KB
1 KB 50ms
48ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwdgpadataprovider_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 22 Dec 2024 04:25:03 GMT
date: Sat, 23 Dec 2023 04:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268799
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1485
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwddatabinder_min.js Show response
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 5 KB
2 KB 55ms
53ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwddatabinder_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 18:48:52 GMT
date: Mon, 25 Dec 2023 18:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44170
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2351
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwd-text-fitting.js Show response
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 5 KB
2 KB 57ms
55ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwd-text-fitting.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 15:55:36 GMT
date: Mon, 25 Dec 2023 15:55:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54566
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2038
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwd-dynamic-binders.js Show response
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 22 KB
9 KB 50ms
49ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/gwd-dynamic-binders.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdae14000f409e929efc6f3cfd785b90a939d22044705a48f1a3b5074620fc12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 07:32:52 GMT
date: Tue, 19 Dec 2023 07:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8917
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 29DA 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05c1e66033df62911f38a773dcb6b74fc4364dfb5dbba2a934c7d85765767b3d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B8D1 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41f6d8ee6b8bf9c45239c2a59ac26b2025ebb2d9e1d0dff436294d0f5bded646

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D681
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPJIUEyzLR4kZQ3axh6WSZs&google_push=AXcoOmRdvnPVkBuhRzRBbcG-OksXBQ6EEC4jEVXy3goTJuqengwO9m7BDu...

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPJIUEyzLR4kZQ3axh6WSZs&google_push=AXcoOmRdvnPVkBuhRzRBbcG-OksXBQ6EEC4jEVXy3goTJuqengwO9m7BDu48JH-qaZm67G_srjWmL_TOUm6IoLpe15O7anb2PWY88kU

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-mxp6959-MXP
pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1703574302.144165,VS0,VE97
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPJIUEyzLR4kZQ3axh6WSZs&google_push=AXcoOmRdvnPVkBuhRzRBbcG-OksXBQ6EEC4jEVXy3goTJuqengwO9m7BDu48JH-qaZm67G_srjWmL_TOUm6IoLpe15O7anb2PWY88kU
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D681
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEMM29nOFynNPduEFvPVIvCI&google_cver=1&google_push=AXcoOmS_kXlqPjJI-mDybN-pgZSSGcbwWgfQ0Wjc21aPGJ5J7tWCY3yce4Qg7B_dvVlEw7HTfZ53i...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS_kXlqPjJI-mDybN-pgZSSGcbwWgfQ0Wjc21aPGJ5J7tWCY3yce4Qg7B_dvVlEw7HTfZ53iRHTjY-zyP0Jifg-UxMbsGvTJkM

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS_kXlqPjJI-mDybN-pgZSSGcbwWgfQ0Wjc21aPGJ5J7tWCY3yce4Qg7B_dvVlEw7HTfZ53iRHTjY-zyP0Jifg-UxMbsGvTJkM

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 26 Dec 2023 07:05:02 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 638794A7BCCE4513AD9A0A7DB480FF90 Ref B: FRAEDGE1514 Ref C: 2023-12-26T07:05:02Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmS_kXlqPjJI-mDybN-pgZSSGcbwWgfQ0Wjc21aPGJ5J7tWCY3yce4Qg7B_dvVlEw7HTfZ53iRHTjY-zyP0Jifg-UxMbsGvTJkM
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYNZE0hcWGf/5vhKIR1Kw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D681
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPocpA1QHXArspNnMvw8V7M&google_cver=1&google_push=AXcoOmQNsiFCfGayGoWBYt3Zm3PPTVKke1e7s2iuWo7io6M5l5vfC_186TpUIHH3pBFJofCNwL0iFJsOsAQYSVQnTI1vbLS...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQNsiFCfGayGoWBYt3Zm3PPTVKke1e7s2iuWo7io6M5l5vfC_186TpUIHH3pBFJofCNwL0iFJsOsAQYSVQnTI1vbLSJZRU-PA&google_hm=eS1UTXpjTXRKRTJwR0ta...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQNsiFCfGayGoWBYt3Zm3PPTVKke1e7s2iuWo7io6M5l5vfC_186TpUIHH3pBFJofCNwL0iFJsOsAQYSVQnTI1vbLSJZRU-PA&google_hm=eS1UTXpjTXRKRTJwR0taSW5ZbXEwdm5BZlBZbGd1c2pYMX5B

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 26 Dec 2023 07:05:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQNsiFCfGayGoWBYt3Zm3PPTVKke1e7s2iuWo7io6M5l5vfC_186TpUIHH3pBFJofCNwL0iFJsOsAQYSVQnTI1vbLSJZRU-PA&google_hm=eS1UTXpjTXRKRTJwR0taSW5ZbXEwdm5BZlBZbGd1c2pYMX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D681
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOZrEoZivwZpWDyE9YqpuV4&google_cver=1&google_push=AXcoOmSKFgHtDH_-igINyM14UAASSYDp6iTTQPGyMJs6vIgsZwcHzZm1OsncUUGHqJhiK6FlzgiF7zKk...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOZrEoZivwZpWDyE9YqpuV4&google_cver=1&google_push=AXcoOmSKFgHtDH_-igINyM14UAASSYDp6iTTQPGyMJs6vIgsZwcHzZm1OsncUUGHqJhiK6Flzgi...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIxODM0NzkxODgxMTY3NzM2NQ&google_push=AXcoOmSKFgHtDH_-igINyM14UAASSYDp6iTTQPGyMJs6vIgsZwcHzZm1OsncUUGHqJhiK6FlzgiF7z...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIxODM0NzkxODgxMTY3NzM2NQ&google_push=AXcoOmSKFgHtDH_-igINyM14UAASSYDp6iTTQPGyMJs6vIgsZwcHzZm1OsncUUGHqJhiK6FlzgiF7zKkn-1LGsvoS4FO_ZSf9a8_j44

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTIxODM0NzkxODgxMTY3NzM2NQ&google_push=AXcoOmSKFgHtDH_-igINyM14UAASSYDp6iTTQPGyMJs6vIgsZwcHzZm1OsncUUGHqJhiK6FlzgiF7zKkn-1LGsvoS4FO_ZSf9a8_j44
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame D681 42 B
204 B 88ms
41ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEIq9RqAbKWzTPajerEqhMKM&google_cver=1&google_push=AXcoOmSOCBRE_64saqyZMf96-ZXLOeLKMk0srDwAegB0k22piHzQz5hFuJG2zdaxkASRD3DlcUMWtKJxdCMkmfw2G76R78zhPjiBUw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=1403818051&adf=3784560394&pi=t.aa~a.508635323~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=363x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=75
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D681
Redirect Chain

https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESENpscrN79pYtRXVYzN7FaLE&google_cver=1&google_push=AXcoOmQvbNQWVYYLqumQEcz8JhULs8OIVCwK6IYR_DWvdC-k-8XuRpitaUErqYQfPVKPeqW341eKEOVf...
https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESENpscrN79pYtRXVYzN7FaLE%26google_cver%3D1%26google_push%3DAXcoOmQvbNQWVYYLqumQEc...
https://rtb2-useast.e-volution.ai/sync?adkuid=A5513383713192395317&exchange=193&google_gid=CAESENpscrN79pYtRXVYzN7FaLE&google_cver=1&google_push=AXcoOmQvbNQWVYYLqumQEcz8JhULs8OIVCwK6IYR_DWvdC-k-8Xu...
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTU1MTMzODM3MTMxOTIzOTUzMTc&google_push=AXcoOmQvbNQWVYYLqumQEcz8JhULs8OIVCwK6IYR_DWvdC-k-8XuRpitaUErqYQfPVKPeqW341eKEOV...

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTU1MTMzODM3MTMxOTIzOTUzMTc&google_push=AXcoOmQvbNQWVYYLqumQEcz8JhULs8OIVCwK6IYR_DWvdC-k-8XuRpitaUErqYQfPVKPeqW341eKEOVfS5HABmi0Q0ReSJVtsIekImW4

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTU1MTMzODM3MTMxOTIzOTUzMTc&google_push=AXcoOmQvbNQWVYYLqumQEcz8JhULs8OIVCwK6IYR_DWvdC-k-8XuRpitaUErqYQfPVKPeqW341eKEOVfS5HABmi0Q0ReSJVtsIekImW4
Date: Tue, 26 Dec 2023 07:05:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D681
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDBzw_L-4IWhyxs74cdfpF4&google_cver=1&google_push=AXcoOmQv2Rt2A020ydyPNtNCHKvjU1qx0_lk-xK3ORp6NQHwIA-v3vUzOtowPkC70irDhtlHJ5EWgfij6fjxuGLaKL_ydIG...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQv2Rt2A020ydyPNtNCHKvjU1qx0_lk-xK3ORp6NQHwIA-v3vUzOtowPkC70irDhtlHJ5EWgfij6fjxuGLaKL_ydIGGkY9XLHqK&google_hm=MTI3NDE...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQv2Rt2A020ydyPNtNCHKvjU1qx0_lk-xK3ORp6NQHwIA-v3vUzOtowPkC70irDhtlHJ5EWgfij6fjxuGLaKL_ydIGGkY9XLHqK&google_hm=MTI3NDE1MTcxNDY2MTY3MzQzMw==

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQv2Rt2A020ydyPNtNCHKvjU1qx0_lk-xK3ORp6NQHwIA-v3vUzOtowPkC70irDhtlHJ5EWgfij6fjxuGLaKL_ydIGGkY9XLHqK&google_hm=MTI3NDE1MTcxNDY2MTY3MzQzMw==
Date: Tue, 26 Dec 2023 07:05:02 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D681 0
12 B 31ms
30ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LeDEkZBGaeflHQjbSdSibH27GDvA3kiLEZzcHDpJWkYX-5qP3cm1dqOPEOkT-ST0d5jWCrdx0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 27C3 115 KB
13 KB 37ms
37ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jfes3zj08e34e8seenyed041y90j7ds1kzcdsn320gabjjmerqq742ydtg7jvkwtehmd6q51pexd8cgp3dta1ax6c98k6ggvgmwnfznjecw281qgt9sktd4hqa808z4zm75pcvnk23ncrqwg689rzandn38agg7q1vdvnv6e1s788dty839we4bg4mcpbqwqhpgvnkvj4c1sgqd622182h55rcfvewhfpvdp5htt69j7w89yhsy2znyqec6z72kajvrftrb0nvj4hbzmjjhbh97k6n815c35w5r90n6p4qhmshcgz1n1t4mekp99k438k7n8yc692nd0wewerh5desfcmqff884tn72km27p9069qagd74kp4hx6bxk0bz62vms6rqzw0jtd5r30tp8ckqh4wq6v1888dhjcapms8v21ndqj568904b0hsq63m31d2crsc62g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%26client%3Dca-pub-4525684120003226%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1379920
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIfIOQKUtGIoXJuo16gky3TwSBKXFvxwtPHo4WttVSFnn68G5%2BueK7cKYzqiaCwPbLQSimFLUr8RTZty7wx%2BexpJAwNZjTfHQNfwjCxf1mO9zz5AFK3ZN6h%2F5IRrNtQuNa6sVMILnI4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b7791c0e773614-FRA
expires: Wed, 27 Dec 2023 07:05:02 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 27C3 24 KB
9 KB 58ms
41ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jfes3zj08e34e8seenyed041y90j7ds1kzcdsn320gabjjmerqq742ydtg7jvkwtehmd6q51pexd8cgp3dta1ax6c98k6ggvgmwnfznjecw281qgt9sktd4hqa808z4zm75pcvnk23ncrqwg689rzandn38agg7q1vdvnv6e1s788dty839we4bg4mcpbqwqhpgvnkvj4c1sgqd622182h55rcfvewhfpvdp5htt69j7w89yhsy2znyqec6z72kajvrftrb0nvj4hbzmjjhbh97k6n815c35w5r90n6p4qhmshcgz1n1t4mekp99k438k7n8yc692nd0wewerh5desfcmqff884tn72km27p9069qagd74kp4hx6bxk0bz62vms6rqzw0jtd5r30tp8ckqh4wq6v1888dhjcapms8v21ndqj568904b0hsq63m31d2crsc62g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%26client%3Dca-pub-4525684120003226%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 451487
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iU5%2BGgZ0piHu9%2BBzTIg0%2Bp7KwEGi8ekqx5wi4vxr7Rn9dF13x8qaheJx3qPhU0ps4Jls2AMFj%2FxvMZHWRqAuo9sLv6%2BSg7rgTeyxa7W5tn9XOWeUzR3%2FWnkWpiOd91%2F7D3fD3OE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 83b7791c2e9e3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 20 Dec 2023 09:17:07 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 7C15 115 KB
14 KB 33ms
33ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1khbc6085qxqbyvwghymzsnypth0t07c1n6qqtyvrdd632acmfej4dk060c6584bskfyzq59y7z7epetbne0rs27wke4q3cqnxqtyy63fk1jtbc27czntrnfrdfw5qp3ec1v2ta75q4n7k9xen6s9614qn97m1vj5xyky068v6e4w5jwv3p9aesbd6fwreav5kwb2k4tsta93zzg3n8br2j2kkd9jhnv3pwpp01zabheqemv5azq6t6p6rd1c049a02by572djekkjzc9x1apffh4ewzc107gdzwxch8gr7nef73qvvgs6mss3w8panwfgh84yv4zk5zd61w3f5gxemc0ax3vktanz6a2hky44w5aky0km9a37vt0gdw9531cpe4nka5ay6vh45tqp68ck5w4j3m8rzgrk4ndxj4fygssmg1snfk2hqk0bmtbaa41h8rt9eftr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5HP1HXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdJHRs3JNDERK-TYkjdRy33vMFVio1AQE_p6wmvr_fbX9ZTHUn-z8yCl9gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zZurvkJBg-QZv81Hpy8OuTpe5Lw%26client%3Dca-pub-4525684120003226%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1379920
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSgSJ1Qwd6rk3Tf1eBWyibJj5K9Bzkox1mBBzf73Gacn3shCJGsqxrUmaRpXka66EyPKmruDPw01AHNXZQdIR2i2iwHCseRFeMqpQG7Z7H3gvn9uFb%2FSoEAYvilWNy8K0oQ%2Fa0Dn0Ec%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b7791c0e7b3614-FRA
expires: Wed, 27 Dec 2023 07:05:02 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 7C15 24 KB
9 KB 47ms
32ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1khbc6085qxqbyvwghymzsnypth0t07c1n6qqtyvrdd632acmfej4dk060c6584bskfyzq59y7z7epetbne0rs27wke4q3cqnxqtyy63fk1jtbc27czntrnfrdfw5qp3ec1v2ta75q4n7k9xen6s9614qn97m1vj5xyky068v6e4w5jwv3p9aesbd6fwreav5kwb2k4tsta93zzg3n8br2j2kkd9jhnv3pwpp01zabheqemv5azq6t6p6rd1c049a02by572djekkjzc9x1apffh4ewzc107gdzwxch8gr7nef73qvvgs6mss3w8panwfgh84yv4zk5zd61w3f5gxemc0ax3vktanz6a2hky44w5aky0km9a37vt0gdw9531cpe4nka5ay6vh45tqp68ck5w4j3m8rzgrk4ndxj4fygssmg1snfk2hqk0bmtbaa41h8rt9eftr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5HP1HXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdJHRs3JNDERK-TYkjdRy33vMFVio1AQE_p6wmvr_fbX9ZTHUn-z8yCl9gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zZurvkJBg-QZv81Hpy8OuTpe5Lw%26client%3Dca-pub-4525684120003226%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 451487
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vNKbyHEE%2FzvH7R0Qs067V4mBFwJC84Ps%2Bp7mtI1f9wpQVsx2CzshJ3jedatgHzLxNkLZSVAExM6dcdhVJ%2Fc6oOBEw6ZFsk2UqwQMIod%2BrYnNSE83HzqlL%2FSrVb6GujhtsmLK1GI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 83b7791c2e9a3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 20 Dec 2023 09:17:07 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4E28
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOUt39Olqt5ba3NR3VQ0Rds&google_cver=1&google_push=AXcoOmQz41eiEAqQCNyFDHAGyhe4ZWH0a2E-SO2Q2JDGFrzobcZjQ7srWUwe4iDptMbkNMAOX5eFAXiFxDYtvYIoQKZ-etYlFxaVLM3f
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDQwMzk0NTI4ODMxMzU4MzkxNA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKvXpO9HmuAykr7744gT6Vo&google_cver=1

43 B
398 B

96ms
31ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKvXpO9HmuAykr7744gT6Vo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=3303847354&adf=1582290432&pi=t.aa~a.1227727605~rp.4&w=376&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=376x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280&nras=3&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=101
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKvXpO9HmuAykr7744gT6Vo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E28
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOY2KP09KrJPnCUoleg3ND4&google_cver=1&google_push=AXcoOmTB_UHbE7DWFxdMSQXXP9gDprl0gmzhO-fBlkMDtqVSi18ImXj...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=101bb70cbc1915b6&is_secure=true&networkId=14000&version=1&google_gid=CAESEOY2KP09KrJPnCUoleg3ND4&google_cver=1&google_push=AXcoOmTB_UHb...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIBSOwfVV8-ANftjcLAAAAAAA&expiration=1703660702&google_cver=1&is_secure=true&google_gid=CAESEOY2KP09KrJPnCUoleg3N...

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIBSOwfVV8-ANftjcLAAAAAAA&expiration=1703660702&google_cver=1&is_secure=true&google_gid=CAESEOY2KP09KrJPnCUoleg3ND4&google_push=AXcoOmTB_UHbE7DWFxdMSQXXP9gDprl0gmzhO-fBlkMDtqVSi18ImXjZgoNbNQh9K-UhK-y8cnWM8pJuvhTMoNtFayhByQYAnZswktyB

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAIBSOwfVV8-ANftjcLAAAAAAA&expiration=1703660702&google_cver=1&is_secure=true&google_gid=CAESEOY2KP09KrJPnCUoleg3ND4&google_push=AXcoOmTB_UHbE7DWFxdMSQXXP9gDprl0gmzhO-fBlkMDtqVSi18ImXjZgoNbNQh9K-UhK-y8cnWM8pJuvhTMoNtFayhByQYAnZswktyB
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 4E28
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESENZnxB9Fnl7_pfsznAQarCA&google_cver=1&google_push=AXcoOmRs_baQ9hvElTI0wD0s_ldHDS8im-WfqscCh1FRc6CWUxwFhC9dm-E2dLlL_4lW427rpCMlaO12wNDeannFifZERI7J5nrUg...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENZnxB9Fnl7_pfsznAQarCA&google_cver=1&google_push=AXcoOmRs_baQ9hvElTI0wD0s_ldHDS8im-WfqscCh1FRc6CWUxwFhC9dm-E2dLlL_4lW427rpCMlaO12wNDeannFifZERI7J5nr...

43 B
417 B

174ms
172ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENZnxB9Fnl7_pfsznAQarCA&google_cver=1&google_push=AXcoOmRs_baQ9hvElTI0wD0s_ldHDS8im-WfqscCh1FRc6CWUxwFhC9dm-E2dLlL_4lW427rpCMlaO12wNDeannFifZERI7J5nrUgS25&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRs_baQ9hvElTI0wD0s_ldHDS8im-WfqscCh1FRc6CWUxwFhC9dm-E2dLlL_4lW427rpCMlaO12wNDeannFifZERI7J5nrUgS25%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=3303847354&adf=1582290432&pi=t.aa~a.1227727605~rp.4&w=376&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=376x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280&nras=3&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=101
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83b7791d9f7365cd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 17
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENZnxB9Fnl7_pfsznAQarCA&google_cver=1&google_push=AXcoOmRs_baQ9hvElTI0wD0s_ldHDS8im-WfqscCh1FRc6CWUxwFhC9dm-E2dLlL_4lW427rpCMlaO12wNDeannFifZERI7J5nrUgS25&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRs_baQ9hvElTI0wD0s_ldHDS8im-WfqscCh1FRc6CWUxwFhC9dm-E2dLlL_4lW427rpCMlaO12wNDeannFifZERI7J5nrUgS25%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83b7791c6dae65cd-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E28
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEAfjJM29zdWKWyuK70syXMY&google_cver=1&google_push=AXcoOmTKNM7w62QNtS-nTO66NUu08w3AHH54U4bB0GrqvHAurezPWat8W_wYgjRf-RGNLjieBhLsvolLlTQ...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTKNM7w62QNtS-nTO66NUu08w3AHH54U4bB0GrqvHAurezPWat8W_wYgjRf-RGNLjieBhLsvolLlTQJ3C_ax_de6MdpJ37ZCgy-&google_hm=foyHsditQPelcdw3...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTKNM7w62QNtS-nTO66NUu08w3AHH54U4bB0GrqvHAurezPWat8W_wYgjRf-RGNLjieBhLsvolLlTQJ3C_ax_de6MdpJ37ZCgy-&google_hm=foyHsditQPelcdw3cl7OflY

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:01 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTKNM7w62QNtS-nTO66NUu08w3AHH54U4bB0GrqvHAurezPWat8W_wYgjRf-RGNLjieBhLsvolLlTQJ3C_ax_de6MdpJ37ZCgy-&google_hm=foyHsditQPelcdw3cl7OflY
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E28
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESENQlv-NRUEdNnZMhhKVl4f0&google_cver=1&google_push=AXcoOmRhP4jgs8G2Kahmnxj4XMv6qWF-jir-kfD78fhRO6o2N7tUSjXd3j0luevHZQsGnhCt1Mu5tSojW1EtW63k...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=D-LGv9OTTAUKezx0cvV2Cw&google_push=AXcoOmRhP4jgs8G2Kahmnxj4XMv6qWF-jir-kfD78fhRO6o2N7tUSjXd3j0luevHZQsGnhCt1Mu5tSojW1EtW63kOH6K6OTrwiqkM1o

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=D-LGv9OTTAUKezx0cvV2Cw&google_push=AXcoOmRhP4jgs8G2Kahmnxj4XMv6qWF-jir-kfD78fhRO6o2N7tUSjXd3j0luevHZQsGnhCt1Mu5tSojW1EtW63kOH6K6OTrwiqkM1o

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 26 Dec 2023 07:05:02 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=D-LGv9OTTAUKezx0cvV2Cw&google_push=AXcoOmRhP4jgs8G2Kahmnxj4XMv6qWF-jir-kfD78fhRO6o2N7tUSjXd3j0luevHZQsGnhCt1Mu5tSojW1EtW63kOH6K6OTrwiqkM1o
x-host: tde-deliveryengine-production-59dc4ccdb-qdnb4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E28
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEI_QwPvc_MFfT64YiGsiaOA&google_cver=1&google_push=AXcoOmSAKHg5kNHePw8DfcGXpvjZpUEcCa2C4Su8sPEe21AGgBfSRBqy7PS-1s7vUgD15KaWOjwumDIfT1_HCgR6F4bS58k...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSAKHg5kNHePw8DfcGXpvjZpUEcCa2C4Su8sPEe21AGgBfSRBqy7PS-1s7vUgD15KaWOjwumDIfT1_HCgR6F4bS58kYoElIMcKh&google_hm=eS1EcmJNbEo5RTJwRl...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSAKHg5kNHePw8DfcGXpvjZpUEcCa2C4Su8sPEe21AGgBfSRBqy7PS-1s7vUgD15KaWOjwumDIfT1_HCgR6F4bS58kYoElIMcKh&google_hm=eS1EcmJNbEo5RTJwRl9VRjRNVm9XTHYua2lXSDRLV3BGUn5B

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 26 Dec 2023 07:05:02 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSAKHg5kNHePw8DfcGXpvjZpUEcCa2C4Su8sPEe21AGgBfSRBqy7PS-1s7vUgD15KaWOjwumDIfT1_HCgR6F4bS58kYoElIMcKh&google_hm=eS1EcmJNbEo5RTJwRl9VRjRNVm9XTHYua2lXSDRLV3BGUn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4E28
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEIwi0K8A6RJifYgCMPGJv14&google_cver=1&google_push=AXcoOmSIfF4dk9M2x4DjTaTAErPMETcIz0iY47FInEB-_EXwdyU9_wcZqDQ8zMznP1MY8PZcl_CYR7a8gh_8NluwPyAPqTw...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEIwi0K8A6RJifYgCMPGJv14&google_cver=1&google_push=AXcoOmSIfF4dk9M2x4DjTaTAErPMETcIz0iY47FInEB-_EXwdyU9_wcZqDQ8zMznP1MY8PZcl_CYR7a8gh_8NluwPyAPq...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSIfF4dk9M2x4DjTaTAErPMETcIz0iY47FInEB-_EXwdyU9_wcZqDQ8zMznP1MY8PZcl_CYR7a8gh_8NluwPyAPqTwWhDXLzU8

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSIfF4dk9M2x4DjTaTAErPMETcIz0iY47FInEB-_EXwdyU9_wcZqDQ8zMznP1MY8PZcl_CYR7a8gh_8NluwPyAPqTwWhDXLzU8

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmSIfF4dk9M2x4DjTaTAErPMETcIz0iY47FInEB-_EXwdyU9_wcZqDQ8zMznP1MY8PZcl_CYR7a8gh_8NluwPyAPqTwWhDXLzU8
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4E28 0
12 B 34ms
33ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0wJlviXMf2lWNtKC8IQXKwUDyY0R5USaGk1XiIRPV0gnWNJHsMoxCwJb3j4pEsSDXegBQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame CC0E 115 KB
13 KB 36ms
26ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jc0ngz3as7czqwbh3vdamdaewqy7a0j18tn7yw44dpsrtr8b2zb1snye9h2582g3emgxx0das00spr7a0yekq010yzjxq1bbrjbfdyfyb1dmr17q2t7712j1rgambpnfxx37sarkx8x7z1zmfjrrrx988mbz6hq7fv8v5angzzch9k6wsmnv9vrmfb0gaay55e8txc2k7350pwje03m20jt4b81dzepa75fj1cfd8q6yrhzxvw6n6jtpsdwjsk5fy0k89622b80gf1t36cq2qdb8be76kee6m1d6qctyx3fbxmafsys3j3dvb2k6zhnref8awx0kr9pntej37pprk19nem1j08hjev5fh8a2hntdzeqgpkdctswpsfebt6am4j530g715r5607py271d4n5byx74ms5h25wz40y14mzedzmdxj69yme98r9w45n8tec68cfyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%26client%3Dca-pub-4525684120003226%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1379920
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auVvUeVVKbWfz1Rf9Vt%2FcvE1hE3u%2FS3gseW29iKrdwqod0zGw9HcpUVuXL2mvMFQTDeIvJ9Je2R%2FPUKJTtMiHKsT7oaTohtj2ySNUgoQRyyxPAq4YEpJlNPlgoUOsuRah3A8oBXZmUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b7791c1e873614-FRA
expires: Wed, 27 Dec 2023 07:05:02 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame CC0E 24 KB
10 KB 42ms
30ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1jc0ngz3as7czqwbh3vdamdaewqy7a0j18tn7yw44dpsrtr8b2zb1snye9h2582g3emgxx0das00spr7a0yekq010yzjxq1bbrjbfdyfyb1dmr17q2t7712j1rgambpnfxx37sarkx8x7z1zmfjrrrx988mbz6hq7fv8v5angzzch9k6wsmnv9vrmfb0gaay55e8txc2k7350pwje03m20jt4b81dzepa75fj1cfd8q6yrhzxvw6n6jtpsdwjsk5fy0k89622b80gf1t36cq2qdb8be76kee6m1d6qctyx3fbxmafsys3j3dvb2k6zhnref8awx0kr9pntej37pprk19nem1j08hjev5fh8a2hntdzeqgpkdctswpsfebt6am4j530g715r5607py271d4n5byx74ms5h25wz40y14mzedzmdxj69yme98r9w45n8tec68cfyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%26client%3Dca-pub-4525684120003226%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 451487
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bClgFF58r0GjN0%2BuybyfvYaHv2MQWLpHtbAITXFI%2B7hLAiYxkKI82N9zKSpAfiWqLvK2q6QWPzW2VGiqugh%2BXjYq1ZNf14tt%2B5XuBulqm%2BSjgZ1z1pvKsNsMgNntIEM4OMepecg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 83b7791c2e9c3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 20 Dec 2023 09:17:07 GMT

GET
DATA 200
OK truncated
/ Frame A7DA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54ca47ee4ad055d2ae39dbeb64e7c42a1afac5b5983bf10e9938c85dcb8025e2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C901
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBERBkKURYC2XSIhUjjCFLY&google_cver=1&google_push=AXcoOmROF-qoLuArl4O05TXY1cMhs5Y6zs7Vmxr7d3diqrSvVYKrHJB...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=27634bfc96b185a&is_secure=true&networkId=14000&version=1&google_gid=CAESEBERBkKURYC2XSIhUjjCFLY&google_cver=1&google_push=AXcoOmROF-qoL...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHtp_bSrKqzQM_AhNKAAAAAAA&expiration=1703660702&google_cver=1&is_secure=true&google_gid=CAESEBERBkKURYC2XSIhUjjCF...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHtp_bSrKqzQM_AhNKAAAAAAA&expiration=1703660702&google_cver=1&is_secure=true&google_gid=CAESEBERBkKURYC2XSIhUjjCFLY&google_push=AXcoOmROF-qoLuArl4O05TXY1cMhs5Y6zs7Vmxr7d3diqrSvVYKrHJB1nIMR1swwDWY0J6Vs9NKIAx0KN1i6TSNvu_4V8enkca7hIA

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHtp_bSrKqzQM_AhNKAAAAAAA&expiration=1703660702&google_cver=1&is_secure=true&google_gid=CAESEBERBkKURYC2XSIhUjjCFLY&google_push=AXcoOmROF-qoLuArl4O05TXY1cMhs5Y6zs7Vmxr7d3diqrSvVYKrHJB1nIMR1swwDWY0J6Vs9NKIAx0KN1i6TSNvu_4V8enkca7hIA
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame C901 42 B
94 B 79ms
42ms Image
image/gif 34.160.236.64
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEIL-mRz7wwDAHqcTp4kNDzg&google_push=AXcoOmTfuEUX1X5G4IqIHUtph4t5ePcJQTpsQAZqJN0lV2p9Hh-Eoo4AjGre0o6hka0wRI3qF3VSWroCkJdGrJ3Hm-KZrVGC4l-Vkic&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=2492854786&adf=113491572&pi=t.aa~a.4074808907~rp.1&w=376&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=376x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280%2C376x280%2C384x280%2C321x250&nras=6&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=117
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 64.236.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C901
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESECSg-PRl7XXVfWhkJw10iPo&c_param1=AXcoOmRviizOGrblUNTkg_xC3JyE8NzUKP_JknDKWcLpiYrfEs8BOSnEB1c9KxCsWkgsGj6adAPTs0eoC5NkqEt8ic5cLO9DwOqhmVE&gdpr=%%GDPR...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRviizOGrblUNTkg_xC3JyE8NzUKP_JknDKWcLpiYrfEs8BOSnEB1c9KxCsWkgsGj6adAPTs0eoC5NkqEt8ic5cLO9DwOqhmVE

170 B
188 B

35ms
35ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRviizOGrblUNTkg_xC3JyE8NzUKP_JknDKWcLpiYrfEs8BOSnEB1c9KxCsWkgsGj6adAPTs0eoC5NkqEt8ic5cLO9DwOqhmVE

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRviizOGrblUNTkg_xC3JyE8NzUKP_JknDKWcLpiYrfEs8BOSnEB1c9KxCsWkgsGj6adAPTs0eoC5NkqEt8ic5cLO9DwOqhmVE
date: Tue, 26 Dec 2023 07:05:02 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C901
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJ_At6h-rlp5VZ0Rx3stmfM&google_cver=1&google_push=AXcoOmQYVFnfooHb9oFGEieDCWAlwHjdgxsn1PONcMOk_1zYoNg8derg9nLIdHW_qNQp6LXfFganpU_Puw9meVA...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=hyPmtSl3USlcCUjwoPcKO5VYG1Y&google_push=AXcoOmQYVFnfooHb9oFGEieDCWAlwHjdgxsn1PONcMOk_1zYoNg8derg9nLIdHW_qNQp6LXfFganpU_Puw9meV...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=hyPmtSl3USlcCUjwoPcKO5VYG1Y&google_push=AXcoOmQYVFnfooHb9oFGEieDCWAlwHjdgxsn1PONcMOk_1zYoNg8derg9nLIdHW_qNQp6LXfFganpU_Puw9meVAxqowf6EWDpvTkzzY

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=hyPmtSl3USlcCUjwoPcKO5VYG1Y&google_push=AXcoOmQYVFnfooHb9oFGEieDCWAlwHjdgxsn1PONcMOk_1zYoNg8derg9nLIdHW_qNQp6LXfFganpU_Puw9meVAxqowf6EWDpvTkzzY
Date: Tue, 26 Dec 2023 07:05:02 GMT
Connection: keep-alive
Content-Length: 245
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C901
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPVP4HmGzTgpAIGAN7nqFs8&google_cver=1&google_push=AXcoOmQH2n4YbiZre5B3CTpbnOzpyuKqbkhL2r8aW0m_Ibdhg77ON7qRK420kXg95l72s8GNuXzu6UfM1pQB...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQH2n4YbiZre5B3CTpbnOzpyuKqbkhL2r8aW0m_Ibdhg77ON7qRK420kXg95l72s8GNuXzu6UfM1pQBGvTMSA59Ry4-hwBXp3w

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQH2n4YbiZre5B3CTpbnOzpyuKqbkhL2r8aW0m_Ibdhg77ON7qRK420kXg95l72s8GNuXzu6UfM1pQBGvTMSA59Ry4-hwBXp3w

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQH2n4YbiZre5B3CTpbnOzpyuKqbkhL2r8aW0m_Ibdhg77ON7qRK420kXg95l72s8GNuXzu6UfM1pQBGvTMSA59Ry4-hwBXp3w
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C901
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEInyuGHKLvcQvC2H1s3w-yM&google_cver=1&google_push=AXcoOmTZHBTSdzzGbkKrS-Cb7FyB0ZLTnikhLnQZDHQYLkwBdNReUQ8hjvfSYVtyrbofP5JNi4xaEdFjxrAqFT_Pp56Cvng...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTZHBTSdzzGbkKrS-Cb7FyB0ZLTnikhLnQZDHQYLkwBdNReUQ8hjvfSYVtyrbofP5JNi4xaEdFjxrAqFT_Pp56CvngrLsp1euM2&google_hm=MzYyMjI...

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTZHBTSdzzGbkKrS-Cb7FyB0ZLTnikhLnQZDHQYLkwBdNReUQ8hjvfSYVtyrbofP5JNi4xaEdFjxrAqFT_Pp56CvngrLsp1euM2&google_hm=MzYyMjIzODI1NjEyNDk3MTEyNw==

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmTZHBTSdzzGbkKrS-Cb7FyB0ZLTnikhLnQZDHQYLkwBdNReUQ8hjvfSYVtyrbofP5JNi4xaEdFjxrAqFT_Pp56CvngrLsp1euM2&google_hm=MzYyMjIzODI1NjEyNDk3MTEyNw==
Date: Tue, 26 Dec 2023 07:05:02 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

dot.gif
s0.2mdn.net/ Frame C901
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESEO0mI8EalXuLnjmPFb4I4S8&google_cver=1&google_push=AXcoOmR8krz-t20fu_sySdDqyr1MDfpIx1ynzTl5HgmBjLXDw7teTcYzAh1-BPDQk9CHsJTj_2EIn72YtQNmWjDD6o6B...
https://sync.gonet-ads.com/match/google?google_gid=CAESEO0mI8EalXuLnjmPFb4I4S8&google_cver=1&google_push=AXcoOmR8krz-t20fu_sySdDqyr1MDfpIx1ynzTl5HgmBjLXDw7teTcYzAh1-BPDQk9CHsJTj_2EIn72YtQNmWjDD6o6B...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NmQ2Y2U1N2EwYzYxYWE0Mg&google_push=AXcoOmR8krz-t20fu_sySdDqyr1MDfpIx1ynzTl5HgmBjLXDw7teTcYzAh1-BPDQk9CHsJTj_2EIn72YtQNmWjDD6o6BYtm...
https://sync.gonet-ads.com/match/google
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=NmQ2Y2U1N2EwYzYxYWE0Mg&google_push=
https://s0.2mdn.net/dot.gif?google_error=5

43 B
73 B

23ms
23ms

Image
image/gif

2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_error=5

Requested by

Protocol

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 19:43:08 GMT
x-content-type-options: nosniff
age: 40914
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Dec 2023 19:43:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/dot.gif?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C901 0
12 B 34ms
31ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-oZGxsPQpS-vm2yrLRbBNDbNCfqtUrHuBmyo2qdvz_q3XOKVkCob4EHtMZvh9od50BXyFtxU

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 32C9 115 KB
13 KB 44ms
38ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gjdpfkd8nhgsgygpp1t0gsacyjt6hyafpmbrgngq1mdb191bnatg8bew0v5rdzpv3cpxpzww8kg6nh10zvh2t01w8vy7b2n65bnan4t9j292m4zq3qy1ytqyecm6sy5cx6cmzvedw4r3n7frbjwr0htw6pnew5cem2xefv9vxdknx1f1y4nyaxcxcrndmj3jrs9v98hwh8ys9qj43njasdq5ykd1vgmm147s3740akbm4pa08cmter508v8s733sw02ckmpazeykj66r7szae7nxdfjftsnd0d5b2wd4w58mpbczeyrb3dd07g7hy8x46xecw97v6x3ggdx1ep8nk11nqqytqfw04qgdmaw5xfxya9ft9x1gzamcybaww97eqrfyyenfhkxbv48s6dege7x8je2mgs9n62cqzeawje2abetyr3yhfepe7asd95zfg345hzp7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%26client%3Dca-pub-4525684120003226%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1379920
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BHXZV4AztRnoB0OEC4Kx3O4KR79PX8p5a5pC5pwd%2B6YwHrTI95UpJWNO9RDV33T54MrF1b9BrRdzXROeuVW02O2xFGel2w5ZXNdpMJIimlIjZKYdzPWQ7dU8NFtXtgEQFvQDakBtrc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b7791c2e923614-FRA
expires: Wed, 27 Dec 2023 07:05:02 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 32C9 24 KB
9 KB 40ms
33ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gjdpfkd8nhgsgygpp1t0gsacyjt6hyafpmbrgngq1mdb191bnatg8bew0v5rdzpv3cpxpzww8kg6nh10zvh2t01w8vy7b2n65bnan4t9j292m4zq3qy1ytqyecm6sy5cx6cmzvedw4r3n7frbjwr0htw6pnew5cem2xefv9vxdknx1f1y4nyaxcxcrndmj3jrs9v98hwh8ys9qj43njasdq5ykd1vgmm147s3740akbm4pa08cmter508v8s733sw02ckmpazeykj66r7szae7nxdfjftsnd0d5b2wd4w58mpbczeyrb3dd07g7hy8x46xecw97v6x3ggdx1ep8nk11nqqytqfw04qgdmaw5xfxya9ft9x1gzamcybaww97eqrfyyenfhkxbv48s6dege7x8je2mgs9n62cqzeawje2abetyr3yhfepe7asd95zfg345hzp7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%26client%3Dca-pub-4525684120003226%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 451487
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXBGSDS1bjnltUJ%2Bdh0pl0mCNEfJZ%2BDMQ79ZZ9cEVN67l%2BBzO1j0vyyqpTr5VRnEUtpiP28H3Xu6bXbYrnQgLTA8beymH2Ia9nayIgxK1MvoSJrDwusX1HZiPpFg0sKCTOFPF54%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 83b7791c2e9d3614-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 20 Dec 2023 09:17:07 GMT

GET
DATA 200
OK truncated
/ Frame 9E1A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 72f454f3dcc5ccd7098ac0b05d1fe8e742ee14a2c709c7149919c952594e0590

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CD4
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHuttdUOrIfvh22ICGwUL1A&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEHuttdUOrIfvh22ICGwUL1A&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eWtMVUM4R1kxUmkxdVM1&google_gid=CAESEHuttdUOrIfvh22ICGwUL1A&google_cver=1&google_push=AXcoOmQDfCV5tmZSSywbPgzfknrpI2vk6jJnGw1eF3RWqGR...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eWtMVUM4R1kxUmkxdVM1&google_gid=CAESEHuttdUOrIfvh22ICGwUL1A&google_cver=1&google_push=AXcoOmQDfCV5tmZSSywbPgzfknrpI2vk6jJnGw1eF3RWqGR2CvuNJgNi-A4LbNDmOJL-QY9pL_5oRAdE5xOG0sR5KfktBFla3b_0I0g

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 26 Dec 2023 07:05:01 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=eWtMVUM4R1kxUmkxdVM1&google_gid=CAESEHuttdUOrIfvh22ICGwUL1A&google_cver=1&google_push=AXcoOmQDfCV5tmZSSywbPgzfknrpI2vk6jJnGw1eF3RWqGR2CvuNJgNi-A4LbNDmOJL-QY9pL_5oRAdE5xOG0sR5KfktBFla3b_0I0g
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 8CD4 70 B
149 B 154ms
47ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEImCZGMi7nR5A_1aTnxf8uM&google_cver=1&google_push=AXcoOmQURUdrfxBqKEV-rXK6THnA04KIQRKR94oxsOajjMRaqN4_ueqd4cjQt_ghKRCMTmu7hWNHRx_-hsTZIdkfwFcOLAexLDL83dA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=280808517&adf=501350246&pi=t.aa~a.3437311115~rp.3&w=384&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=384x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1088&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280%2C376x280&nras=4&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=615&ady=1664&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=111
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CD4
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEP0Jac2mPKqH_pee_eZj1oI&google_cver=1&google_push=AXcoOmRSvA6CELfiWp6UWEemY91SYKZ-VHiD-sSSU9FpDbCpF5IQzrpb4bczQvL8R_8gQhtG0LfeiO7...
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEP0Jac2mPKqH_pee_eZj1oI&google_cver=1&google_push=AXcoOmRSvA6CELfiWp6UWEemY91SYKZ-VHiD-sSSU9FpDbCpF5IQzrpb4bczQvL8R_8gQ...
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=3i6wdpf8R_2k01xwwtNSw2WKex4

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=3i6wdpf8R_2k01xwwtNSw2WKex4

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=3i6wdpf8R_2k01xwwtNSw2WKex4
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CD4
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESECR7D8MkfGLlq0MTQUlDbvk&google_cver=1&google_push=AXcoOmRit2Fefbo-QG5BAuPHFdr5_9UmgsS28iaVJ2YwJO5_XVSSljctiKN--SXropMLbk623P8k2DvKZeuDiWabLr9wHMO4p...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=869334896357&us_privacy=1---

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=869334896357&us_privacy=1---

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=869334896357&us_privacy=1---
content-length: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 8CD4 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CD4
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEBRvIJ7Dl3bOe7zDYn4n8AM&google_cver=1&google_push=AXcoOmQwNRz-mq0fMicEo8MGZHaDEEum8dFXhMvV4MwnnSTlR018f2OY2fcUYbBRmUXDEra8W93OizuN_ZoZZzXjmrO2UUY...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQwNRz-mq0fMicEo8MGZHaDEEum8dFXhMvV4MwnnSTlR018f2OY2fcUYbBRmUXDEra8W93OizuN_ZoZZzXjmrO2UUYibGJqqiVk&google_hm=MzUzMjU...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQwNRz-mq0fMicEo8MGZHaDEEum8dFXhMvV4MwnnSTlR018f2OY2fcUYbBRmUXDEra8W93OizuN_ZoZZzXjmrO2UUYibGJqqiVk&google_hm=MzUzMjUwNTc0NTU2NTcyNTMzOQ==

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmQwNRz-mq0fMicEo8MGZHaDEEum8dFXhMvV4MwnnSTlR018f2OY2fcUYbBRmUXDEra8W93OizuN_ZoZZzXjmrO2UUYibGJqqiVk&google_hm=MzUzMjUwNTc0NTU2NTcyNTMzOQ==
Date: Tue, 26 Dec 2023 07:05:02 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8CD4
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmQAib2F8AQbsXVe8dKOIuUMP7QLiqTA8AVZxEl3mOUvpLR5Q5el43cKCit5vzgdATZIdi4yEYmXf3zzklnwBXo9cZXTwY57RD8&google_gid=CAESEEafCHPNx4...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEafCHPNx47rh45ugShpNQ4&google_hm=T1BVYTJkNDY3ZjU1ZWQ1NGI1YWE2Njk0NzM2YjAwNmRkNTQ&google_nid=opera_norway_as&google_push=AXcoOmQAib2F...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEafCHPNx47rh45ugShpNQ4&google_hm=T1BVYTJkNDY3ZjU1ZWQ1NGI1YWE2Njk0NzM2YjAwNmRkNTQ&google_nid=opera_norway_as&google_push=AXcoOmQAib2F8AQbsXVe8dKOIuUMP7QLiqTA8AVZxEl3mOUvpLR5Q5el43cKCit5vzgdATZIdi4yEYmXf3zzklnwBXo9cZXTwY57RD8

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEEafCHPNx47rh45ugShpNQ4&google_hm=T1BVYTJkNDY3ZjU1ZWQ1NGI1YWE2Njk0NzM2YjAwNmRkNTQ&google_nid=opera_norway_as&google_push=AXcoOmQAib2F8AQbsXVe8dKOIuUMP7QLiqTA8AVZxEl3mOUvpLR5Q5el43cKCit5vzgdATZIdi4yEYmXf3zzklnwBXo9cZXTwY57RD8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 327
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8CD4 0
12 B 33ms
32ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JJUbalCi4wQl23B8k2-HqjERAJVuoxlv8cwXvSAUCJ1LjgfmW9ZWxCqRnZBEYzCt4Y4hm6pUvJ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8512166502049628260/ Frame 4BBF 72 KB
20 KB 34ms
34ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8512166502049628260/index.html?e=69&leftOffset=0&topOffset=0&c=Qzh5vFBy6C&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e735fb7a473ff8cf5f99dc8f487e6c0f8d9c9916888e865d15c1910a882ec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:02 GMT
expires: Wed, 25 Dec 2024 07:05:02 GMT
last-modified: Wed, 25 Oct 2023 13:50:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9982 0
0 147ms
69ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsupauqLfq7nclt5Lg3evQvROve5dlB2WduQvaTTTjp_nnMZuoIW1Yhc0wfjtPqG_4YYA3Qcyv7CAjQ_YT9rYu45renLJjMb_eBEFupY0_8OhkEXVPTac-anGJ3Tt-3pIubYYewYvdDrhyd30kbbKGvTTDsHZau1J4IBlixRCtObUKJ4WVNm8mtDTxCkVrwnOViL-HlLLx4a12UPdU7YvOOf87QUAdmHV5K-DBc3CaYjas7FtVF_OQ5_N0UJdtz8WBBZqXyee80pRdYPngk6xg3mBeynEBMAIQ2Fj3iUmVIsm-GwTxkBdBReAwZX1Nje8BfE2OxDZZwLQKq65xhI_IK3L98iwKFrx1ifISdWzryMxJtByxxIPiM38WpDRedxD0X36rb14nphlDZDOR6ixJR2earEpGHO1HKAyxzBYiAUclWYVO1hWnPTCakTldH41UjVSBFv2B4_2jxdTL0YQ2ugyDIcu6t3dlGzEXY8GcDm7T2rBgfbvb6ke1DFpDtQGyTLYkBmdH6bwAvQTLc6L50liTsX1nONehbhtTo5L9EShkgQeijiELolBYeehkll0VlKh2nrsI6LbLr2iucv66DFgsoYxoMcTa4GQxSiVIDBBAUYfNQbdVZiK33wsppX_PwPIrJhwzcN1D-z5GIcTtqKf9MsToPf243OFmx2qB6yHL07DYV7wNc7_Ndp46E5o05oKCcYwEkOxC9zBExEVYiGqEifXIykviab09CSVS_1agbWTe9bFMhFg8w_oxxWrot4tb82OTT2zuMQQb-7Z4sxnKYwqMd4HuBHIJT-9dtk8d5MmyBPWUsfg7WLtiFdzHBEnCy2PlrjFqfzgsZbtZAP2pQq0X7j_1btuUksCZZu5txPbdpKiah0DiTuRQFHZz-R-uxxr5OnBaRmJGSmgplD6rv6INI1DZ9e5AWgG9uOUflZX5fF4qSkZMz_pjFrfgzqG-pqKGfGMFdC9irLuE0tJWDtfE0ckUiIcjqZ5Xl5STnj93DXLmaXDi7jhaJnxMAqeA9I9huw3GpxS0lAEFPzztD4cjsnzm5ZMMAQjh4s_S4cvdtPuAyeo4O4MrXA0zLAs_lwKWRjc9pCvtN9SB6gCmVIieP_z7jvpowZkCo1sISTdfdL6JiwcnGHKIr5CtAE7qBDlMHR6vQEIi7eYBWm_P2TX9LqiAbnBzBo6VytCJjT-KBL_FFMThbuRCg0LNgUpDAxrF-_rUPasuN2P3Pip52ZN5h-i6BpHOXqc2NdOeqnHujk-7FJfyWAIQj48kSoo1UfldQkD7-13Cf3Mc0psbogHPPhMz9SE28E0pJrxD4tvXYPizvVDrSpOrB6s2A&sai=AMfl-YQdYRxQ4TfOwKvVsdoDdCnGWsVDswftZXdgrLo1IU8sZro9KvzWfif0nDRQ43oZzPe30tIQpUFEFiBn5nV4tuoDhGZ-9JXxRduE0uRhrxmslQDndgXuMLLz4SfpX2FCdF0Dk7u2pf4QHhD_iavGi6P0ucbVhSYbyiiB1c-HGeSuqobxxDNe_TgpnzWvQa3ZYrjsYmiPDTo2pkfHEo4jTnHqUwf-5kWg4jZ3YAG9vChRLWvclKZFOwU4iSfp6qkxdmDnpVVR58FXQYDqKEa6Xm9FUJrr7HiMQIJnjw&sig=Cg0ArKJSzKtEoHM8mLtjEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=101&cbvp=1&cstd=97&cisv=r20231207.61884&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 202D 38 KB
13 KB 24ms
24ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

accept-ranges: bytes
age: 597095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:13:27 GMT
expires: Wed, 18 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A414 38 KB
13 KB 23ms
23ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

accept-ranges: bytes
age: 597095
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:13:27 GMT
expires: Wed, 18 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8512166502049628260/ Frame 4347 72 KB
20 KB 31ms
31ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8512166502049628260/index.html?e=69&leftOffset=0&topOffset=0&c=PqkQDIZN2x&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e735fb7a473ff8cf5f99dc8f487e6c0f8d9c9916888e865d15c1910a882ec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:02 GMT
expires: Wed, 25 Dec 2024 07:05:02 GMT
last-modified: Wed, 25 Oct 2023 13:50:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 83E6 0
0 99ms
69ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvgbwIEHpqQuFY0-xloNUTtX5K_SJX0eJl6AU3SeOFExKS-fXjdiBYLd-Of1bkOu-AlXPLgZQuSTCfWViqxF9SoEHsAlJDIoR_zwrVOCDryzXywSYDVrryy9DW4VR8brqWfCTWa_NjSakRLGtpo92ETSnjUkSitlBwUd8auz249NUdkvmlFgc5NR4WG3q2WzRxZ4igxuGlylnmkFfc-ZzlcQ7Ga2FjXXJ4M5TSZMxlHM0XnBgBw5YoF7lxpdBeF2VtOleqYRtXNofzPmRGsVr77xCKhDA5In8syDExVfwj4sWS09lbNdYkgmbVY74aBW4VPesijuAd9fuJFn2vkEIT6hXdGAqXqi5xBhTDFrjtiH8HGLpgJT3pMOGLTSiqW7J3qioUC_fXPQMmRq_g0kd3WdpIJ2XBcyap3cc3Wv_eUMs-TzmXShZlHGconFLeFhEp-mJDpvOzjFGkiceyUqrVImjtP3cUcZEwZfCrYs6GKQsNIA6YDZnuWHewccm6r3Epv83n5GZ87yEOWr1huvJuoCWqKxk5WfLR0Cly6fNJ7FK3I6mjQ12oEv2pqfgGfAwMkt66FhlYadeWA3zY-i032z49nmEcILVzBljEv4BXmqv14JppaRaoFSPil34ns6KxjutECIoX3tzCHMpZc9E3LZTmKPiALMOeDUJ9sLRj2OXlhNAd-_DIu37cHtacAO76-8SSCt7064oat8ceKZMCq13OPCBronSM-wpaeELfK19D5nvuQNctwhLjYXdtXH9z85wajfwO0dgehTwGTUSdIw_6_Gw8aYC5te0x37USFdSOv2uesZGN-PCjnMgdh3oPAniTvUG5sNQBJDJcmuC5Mh6qJcwtBSeRSA_UM-WWvG6yYB8Fu733hrSq_iQzG8Ym3nsumuCB7lznbqKf7cf3FFNe7sd45RaILMAtyK0RiZUM_gW2Od-nr1i2DDU0cJWApaoM-V8x9WkG_VblJx84tpMMHdwauOYRij3GyMnAuWafCxewlYSsUWbEenkjNnfgQxkbYGI13yANSCU8HlLR-5hcUd6ha7vo0d6n-cf-nHn1eEjHRsG2U4oX_UvEYa3hvllsbPXLT3Y8OMndD69wy23ENkY9rYApr_AZPzg33ws1DTNQsJv9nUcgliHg_o26NoYeFvHd2lNtlB4vVE_i2CWPo2OFs8F73b7VE_fWx7ORDuJO3H7JI0VBQe66_teMrcs3vjeOUyPqdENL76uKbP4TIDzj7_haOIf8mqK8eOyIYHEIc3CTq8qwXFM_Cfv6OeX8wppPEjSbRUq2t-68m1SBukqNTLc0f0uvdb3sk6MeOrFM3mvc5pYqiUmhusTE&sai=AMfl-YSuDejDDljexzcyOCvbHCg9RV3-VvSKEl8rbOmeAsc4uu2kdI3qR95Qe4y4g2AxuKlGNY4n_70qcDDOEpZWboU1_OCwPfIlWfZhakMOCGeIARtnAkK822OrloE5G4_YEf_10oYFkIwlqo6TMWWzupT0eE4pySmzzMIKPsFc-6-3ilCTFOQzBi0AYv_vaKVz28U1VkyTDIWMQxdfHn-JTErFkDOCIW3NUd59nMW6USmYa9E6S-W96uNLXVbQetg5_KgtwwMPs33826tUq1GBW0X8BoiE8Wpkq0qb9g&sig=Cg0ArKJSzOa59sRIqMpCEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=130&cbvp=1&cstd=126&cisv=r20231207.06438&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 4BBF 120 KB
41 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8512166502049628260/index.html?e=69&leftOffset=0&topOffset=0&c=Qzh5vFBy6C&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Dec 2023 12:23:29 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 4347 120 KB
41 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8512166502049628260/index.html?e=69&leftOffset=0&topOffset=0&c=PqkQDIZN2x&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 12:23:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Dec 2023 12:23:29 GMT

GET
H3 200 Gotham-Black.otf
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 22 KB
16 KB 29ms
28ms Font
font/otf 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/Gotham-Black.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://s0.2mdn.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 09:01:32 GMT
date: Tue, 19 Dec 2023 09:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597810
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15870
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Gotham-Book.otf
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 21 KB
15 KB 27ms
26ms Font
font/otf 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/Gotham-Book.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://s0.2mdn.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 22 Dec 2024 05:47:31 GMT
date: Sat, 23 Dec 2023 05:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263851
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15380
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Gotham-Bold.otf
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 21 KB
15 KB 24ms
24ms Font
font/otf 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/Gotham-Bold.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://s0.2mdn.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 05:27:02 GMT
date: Tue, 26 Dec 2023 05:27:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15057
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 NotoSans-Regular.otf
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 1 MB
424 KB 30ms
30ms Font
font/otf 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/NotoSans-Regular.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14097169669241079327/index.html?e=69&leftOffset=0&topOffset=0&c=iFwvL13BFN&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://s0.2mdn.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 18:32:00 GMT
date: Mon, 25 Dec 2023 18:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45182
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame CC0E 350 B
636 B 81ms
30ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2246923
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NiLBnAtI0R%2Bci4w8byAd80N6E8Fw4OuUexbmyTdS32yolOCuJyhTYl9F0s9QeqnTFK5b%2BX0zXiEuv2OHNm%2F0UedXcXfyURqT3O4ZU4zLW4etctR15x91DcfTqrMeZQgTOBJ8K6YDOIoYkztSZeYTyVBy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b7791dcbcd9004-FRA
expires: Fri, 29 Nov 2024 06:56:19 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 7C15 350 B
636 B 83ms
32ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2246923
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSP%2F1SrcJMm6jy7NMCg2u5aNijVkTxI06pn8J65UIzgSXokt1g2C6nASzCK%2B3Ij94CzR5RRKGCPVurPmi9VesvWf5WrnoqzDGcKSyTDx0o5h2YHKUo8EoN8Sr5x4WXCmENzo3gtZaxP%2FgCMumXGvvh0O"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b7791dcbcb9004-FRA
expires: Fri, 29 Nov 2024 06:56:19 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 32C9 350 B
632 B 83ms
32ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2246923
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ka3aZmAISuUhMQngF5o1gmT3d%2FPXRD8LoGE8qONuBnBD7TedBTlh1VPdNwpLv4htXjwkkc31WBloto7oKySeHe8StzHwX2mfcn0NljdRL9avInyhtKA68kBTaX5eyqJo3IO85b9Z05yi7IypNW6APbS2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b7791dcbcc9004-FRA
expires: Fri, 29 Nov 2024 06:56:19 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 202D 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 10:15:22 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 27C3 350 B
913 B 78ms
29ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2246923
alt-svc: h3=":443"; ma=86400
content-length: 350
last-modified: Mon, 20 Nov 2023 11:04:04 GMT
server: cloudflare
etag: "e7fc49b61cae983db8c3a1dccf923b93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEJBoos36xLmUT5JyVeHiDX4jxoy81%2BEQzs8ZcCj%2FsCHpWW9RWW%2B4aA1OJpoS6Ig6%2FxFQXcz0OuWDAVasuml8bRwpAYy%2BxlflwiIwfvEoGSTqrkJT%2FLlYbGZszq3acI7s2Lj2Ghs4oKKGRYorbLoRqg%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b7791dcbce9004-FRA
expires: Fri, 29 Nov 2024 06:56:19 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A414 39 KB
15 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 10:15:22 GMT

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 83B4 2 KB
1 KB 35ms
35ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

age: 704088
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 83b7791d89481c9f-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 26 Dec 2023 07:05:02 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNNI8mIYr9GpPkp66pq0r%2BDe4NoCZIwfFxLfYeNEcYUAgPdtEvBie1u6U2ao8pvlT7nYwc4luv35bSwKmRcBozxFc88a9XFA%2FC1Yg2CWJSuW0hOEAMPn948kGL6ZwAEfPG2cPDk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame C7E5 2 KB
2 KB 32ms
32ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

age: 704088
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 83b7791d894c1c9f-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 26 Dec 2023 07:05:02 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtdSTtF%2FvIvS9LFO2PjhnsTUJNc9tl4KIP6G8kSXwB7p7d6d9eOCVV4XrZqX0QN9gWyOu1GO4oQE82dVZg5GZ7r6EMDqxbR5hcYVeJpcW4KcxVA2%2FaAKT3ffM3Gtq6xIZ%2FRpU2U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame C3E8 2 KB
1 KB 34ms
34ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

age: 704088
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 83b7791d99541c9f-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 26 Dec 2023 07:05:02 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rv9cN7lvLAeGYsJgMGXH%2BUc%2F1XwLGZ1WgOr3Zh9GKSe%2BjG1FJCLFeTUppW62%2BJ7v08%2F8v62LxQMlgnmf3xheJPFCM%2BdE5EklXFsN2wfLPrbJ3SLt2CfsjpqfodVTQ9EsxbfWfgQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie-frame.html Show response
ad4m.at/ Frame 0EEA 2 KB
1 KB 32ms
32ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

age: 704088
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 83b7791d995a1c9f-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 26 Dec 2023 07:05:02 GMT
expires: Wed, 29 Nov 2023 11:19:10 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kR5vL%2FfbiagPIxdCt224Grwc8h9aLv3VeiOhsmCTN%2FPQ0RwkbycAczfTUpLO3i5DWlxWM5wDaD0%2F3Zi64y0YxEJpJqZO4JwrnpDAtVJ3OtP99RqDBRon0P9ZEYAOCq0XvOapQOs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9982 0
0 61ms
60ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsupauqLfq7nclt5Lg3evQvROve5dlB2WduQvaTTTjp_nnMZuoIW1Yhc0wfjtPqG_4YYA3Qcyv7CAjQ_YT9rYu45renLJjMb_eBEFupY0_8OhkEXVPTac-anGJ3Tt-3pIubYYewYvdDrhyd30kbbKGvTTDsHZau1J4IBlixRCtObUKJ4WVNm8mtDTxCkVrwnOViL-HlLLx4a12UPdU7YvOOf87QUAdmHV5K-DBc3CaYjas7FtVF_OQ5_N0UJdtz8WBBZqXyee80pRdYPngk6xg3mBeynEBMAIQ2Fj3iUmVIsm-GwTxkBdBReAwZX1Nje8BfE2OxDZZwLQKq65xhI_IK3L98iwKFrx1ifISdWzryMxJtByxxIPiM38WpDRedxD0X36rb14nphlDZDOR6ixJR2earEpGHO1HKAyxzBYiAUclWYVO1hWnPTCakTldH41UjVSBFv2B4_2jxdTL0YQ2ugyDIcu6t3dlGzEXY8GcDm7T2rBgfbvb6ke1DFpDtQGyTLYkBmdH6bwAvQTLc6L50liTsX1nONehbhtTo5L9EShkgQeijiELolBYeehkll0VlKh2nrsI6LbLr2iucv66DFgsoYxoMcTa4GQxSiVIDBBAUYfNQbdVZiK33wsppX_PwPIrJhwzcN1D-z5GIcTtqKf9MsToPf243OFmx2qB6yHL07DYV7wNc7_Ndp46E5o05oKCcYwEkOxC9zBExEVYiGqEifXIykviab09CSVS_1agbWTe9bFMhFg8w_oxxWrot4tb82OTT2zuMQQb-7Z4sxnKYwqMd4HuBHIJT-9dtk8d5MmyBPWUsfg7WLtiFdzHBEnCy2PlrjFqfzgsZbtZAP2pQq0X7j_1btuUksCZZu5txPbdpKiah0DiTuRQFHZz-R-uxxr5OnBaRmJGSmgplD6rv6INI1DZ9e5AWgG9uOUflZX5fF4qSkZMz_pjFrfgzqG-pqKGfGMFdC9irLuE0tJWDtfE0ckUiIcjqZ5Xl5STnj93DXLmaXDi7jhaJnxMAqeA9I9huw3GpxS0lAEFPzztD4cjsnzm5ZMMAQjh4s_S4cvdtPuAyeo4O4MrXA0zLAs_lwKWRjc9pCvtN9SB6gCmVIieP_z7jvpowZkCo1sISTdfdL6JiwcnGHKIr5CtAE7qBDlMHR6vQEIi7eYBWm_P2TX9LqiAbnBzBo6VytCJjT-KBL_FFMThbuRCg0LNgUpDAxrF-_rUPasuN2P3Pip52ZN5h-i6BpHOXqc2NdOeqnHujk-7FJfyWAIQj48kSoo1UfldQkD7-13Cf3Mc0psbogHPPhMz9SE28E0pJrxD4tvXYPizvVDrSpOrB6s2A&sai=AMfl-YQdYRxQ4TfOwKvVsdoDdCnGWsVDswftZXdgrLo1IU8sZro9KvzWfif0nDRQ43oZzPe30tIQpUFEFiBn5nV4tuoDhGZ-9JXxRduE0uRhrxmslQDndgXuMLLz4SfpX2FCdF0Dk7u2pf4QHhD_iavGi6P0ucbVhSYbyiiB1c-HGeSuqobxxDNe_TgpnzWvQa3ZYrjsYmiPDTo2pkfHEo4jTnHqUwf-5kWg4jZ3YAG9vChRLWvclKZFOwU4iSfp6qkxdmDnpVVR58FXQYDqKEa6Xm9FUJrr7HiMQIJnjw&sig=Cg0ArKJSzKtEoHM8mLtjEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=333&vt=11&dtpt=232&dett=3&cstd=97&cisv=r20231207.61884&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9982 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2059efe10edadd90e619f86f7559c0f8a4263f52a07442783b00efd38ffde9b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 902D 8 KB
6 KB 66ms
65ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c217f2ca39d9c4f8be58f3afa83182757f37042c904260cf592d158d9fcdd6ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5842
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 83E6 0
0 62ms
62ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvgbwIEHpqQuFY0-xloNUTtX5K_SJX0eJl6AU3SeOFExKS-fXjdiBYLd-Of1bkOu-AlXPLgZQuSTCfWViqxF9SoEHsAlJDIoR_zwrVOCDryzXywSYDVrryy9DW4VR8brqWfCTWa_NjSakRLGtpo92ETSnjUkSitlBwUd8auz249NUdkvmlFgc5NR4WG3q2WzRxZ4igxuGlylnmkFfc-ZzlcQ7Ga2FjXXJ4M5TSZMxlHM0XnBgBw5YoF7lxpdBeF2VtOleqYRtXNofzPmRGsVr77xCKhDA5In8syDExVfwj4sWS09lbNdYkgmbVY74aBW4VPesijuAd9fuJFn2vkEIT6hXdGAqXqi5xBhTDFrjtiH8HGLpgJT3pMOGLTSiqW7J3qioUC_fXPQMmRq_g0kd3WdpIJ2XBcyap3cc3Wv_eUMs-TzmXShZlHGconFLeFhEp-mJDpvOzjFGkiceyUqrVImjtP3cUcZEwZfCrYs6GKQsNIA6YDZnuWHewccm6r3Epv83n5GZ87yEOWr1huvJuoCWqKxk5WfLR0Cly6fNJ7FK3I6mjQ12oEv2pqfgGfAwMkt66FhlYadeWA3zY-i032z49nmEcILVzBljEv4BXmqv14JppaRaoFSPil34ns6KxjutECIoX3tzCHMpZc9E3LZTmKPiALMOeDUJ9sLRj2OXlhNAd-_DIu37cHtacAO76-8SSCt7064oat8ceKZMCq13OPCBronSM-wpaeELfK19D5nvuQNctwhLjYXdtXH9z85wajfwO0dgehTwGTUSdIw_6_Gw8aYC5te0x37USFdSOv2uesZGN-PCjnMgdh3oPAniTvUG5sNQBJDJcmuC5Mh6qJcwtBSeRSA_UM-WWvG6yYB8Fu733hrSq_iQzG8Ym3nsumuCB7lznbqKf7cf3FFNe7sd45RaILMAtyK0RiZUM_gW2Od-nr1i2DDU0cJWApaoM-V8x9WkG_VblJx84tpMMHdwauOYRij3GyMnAuWafCxewlYSsUWbEenkjNnfgQxkbYGI13yANSCU8HlLR-5hcUd6ha7vo0d6n-cf-nHn1eEjHRsG2U4oX_UvEYa3hvllsbPXLT3Y8OMndD69wy23ENkY9rYApr_AZPzg33ws1DTNQsJv9nUcgliHg_o26NoYeFvHd2lNtlB4vVE_i2CWPo2OFs8F73b7VE_fWx7ORDuJO3H7JI0VBQe66_teMrcs3vjeOUyPqdENL76uKbP4TIDzj7_haOIf8mqK8eOyIYHEIc3CTq8qwXFM_Cfv6OeX8wppPEjSbRUq2t-68m1SBukqNTLc0f0uvdb3sk6MeOrFM3mvc5pYqiUmhusTE&sai=AMfl-YSuDejDDljexzcyOCvbHCg9RV3-VvSKEl8rbOmeAsc4uu2kdI3qR95Qe4y4g2AxuKlGNY4n_70qcDDOEpZWboU1_OCwPfIlWfZhakMOCGeIARtnAkK822OrloE5G4_YEf_10oYFkIwlqo6TMWWzupT0eE4pySmzzMIKPsFc-6-3ilCTFOQzBi0AYv_vaKVz28U1VkyTDIWMQxdfHn-JTErFkDOCIW3NUd59nMW6USmYa9E6S-W96uNLXVbQetg5_KgtwwMPs33826tUq1GBW0X8BoiE8Wpkq0qb9g&sig=Cg0ArKJSzOa59sRIqMpCEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=337&vt=11&dtpt=207&dett=3&cstd=126&cisv=r20231207.06438&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 83E6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f2934b956f4839f93f401c44a753695de1d76dd457f52a832a45ddb2dbcd6ec

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame B50E 0
0 62ms
62ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssekJYEaFPiXV3BDcH75CHOCQy8uSRCzu-Q6-V2T3YbcloJBmSLOF-BYelqRazvNU6vNNVEaZwybZrEo7fx8ayXZrc_z-VNdTVYRFaXVhq3WlWp7s_xpLVI6hP-MWeHs5Z4Zwo-Tbx0BGrbJbUkTF4U3gNlCG1zG60Z7ortl2BCoYJJJBMOiurkifPS_zZ53ksNnWwaeskQy3uQxsnj_Wey1jVrO8tvFVRSMVqEyTiUj4z3HZgRSru9cf4UjEygwY-M0UiZGqcJEd1_UA2aLrETOfpNXIev9WddntjeQzBReikY2bWUeUiCNZ5dQieMnyvrsRjgcP4sWueCm-fcPVe7USiBSk4ly5kzcrrostlTaoIl0Oax7WwVADNc4xYhoCRvKQPlPhVogW_VZbLTpSyWGdXKyw2ALZFLJde3rLnj-D605FtSlhm6vaEQmwGlbLZdn7zdKQYC6ZccCcpca8PUCpp5L5x1M-0Xcn1JMEwDefYmL5U_XK5j8DLjwQyQEQFOQyW9bj6LHH4JRO_Ta1MgsHJUh7b8AflmLn4faY0wDYKHeCsQafw-k55YJaMCjyaJBrjP4rPppvUeVe7rKn6ZuDhSfaSpe-_LGEqS1c2coHgYqPnDV7l85X0giDN18kc1GiMjJy5iutfGG60TvKmxX7_aOA0A2IAYG8tRyk32BPbjhSh-JsvvsAKKww22qsjV96r0_iU_IWucjS1aJfYamj0AIZNno0OVCdjkXtcTyHuAKqzoksJCtmKe2jp6t5U7EChiKhYVjnswUs8YBjChbuvrpXjy36vsFVM5jxySdnE20Ec3yMeat5PEyIhXO5wch9F90YVcjtiCqiYGnoExR_VixIsmT3EksnaOAJ18ccsT3fNe4l0-pn9Cvw7-KhL--U7kwyrwHD2z3-8I_xfmD6Wk4LzJWfJYfqVB2XyOQ8H_dobwV5Jz23GEl5jqDfezuTvOUqxwxU1lFt_QD4ZNJVtutUzHsHG-enzMw9BmJWDIb02gfGUbqwPQqZ1dqd0mUMTnm3LPqto_FWfuHg1dhxYY7DEnC5W55C3OS1dc_u7tDt70yk-26ORQoJ0Cvmt6S0ggSqgsVYse7mw8jy1Wn0ySKvgkN0N_BUv-id1-20gzUzyv6Nzl4rXwHuHNObKQ28mr3gTqskTmYtj8l2FytJwvXPKlWhDEsAWyWf_42V4HG6frfKL_XwTsTTJ02f6LoON7Jp8SiKxf3du3xfhdNTV61GCO6LQJc7WZeqsXLIKlOIkW-H6xeLMhDU40BfPBGG2NDocm_Q32Angn_elOtc1XHa0JReqUGOulaRP6nIl-eD2uUrNDPs6NJiL_z11Lx-ZFMPxzjw2FqYe26qLIHYfp5DIeQd1206ShjcjdcrmP_LUKh4B7&sai=AMfl-YQdfWPMEZn9CbCmYbApkBISeNkmE0i-SPzbboKZWg2QHBJQHUiCbPxrpr4juU9mDHF7bgA3D2_IvSrhTyoh6cSUb9WXIRLUawDJd7M6G_ONL4TdDCSFowwNK4qdRsCb6sQT7gbdSsrgMRq7iCfM5Cl9hg6bQ8D9C0kzWDoqJ_5Qs-u5rWPBQQeVnsZlFIIMRzfmuepAJoHd3Pwpji4SWKVW645o-1cuozxy6KGhhxbODR_q60qa38n68K0tINLBnytnYXLgsRhjP5sH14C47X2RXE183vb2FPX8R1RH-gUCuvOHJSAkoCvg1I2fYi3hAVrFVuIqmqYpwS1y6zpxdxHKbCAZkKbfo_paUzR95uLBZI7Mt4ZE8FSjZHl4mxZ-UWxO0e5HZR9tPrxl2lQDZjOrjvO4smiCw0837OFYyc3_Nlbwdy1TlrRJAgroTnAgE2yMmHBuVfw9F9ORN6GgjXSAi-kWA9ZqSrjI2LeTHI7KzN0xUGsnVT0bbnQJ0wK6xqOKdw&sig=Cg0ArKJSzEX8JX4OhlVXEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9yYWRpc3NvbmhvdGVscy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=664&vt=11&dtpt=486&dett=3&cstd=173&cisv=r20231207.05439&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B8D1 0
19 B 64ms
64ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ca1eAHXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEuwFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdNPTkuCa9cMKMbECKwU-fYKeAVIF3iocTS551lgMgqvRfeQIAKw0gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDUyNTY4NDEyMDAwMzIyNhgA&sigh=o0hxsXqIxIw&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_seU6Q5oqQkzOEKtTlEwEn9-nM0oXteXc5nUSWqjmlgHP-_on9wkNt5b8SpcOrGHX2DykeQU2WhgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame B8D1 0
103 B 91ms
34ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k8r0ffhdv2esffddnxqamy1pbd5taxwqvbs3dn3jbke63wpe88ns175r4v9agby9wbzavzd2zts814rd8yb7fnxfwdtfwds9n7cr144fs04gs7yx6dq1gf8749n9f0r53cfeax0mwzg32733059z7djxay1y875zab6pxemffyjyjpg0f5bww6pwb46rd19qteqt2wqt7kk0gyz3hw4xyjwpn96vbz7xp42d8xh2dv1kfq3bgs5re84thdna82zrkyz60dn4mc5jjbqv1rfgf4y5bqeqz3n5vbpp67jnaaf0wqxzy7kr97s34ptzqzcnwvr4fvh6xdrdaxacvmmyz2kargg5emmt7k4p3wez2pmzm8e1mnwk69gb03ggp82n69cze6awp8gwzg&b=ZYp7HQAJymgIu8ZHAApdTgCR_VU9iX5WSPnsuw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=3303847354&adf=1582290432&pi=t.aa~a.1227727605~rp.4&w=376&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=376x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280&nras=3&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=1358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=101
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 26 Dec 2023 07:05:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9E1A 0
19 B 65ms
65ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3v0xHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEuwFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sQ7t4-yPMqbUhbTRsNybWubKcQAVrU2FvZn_mnsGEgenRrkny9c-gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDUyNTY4NDEyMDAwMzIyNhgA&sigh=1lfdOk18pa8&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_dukrFiFRiWv1pe472i3eIeiuWEJjuU2-VIkqoND4gi3474oLe6wf05a8vcmgRpSK_lEdDM8NGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 9E1A 0
39 B 86ms
35ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jq3wzv3c7yc57nz0re46m9xk9ktr3bpp842gsneqj7t9n6ka9axb7fhxy04htmx51pqptn5bjwh65tbpas61gqvyc9rd0zwaeastvbt350nfjxpf3xfssawdzq1zqm4b35rxjz70sh9mj01r619jfxzhr118pkz08cc66sx4x2n2fprrhd9m0q478w4y68ks5yr1chzpbva2vanryb9sccrd6mjn9f2cq65y6xg5439xbb214cfqsqaxb3sy23vgdsyeft84kgx0fzzfy8x8n7v547pmw227mq9g2d3te5w5b719es6xppv1kgekmhbpcyyy0420x11hm4rwy95ajrzth95g1cjsm8zr8rxz3yz0bnm14jwc39gf1hfh19fk2hj67wejj6rfe8&b=ZYp7HQAJ8XoH_aMvAAI740Ecq2vzB21y_WY5ew&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=280808517&adf=501350246&pi=t.aa~a.3437311115~rp.3&w=384&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=384x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1088&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280%2C376x280&nras=4&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=615&ady=1664&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 26 Dec 2023 07:05:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 902D 17 KB
6 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 26 Dec 2023 07:05:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A7DA 0
19 B 64ms
64ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeLtLHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEuwFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVUTPNsTCBoMcqfTXhGFna37jcJsmY-R10G9uVrB9t9bpPGXXHveRgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDUyNTY4NDEyMDAwMzIyNhgA&sigh=Z3lDojX95rk&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_SKtHvtZ9ycv_POrkPS_7bRnRsK-lCSRsxn4Wm4tqPkpkZiZbN4VkjFZONgwBV8Jea4bn5dTaGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame A7DA 0
39 B 83ms
35ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k933mxygcamjcxq7mpmq7kvfqcxmczdemn6b3vcvxzcw3nr4h0sy9z7vcy8rkftzxgt7xh0esdkxsh5r1cgqv5yzbry7j43krqazfvs8de27063wendgfvk93zfce8329a1k8jaq7vxkhpsgg2m9tp3rdrbgh6ph5fqmdds5pkmgt8je7091gcgk2fvqw8pnk73fgp7h0tdws0rg2vftmwvt34va8avmqprmczp29fn0hgdc789vm94mgd09121h6v2rh557p1fkaakd5kx1hnde0e7f4b0ywgmds7wwjz03efsw45ecxm2003nrfammvd3xh85s78cmx6bt6cgz9sgerw5djmqga6pp0a1bxndsv2dag2mx45tmq3kfhk9swqyr1fmd92bmh8&b=ZYp7HQAKBvgIu8OXAARrGfoYM9wuE94fAuK-9g&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=2492854786&adf=113491572&pi=t.aa~a.4074808907~rp.1&w=376&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=376x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C363x280%2C376x280%2C384x280%2C321x250&nras=6&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=2049&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=117
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 26 Dec 2023 07:05:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 29DA 0
19 B 70ms
69ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cs1f7HXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEuwFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxdIUYkDmzsnZBjFWm87pdmbUQWe3i8vRqNK7QedDzhYXjzAqI5iDgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDUyNTY4NDEyMDAwMzIyNhgA&sigh=Qr4zZAIKZ6w&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_C935B8ChwodxoTNpDJKpqprSL6d5DWBvRpG_Matz-s_U-WB6Fk4YMkKWbMjiJ9uzIa3su5GgURgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 29DA 0
39 B 69ms
35ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jv7933sag0sjcqpxdmx3cdf8f2401wmvcwxwyg5mrdzm2r41zjepennj2k7156pvns9efz6p164mnkgmcpfy1wsghj2z4angp2xkqfrdrhryqw8n0acdte854fdheecc8n45f5f7wrbzhnfdv6a64kj4avb18fhdc63c1xr6jxed0mjm154j72g1t3j7ag8yfs06thy2ke8pnh7f4mzs86x049dc3qzwjyj818tzpvr0s8sbwpx42g4herh0an6p3wkq7qp23qytmjcwy3f208294rdebvdr1nz18hr29cv32egnnhnfn9jb61har7tcxbvmssfzcqpt1vet7h3tz8c68vhtj2wfq4s7hdbn4v6d8h66wn4c13ynnzdfq8rrsdz0sz6gcz6q2g&b=ZYp7HQAJaaIH_avOAAqGwn6XxG3zP81F2mqB5g&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4525684120003226&output=html&h=280&adk=1403818051&adf=3784560394&pi=t.aa~a.508635323~rp.4&w=363&fwrn=4&fwrnh=100&lmt=1703574301&rafmt=1&to=qs&pwprc=7397080497&format=363x280&url=https%3A%2F%2Fheld24.ch%2F&ea=0&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703574301517&bpp=1&bdt=1089&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1544876262172&frm=20&pv=1&ga_vid=488114919.1703574301&ga_sid=1703574301&ga_hid=1991567452&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1022&ady=1404&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C95320239%2C95320885&oid=2&pvsid=2048463497000382&tmod=212962446&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=75
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 26 Dec 2023 07:05:02 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 button.png
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 309 B
346 B 27ms
27ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/button.png

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

877114c35f4d21070e2cd28451a515493963cf7f5e8dc3a4ddb7e23b06f39c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 08:55:18 GMT
date: Tue, 19 Dec 2023 08:55:18 GMT
x-content-type-options: nosniff
age: 598184
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 newlogos_728x90.png
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 11 KB
11 KB 26ms
26ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/newlogos_728x90.png

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84297c23f08a11cf0ebb76b38bf55ccbd7065c521ee29d41781e3260f10acce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 08:51:41 GMT
date: Tue, 19 Dec 2023 08:51:41 GMT
x-content-type-options: nosniff
age: 598401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11005
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 43882346_20231027052001606_Christmas%20Markets%202023_Cologne_DCO_728x90.jpg
s0.2mdn.net/ads/richmedia/studio/43882346/ Frame 902D 42 KB
42 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/43882346/43882346_20231027052001606_Christmas%20Markets%202023_Cologne_DCO_728x90.jpg

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51ffb5d890658f2cad0642c2d28519528e08a948e6a369b207c9615da13f381f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 06:12:36 GMT
x-content-type-options: nosniff
age: 3146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43112
x-xss-protection: 0
last-modified: Fri, 27 Oct 2023 12:20:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Dec 2023 06:12:36 GMT

GET
H3 200 1200x628_RH-Radisson-Hotels_RGB-GREY.png
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 30 KB
30 KB 28ms
27ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/1200x628_RH-Radisson-Hotels_RGB-GREY.png

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d5985fb411aa49165043a6b8ce26f5a7d761f7720f318f23f3de173ed8b0e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 08:55:18 GMT
date: Tue, 19 Dec 2023 08:55:18 GMT
x-content-type-options: nosniff
age: 598184
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30313
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4BBF 8 KB
6 KB 66ms
66ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3465dd6bbf8475d71a78430a0ce7184dabeefdb52408e0c428393aa9bada4829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5873
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4347 7 KB
6 KB 69ms
67ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5a8ba5dd4565e4f383c1b59c23e3cca09c7c5e27694eeae5065b0d23e834075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5799
x-xss-protection: 0

GET
H3 200 prod_studio_01_250_videomodule.js Show response
s0.2mdn.net/879366/ Frame 4BBF 13 KB
5 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_250_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 02:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Dec 2023 02:12:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7E94 0
21 B 62ms
62ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B2Cr7HXuKZbDwBqah9u8P0Zm7iA8AAAAAOAHgBAI&bg=!EBOlE1zNAAY3kmNgF5I7ADQBe5WfOERX2VZNMGAO-iAOgGprugJHvvfLmrGIYV94jrtc8Wfe6ZKJlsSvIS_dXcpRMA1MAgAAAR5SAAAAAmgBB5kDUeuP6Rf1QOt64zFhvuF8Ot3D33ybjwfBZXFN176D1YsIpyYoRLUkvoFhOq-hrs8F30zyaBiMrrvq_ts8A3XHKVSZXdB_zY_bfM0X_qDTVSezZVPkJsywVxiGMts0A8YoptGTZXa7dGGwKts9l7wgw6Ea8bXr_WNqw5Cbs_p55wDOm58AqzNhj6B6XQtzE7U9cafpnC8dxxg1NS5RjBlZOS3rACGVjR4hKk3IpMdtg4YtFb7n8IEuCXLKyPrkbPziOt8fIrCUujb75N5vxYsYasEgch-bIWszRIJ2gOnATI1TLLKKAX38GbsxIbtYCXr_dOeVfe5Jgn1uHdlmIlhYMyPFzlFy73jYZqo9Rw2Tb71YUMiHnQr9HBJuRz537XUVvwh9lsLGxWnYIdStfpdT_iNQsbdJIQFuPaiFU3mRVpByVRXRjR2RSneM2WQMAKVqh4yiYxGFzFlGNXRARFfhk55N0SGksANAxljMQL487g14T87U30sWy3fIveF7aqxdLwlQb7VOMqBht0xkAriQSPTSUEyBqKmG_QLCS7t_-3szZ_twoUr76tN8NxTZ4SpErN2hDwWq704b9kLxQU93_KteS5SdKa28Sv-8c7-cVKq0w2Bf9aJLL_2w1z8RYL081gwL_KAAgSK7QtCmAlGu6mEBcaVH3YbPNCAfPTU7m-Ybo1VVp31m-DDFlVAkCxLVJ8zEAtA2zVsVgewclFdPRENwxlX2sWmmcMrTo7NwsKvjFUTjvcSkQkopB7ekAA4UbED9sspWH9gNRIEF1lOq4yPXjuCEYdK8Vk90mCTE1CSM3FFWK2F1yPQ2ZLSeL6CGoxC2WaAEI-Fv9qD1yYGOnHuK61Gh_WM6rlj__7Be4b3CO5U30fJde5xQMKVn3oSKvoo_djkZLqsgUbyghLYiTN4yE0xyXOhgh6bxy5labo5GUOUvtkepXgnOVTEid2vtRjkjCNy2rX4GlnGkzVCv00ScrZpg_mWz9m3x2cM9qzh1uer8BSJ79bab2wQVGM0OdmF9XAWvKGB6LXHYcfvzcpLfyqMYV5djkOUtB3kSK9hEma-LC9ejtXjAJ2sSoIBkl8e-OvJxM0y3tbP3QlkeBy06hf_kC55Ad9-B14Tk_RZKZg

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 prod_studio_01_250_videomodule.js Show response
s0.2mdn.net/879366/ Frame 4347 13 KB
5 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_250_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 02:12:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Dec 2023 02:12:55 GMT

GET
H/1.1

206
Partial Content

file.mp4
r5---sn-1gieen7e.c.2mdn.net/videoplayback/id/b724c99b88314837/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735110301/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 4BBF
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/b724c99b88314837/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735110301/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r5---sn-1gieen7e.c.2mdn.net/videoplayback/id/b724c99b88314837/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735110301/sparams/acao,ctier,expire,id,ip,ipbits,itag...

367 KB
367 KB

125ms
20ms

Media
video/mp4

2a00:1450:400a:8::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-1gieen7e.c.2mdn.net/videoplayback/id/b724c99b88314837/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735110301/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3D052A063DAD9D667EE0A7048984641A7B5EC2E5.82386A07D4579410AE5866F57D9434EC9BF1EE88/key/cms1/cms_redirect/yes/mh/Ko/mip/2a02:6ea0:d418:0:5b7::1/mm/42/mn/sn-1gieen7e/ms/onc/mt/1703572960/mv/u/mvi/5/pl/44/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400a:8::a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fdb3fc721b9e0a55b21f3a921a610103d29974450935a700158a06f60340befb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 07:05:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Oct 2023 13:51:03 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-375711/375712
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 375712
Expires: Tue, 26 Dec 2023 07:05:02 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-1gieen7e.c.2mdn.net/videoplayback/id/b724c99b88314837/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735110301/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3D052A063DAD9D667EE0A7048984641A7B5EC2E5.82386A07D4579410AE5866F57D9434EC9BF1EE88/key/cms1/cms_redirect/yes/mh/Ko/mip/2a02:6ea0:d418:0:5b7::1/mm/42/mn/sn-1gieen7e/ms/onc/mt/1703572960/mv/u/mvi/5/pl/44/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 652
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

https://gcdn.2mdn.net/videoplayback/id/b724c99b88314837/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735110301/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
https://r5---sn-1gieen7e.c.2mdn.net/videoplayback/id/b724c99b88314837/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735110301/sparams/acao,ctier,expire,id,ip,ipbits,itag...

367 KB
367 KB

122ms
19ms

Media
video/mp4

2a00:1450:400a:8::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-1gieen7e.c.2mdn.net/videoplayback/id/b724c99b88314837/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735110301/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/127FE2FF8BB186EED7EE1F80FEDC8EF9F435CBDE.30DF14099FF782C3F1057E057E12D34EED335492/key/cms1/cms_redirect/yes/mh/Ko/mip/2a02:6ea0:d418:0:5b7::1/mm/42/mn/sn-1gieen7e/ms/onc/mt/1703572960/mv/u/mvi/5/pl/44/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400a:8::a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fdb3fc721b9e0a55b21f3a921a610103d29974450935a700158a06f60340befb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 07:05:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Oct 2023 13:51:03 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-375711/375712
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 375712
Expires: Tue, 26 Dec 2023 07:05:02 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-1gieen7e.c.2mdn.net/videoplayback/id/b724c99b88314837/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1735110301/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/127FE2FF8BB186EED7EE1F80FEDC8EF9F435CBDE.30DF14099FF782C3F1057E057E12D34EED335492/key/cms1/cms_redirect/yes/mh/Ko/mip/2a02:6ea0:d418:0:5b7::1/mm/42/mn/sn-1gieen7e/ms/onc/mt/1703572960/mv/u/mvi/5/pl/44/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 652
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 902D 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 newlogos_728x90.png
s0.2mdn.net/sadbundle/14097169669241079327/ Frame 902D 11 KB
11 KB 23ms
23ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14097169669241079327/newlogos_728x90.png

Requested by

Host: held24.ch
URL: https://held24.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84297c23f08a11cf0ebb76b38bf55ccbd7065c521ee29d41781e3260f10acce2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 08:51:41 GMT
date: Tue, 19 Dec 2023 08:51:41 GMT
x-content-type-options: nosniff
age: 598401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11005
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:26:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 67ms
41ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b7791eddf72c59-FRA
content-length: 24
content-type: text/plain
date: Tue, 26 Dec 2023 07:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3aAaMLqY7LL1voAfedyvEZIZtwTVbELW8Nl2BfKMEYq8NvkXRux6RYRmmHJn7RySObGRDzSjcvawDbGaC5vC6JD4EUSU2hoMmIpGmWjVvIRgdwWJmfzsZha6zbCm8HzBvwhB9U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-8f05

POST
H3 200 rs Show response
ad4m.at/ Frame 7C15 1 KB
2 KB 44ms
43ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb13530dbc6cb041023f7354969fbf9fa873252144541a95fa5a5bac8118c9d6

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfJbWZfCvYgzg%2Fm9JZ%2BpWY2d0dfQRh6XQjbOVBZsiKh7%2F4RMt07rbfvjS4rc%2BI5zrFY9%2FmU2%2BXvnvkW5GpSgJFiHBGxEOX4Q%2FAhN4FyaGsB3aDfG6ssdxnjY2h2HAJw3nxMatoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 83b7791f2e352c59-FRA
x-backend-server: aa-reachservice-group-europe-west1-mzmz
alt-svc: h3=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame CC0E 1 KB
2 KB 47ms
47ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa2a873fb74a7ab85518958dcb7d21a5867a576ea9d855fd94609ca951deb3f2

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wc8Byuhj0GvPM%2Faqc8vBa%2F7v5SZaqMzXevE4AzfAfV8%2BHBMLWpquGNYPzz9YXCFOcjYoRKGgrkUOBz%2FciFxJ267xjylmKd8CiUb70w42Adt4fWqJdSZ%2FSIehMVHPA6MozuXBWag%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 83b7791f2e362c59-FRA
x-backend-server: aa-reachservice-group-europe-west1-8f05
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 64ms
43ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b7791eddf62c59-FRA
content-length: 24
content-type: text/plain
date: Tue, 26 Dec 2023 07:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2B%2BcF%2BfVZoaIEQOFi3IfvisGGjHoOGCYjjvnLMh0d6vi86VjXAZctMMrb%2BJ%2F%2BgfoJxs2NoM2wF4CnG0vZV2KwowVVguTu8EOh%2FKlU0mqm7n4SuVY6jpAQUwZqMqYEoyGmg0EUgU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-8f05

POST
H3 200 rs Show response
ad4m.at/ Frame 32C9 1 KB
2 KB 43ms
42ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbcd77ecab66f9f76b9faebc880a03ed5af5b3a0fed6ff39838a3bbc1217a107

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9K6vGOWz6%2FBka1bdqjVOLoHJEqKCcxL4paiAKKTGHqnIJRoFnhwC3%2Fh1dD9HAWKxmXqkJBiIwUKh7ZB3XsPJqVdrXr%2BhdT%2Fub1ant0bx5%2BOYhgBqBpVDXPf5PtORYkmDlrr9x8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 83b7791f1e2b2c59-FRA
x-backend-server: aa-reachservice-group-europe-west1-mzmz
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 59ms
39ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b7791eddf52c59-FRA
content-length: 24
content-type: text/plain
date: Tue, 26 Dec 2023 07:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsH89AflGLiQkzKHfqofg1MKtXqrSrIsizHmasaa0ZHVd9h%2FedwfoRgM95alhcUxm16ColhECngpROKVXq%2BZGbdeijPeRidLFqJ6971nIjlaqilLuHfJkjn314ZrVkfqoXq4HzI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-mzmz

POST
H3 200 rs Show response
ad4m.at/ Frame 27C3 1 KB
2 KB 45ms
44ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef8764ed39e34f936e15eb134fc2691430101699ee603b624d6a43fb84c43bbb

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGEv%2FPnDXg9YvC%2Btw91DUlG9C3ICciPzdF5ic2SyfK2TNG09o5TC7vR4A7Z2%2BTkPtuF2%2FgfR1D5YFFAX%2BHfLRVSycsq8Iksu%2F18lFeLWcOgfCOTPCFuO4VMKUwqsoKibonFP2Pk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 83b7791f3e462c59-FRA
x-backend-server: aa-reachservice-group-europe-west1-8f05
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 71ms
54ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83b7791eddf12c59-FRA
content-length: 24
content-type: text/plain
date: Tue, 26 Dec 2023 07:05:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4Xt6wcv68MkYq8PDkLOYXUusRfEJzTvSIeJTJRQTXV9%2F9h2sSCsIx39hL1xi2nqoKIbgv4o760CgAtTv8Q1SyyTcRz7FEKpTa%2Fxh5T%2BM7UrYKmsM%2FENLYnls%2FAfHZT%2BNdYLsp4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-mzmz

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 76ms
75ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5270f4bd8461f7c6f72fce6a5cde3a770597db1d136aac7ca4793e636c82ee29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12212
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4BBF 17 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 26 Dec 2023 07:05:02 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4347 17 KB
6 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 26 Dec 2023 07:05:02 GMT

POST
H2 204 mod_pagespeed_beacon Show response
held24.ch/ 0
84 B 40ms
40ms XHR
text/plain 167.86.103.144
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://held24.ch/mod_pagespeed_beacon?url=https%3A%2F%2Fheld24.ch%2F
Requested by: Host: held24.ch
URL: https://held24.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 167.86.103.144 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi525362.contaboserver.net
Software: nginx / PleskLin
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cache-control: max-age=0, no-cache
server: nginx
x-powered-by: PleskLin

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B60B 39 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 10:15:22 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 202D 0
21 B 62ms
61ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTLC3HXuKZfOtN9HhgQefnZn4DQAAAAA4AeAEAg&bg=!_v2l_bLNAAY3kmNgF5I7ADQBe5WfOGV-8XalCMAAuP5TJHwT49ftmjXQgqzHZiEixdMB-BjiyIsofyiUW5rhy6d6hLgtAgAAAKdSAAAAAmgBB5kDWzbB66iQ_BJ3y7LgJ_mSDxQCVcuU4A0zNv-ShgEg8aFDQFyA4j0QEqqPfn280Li-d7t8kLM63JJt5OxLpWaJctZuPsAE1rfENEfwkOH15ud18x7WJuZLo_bAGELYlEkLVQQIiJgfZzbxPmFqqROTbw3goF0iKWkjDWvWcE3QHyPZy5pbBDHi7ZFTBtmxmdM_cKuoWDMdrUP__-Yi-QfpkKlBsHLltUCxY_PYhX06BqgAYljY-CPkJY7L0qDayInvjd2HLnlQogSJTXuSReJsL1bpSDCRpIEXQjvS27kia-5ErHrpoF-TfOytCLovA7207GLeZHz82MI8d5gjzC_gen81pbAY5frhMc5P3N3iD3HgO3uGpSBhslPryHEo4XGmwHUV3r75y4Rd7cYPU-3d2pZr5GYl5BYhOk7jVJ_7sGVYsHk7-euUMLOi5PXN0oKrk2FIXecSLBUJs2QVgAe6Plg1tB35i_Hrg4-LPR-Q7RftVaNXvjLNQD_zysL8EBecBgsYbcoAY-Bggm8x3gsY-fhau32K5JCx9Sr61vaTCQkG3EACb6rK3a6PcJgAoSPl8QctA_SO91lHLNZwzORAGYPdGRFQr_hougm2ucbpR6QnCOA5I_yYgmrbma69hpsg43u4zxZt25Q1lkwx9S1iqGZ721wc3LpW7qqrlZfuox3jdzAofN6CySY6lucjV7jtolAydY0IKjaicSqbi3Wpir-kwO1bL4u9LE8Ti97WCIk5yct4GfKNJ6rMWOyrjqMcyXnBITARtv5bGt0tqy7lVJAf7XYQNdato9LwL9_qbbzBSHyS59E1Fu08iBIrAx8vyHYgbyJ7yt_UIfkFPnwB8cXmlQ5rDcwGMLJsoNS1kxwFTfLt9MaAb50K5HymZ5vj4Ze1Q8evhKky5pxcNQJJ-0PLt-ka5BOoE1-glw00qo4GTVyZcG2QxBFQjonp4dy4mJctbiQxuLrpgKQUGMnYRc49zcKBRqfK_KE2avVw3O2uGBIMnSsslp4hLPAXR_bXEZW-LxMb2UTGyn2S9Ki6o2mhcTaTFUZc7oB2JLUl8_2m08pcgb1kZPN8cd2MqonIiKTY-CRZhp4iL_6wF44imsfqxoUyIXJZwmMxqSjk0-BGfd75JYLampAfzjE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A414 0
21 B 60ms
60ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BsNziHXuKZZr8N4a3x_AP4oifuAIAAAAAOAHgBAI&bg=!S0ilSAfNAAY3kmNgF5I7ADQBe5WfOOcbQ1aq8R22IpMg8B6Cep4wjxYcwdUeJ2L0zvhvt_Z1z-72W1pPNr-k5L88h7lIAgAAAI1SAAAAA2gBB5kDQVaDlQSLIhz9FDU8vAkJmzjK65orWGYdyIlm0LKE5FvQdWiSTZk6c1BgJCZsLZNReaBrAbKER_0PSGYPM-ZIqvFm5mjXQSXLyFQmrT1Fk6NsiyzxMAFebFbli7FDxTCrED8AGxcbODjvyA8IJC1P9rydIilzi1W5CvLh7E36yIigvnMZCkgW7jlZ5UqTruG0nrXcniQ7Fje2wjD5poxgi1PqYck4lWfoklYv5awBkU-M8ZYqzuol54Yj2n6Jft_4HXLdSQAvEUFcb-snPGsB1K4GgNqOLxYPH4TLA-6XSCdwLwCiHXjDqLwHAJ_yzIWsMrkxrj5BwQPc9x4RjlqSfyV7uQjIsBj7IGLAXT4RSej-Sl7BXwZpe2MsKogb7YeCwYegvT509K4hFStojD4Q1v5qmu76aG-gKQoF2WqRANwNg5N-Woaje_2BPS68HmfXnrCyc768PoKRQr2F-zio3FWQAfsVxak3kTyE5FuZnQjKWyAT8t2_iTazvR1-i-24CthAOw9IVWkaoUF63FmwAyYRyQOD_7SV-3eUgXy4YN2AE5s0HAouwiI4nS4hEW5vtIxlTLRbNqFKDZkTyzbyC1KAD1fkfPfy16XGHwW1jmyvoV-CbSrS9TLNbkxQj1b6wmIgjiJzm6BZsacCEBhCf0MFM0oC5z0w1yIE5eBbB3sby69I6KejlJniA6lWKcjmCSNmxcAIsajonhOKlswLGPmLHymTdTN8dGHXYTh6dtrAUZCog3KNjfkid0xy9QaKClOij2lHs8hvMyskMl59oJjR6I7bNhO9q2juUbBZQuV0Mo-uGOYeRnyu03-gsb3b558NOAGyL65HX1NfWaI1tEvv_aDY4bITZ83KTWfgj5EURBY7EQKVIWu3ln17WYW3hfWisjZGODvlTseWU-Hj3B7txfw9fSPNGLVIcSwOkt2kJwC4rDxPkCaQ_9giZCgW0AzY-N1ATF9xf8pLgTQGKtsRrhm1-sgou-izIfDGwmoMWSDry4E2uWxdy59UZS18RZnttbuHNmmCDnQTqDgu_Kr9sC6zTG_yWuIVAJafriBjo7BZ8W_7pjA3eQMd56nZ6EzXb4becGqhm1PgcOc7gRNb

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5111 39 KB
15 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 10:15:22 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 7DE6 9 KB
4 KB 51ms
50ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=34719%2C19840%2C63352&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J&c=300&d=250&e=&g=eae246ed8b90a0f192700ffb52eabc67%2F13591470410687926641&i=26474%2C22610%2C28908&j=41%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302564&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k99zy3hdpzppcw0g6bsck32jn44h910x50hgsyehhbs4y4hzpw7r9xd6rqqdja81731yyk1xsxbca3sppxfgbsg5gw6x1j3j5pw7tgzmrkwyxegf2se3wwz85fk556fe9h9063pv08qmetsb8zeh6etpqvj7g6t4kk215daj8q6jv42vgpr0zvmdyc61dvxzsqh33xss4vx7xtg88npmqssqwkdag03aypnpk1783nggqqbggw9n9a3bhtz8p7aexn5zsg5ehqrcvvm366x2zgr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0e1a3dde3bfaf871c6481cc587c623d0ac24737cd6f16ee9fbd485cf458a2a4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gjdpfkd8nhgsgygpp1t0gsacyjt6hyafpmbrgngq1mdb191bnatg8bew0v5rdzpv3cpxpzww8kg6nh10zvh2t01w8vy7b2n65bnan4t9j292m4zq3qy1ytqyecm6sy5cx6cmzvedw4r3n7frbjwr0htw6pnew5cem2xefv9vxdknx1f1y4nyaxcxcrndmj3jrs9v98hwh8ys9qj43njasdq5ykd1vgmm147s3740akbm4pa08cmter508v8s733sw02ckmpazeykj66r7szae7nxdfjftsnd0d5b2wd4w58mpbczeyrb3dd07g7hy8x46xecw97v6x3ggdx1ep8nk11nqqytqfw04qgdmaw5xfxya9ft9x1gzamcybaww97eqrfyyenfhkxbv48s6dege7x8je2mgs9n62cqzeawje2abetyr3yhfepe7asd95zfg345hzp7g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%26client%3Dca-pub-4525684120003226%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b7791f6b4a1c9f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:02 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A37 39 KB
15 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 10:15:22 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 4A80 9 KB
4 KB 47ms
47ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15579%2C11184%2C19840&b=1xVfbfKfZd1c9HdH9tAtb9rC2SKTGGmUx73J%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem&f=wqZHdfjf1j4SEHRH2tEC867tzSATmmJCKJpP%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ&c=300&d=250&e=&g=edfeb25695cd45b09b5a4a3c6f8e7bad%2F3477082243280992167&i=26474%2C20374%2C22610&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302568&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fkafk4am2m85xbqxxx8sf7yjwwecv88bb8v73bkzemewk9716bfpy938ka9y4h6jbn541hywxraz83a614akyvwnxm0q914r23zp3jdggkj92mhfxw266y4gdvmnz20ck37jyzew2v6trfk9rhja1rdr3yjgxqap1qkdkqh37cnyqgamgf78gn6vhhg318zxndrjes56s3axgrr5xd6ka62yxzt9rhgnprgqm8223eav94w3f8qp39hxa7b7j5gnpqnrw8t4zyfj6ek2bp5vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5HP1HXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdJHRs3JNDERK-TYkjdRy33vMFVio1AQE_p6wmvr_fbX9ZTHUn-z8yCl9gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zZurvkJBg-QZv81Hpy8OuTpe5Lw%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d5d04665f45acfd3c1d740acd5a1b5ab4816fc4e60316dd35a2723c388ce526

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1khbc6085qxqbyvwghymzsnypth0t07c1n6qqtyvrdd632acmfej4dk060c6584bskfyzq59y7z7epetbne0rs27wke4q3cqnxqtyy63fk1jtbc27czntrnfrdfw5qp3ec1v2ta75q4n7k9xen6s9614qn97m1vj5xyky068v6e4w5jwv3p9aesbd6fwreav5kwb2k4tsta93zzg3n8br2j2kkd9jhnv3pwpp01zabheqemv5azq6t6p6rd1c049a02by572djekkjzc9x1apffh4ewzc107gdzwxch8gr7nef73qvvgs6mss3w8panwfgh84yv4zk5zd61w3f5gxemc0ax3vktanz6a2hky44w5aky0km9a37vt0gdw9531cpe4nka5ay6vh45tqp68ck5w4j3m8rzgrk4ndxj4fygssmg1snfk2hqk0bmtbaa41h8rt9eftr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5HP1HXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdJHRs3JNDERK-TYkjdRy33vMFVio1AQE_p6wmvr_fbX9ZTHUn-z8yCl9gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3zZurvkJBg-QZv81Hpy8OuTpe5Lw%26client%3Dca-pub-4525684120003226%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b7791f7b541c9f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:02 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame D09D 9 KB
4 KB 45ms
45ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=34719%2C63352%2C11184&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7&c=300&d=250&e=&g=a642404264b2020e9af9ab715732166f%2F2487855907477922609&i=26474%2C28908%2C20374&j=41%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302586&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjk57gj86c9vj4vn5sam325csxhgsm60sbjfejxg0ftkt86mpaqkzntqf634k2wkptxxsjwe5dc1wrnhs38e5e56tfy1fhw0vmvkn3b26qw31gzwvzcd7swpxpk2zz8tcy3h8w0pzr6zj4gees6p01dtm4ny0rk9av47ccss2dpsnwg31d4dh3kkmd67c93v7jwphsc5gsxqx6rqcb6jcv0f9gdgh6c0vmcs2ndv4m8xb2e2bskb3vm04246t202ek5n6k30qq2r5n9mbb6r21y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb86444b2ef82739ff7168ab1020954de17416e3374ef61f264bea16135918ab

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jc0ngz3as7czqwbh3vdamdaewqy7a0j18tn7yw44dpsrtr8b2zb1snye9h2582g3emgxx0das00spr7a0yekq010yzjxq1bbrjbfdyfyb1dmr17q2t7712j1rgambpnfxx37sarkx8x7z1zmfjrrrx988mbz6hq7fv8v5angzzch9k6wsmnv9vrmfb0gaay55e8txc2k7350pwje03m20jt4b81dzepa75fj1cfd8q6yrhzxvw6n6jtpsdwjsk5fy0k89622b80gf1t36cq2qdb8be76kee6m1d6qctyx3fbxmafsys3j3dvb2k6zhnref8awx0kr9pntej37pprk19nem1j08hjev5fh8a2hntdzeqgpkdctswpsfebt6am4j530g715r5607py271d4n5byx74ms5h25wz40y14mzedzmdxj69yme98r9w45n8tec68cfyg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%26client%3Dca-pub-4525684120003226%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b7791f7b5a1c9f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:02 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 26 Dec 2023 07:05:02 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame E1B9 9 KB
4 KB 45ms
45ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=63352%2C19840%2C196438&b=9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2CPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8&f=1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2Cbj2SQfZf59KdsYHbHzt8Cpb1tbSJTMMqTKqem&c=300&d=250&e=&g=b1b2ee0a0dabf9512b8c7b0f7b504fe4%2F10345385199233203248&i=28908%2C22610%2C25174&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302596&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hds7z1q4kkk2sg32b3k3e0x29wg416qd2nava6kfktc3fae852fw6cehp7k9qrt9v04ahr5j0mk9dtg9d48q9gcafm27gj80m12cgm2a6qdfm66tx75v103xz38tja915jm63eazbt1re0dryabkz2wtt4xbkh2a134k54cxcb34tczst104ajdyw01jhrbcx4cjpqzhdtmj4dy2q5ge69zrm668xa20m1ryetbghjw4mrym5ng6wgkthr4tp0bypew3b6rfntghqw7bc9d8mxy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c638bdd4657d9d90beac8361a874c3b48c3f01516bce304cc2b0301c3294502

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1jfes3zj08e34e8seenyed041y90j7ds1kzcdsn320gabjjmerqq742ydtg7jvkwtehmd6q51pexd8cgp3dta1ax6c98k6ggvgmwnfznjecw281qgt9sktd4hqa808z4zm75pcvnk23ncrqwg689rzandn38agg7q1vdvnv6e1s788dty839we4bg4mcpbqwqhpgvnkvj4c1sgqd622182h55rcfvewhfpvdp5htt69j7w89yhsy2znyqec6z72kajvrftrb0nvj4hbzmjjhbh97k6n815c35w5r90n6p4qhmshcgz1n1t4mekp99k438k7n8yc692nd0wewerh5desfcmqff884tn72km27p9069qagd74kp4hx6bxk0bz62vms6rqzw0jtd5r30tp8ckqh4wq6v1888dhjcapms8v21ndqj568904b0hsq63m31d2crsc62g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%26client%3Dca-pub-4525684120003226%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 83b7791f9b6e1c9f-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:02 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 7DE6 115 KB
14 KB 31ms
31ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19840%2C63352&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J&c=300&d=250&e=&g=eae246ed8b90a0f192700ffb52eabc67%2F13591470410687926641&i=26474%2C22610%2C28908&j=41%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302564&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k99zy3hdpzppcw0g6bsck32jn44h910x50hgsyehhbs4y4hzpw7r9xd6rqqdja81731yyk1xsxbca3sppxfgbsg5gw6x1j3j5pw7tgzmrkwyxegf2se3wwz85fk556fe9h9063pv08qmetsb8zeh6etpqvj7g6t4kk215daj8q6jv42vgpr0zvmdyc61dvxzsqh33xss4vx7xtg88npmqssqwkdag03aypnpk1783nggqqbggw9n9a3bhtz8p7aexn5zsg5ehqrcvvm366x2zgr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1140027
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOkFPSZNLVsIvJbG%2F5ShZXS7HQnZXwi22nRVlyd02YBxB8fMfqq5xXbwDXj5B6A6oiwnXYMy1GQ0tv96UYEfaC9a7V2d%2FDfsUrIhN5ETnrMpBv4NpFyNQcMUQleYHGky0ex%2Bi2njnDA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b7791fdba91c9f-FRA
expires: Wed, 27 Dec 2023 07:05:02 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 7DE6 9 KB
9 KB 54ms
44ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19840%2C63352&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J&c=300&d=250&e=&g=eae246ed8b90a0f192700ffb52eabc67%2F13591470410687926641&i=26474%2C22610%2C28908&j=41%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302564&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k99zy3hdpzppcw0g6bsck32jn44h910x50hgsyehhbs4y4hzpw7r9xd6rqqdja81731yyk1xsxbca3sppxfgbsg5gw6x1j3j5pw7tgzmrkwyxegf2se3wwz85fk556fe9h9063pv08qmetsb8zeh6etpqvj7g6t4kk215daj8q6jv42vgpr0zvmdyc61dvxzsqh33xss4vx7xtg88npmqssqwkdag03aypnpk1783nggqqbggw9n9a3bhtz8p7aexn5zsg5ehqrcvvm366x2zgr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3983434
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6MUbcBqCx%2B4h2Z6xphjbXEFe9Dyamqn8rNxJ1SGitu7%2ByBdQk6DZTrd1UYzlWvqjOhSw7YtgUMd7kwCYtLoYnT%2BShxuVSU1mjf6IAM1%2FaxdxJuozR2VZFIWWXtLXD7BDFpSGHZqQUmPo53D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b7791ff9f13614-FRA

GET
H2 200 2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame 7DE6 32 KB
33 KB 48ms
39ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19840%2C63352&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J&c=300&d=250&e=&g=eae246ed8b90a0f192700ffb52eabc67%2F13591470410687926641&i=26474%2C22610%2C28908&j=41%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302564&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k99zy3hdpzppcw0g6bsck32jn44h910x50hgsyehhbs4y4hzpw7r9xd6rqqdja81731yyk1xsxbca3sppxfgbsg5gw6x1j3j5pw7tgzmrkwyxegf2se3wwz85fk556fe9h9063pv08qmetsb8zeh6etpqvj7g6t4kk215daj8q6jv42vgpr0zvmdyc61dvxzsqh33xss4vx7xtg88npmqssqwkdag03aypnpk1783nggqqbggw9n9a3bhtz8p7aexn5zsg5ehqrcvvm366x2zgr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4057062
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 33043
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:07:19 GMT
server: cloudflare
etag: "4248eb804269666620fb86952a326d7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0w5JfRC8yU9eMgBmJMEC6s2zcJ03kSejsPXbH9Azus7JxqyMzZw3G%2B2PbeXySd0oSHK8NpDhSbATOJGO8xWWZDT0VXSH0DzFyQAu1R334XZxXObAcpUTXWXeqzKisAyZ6W6CWgc7hTW4Uvdl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b7791ff9ee3614-FRA

GET
H2 200 2aed39855b5f46b7651ba591340f258c
pv.medialead.de/trck/epv/ Frame 7DE6 0
327 B 104ms
29ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidpb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRjoneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19840%2C63352&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J&c=300&d=250&e=&g=eae246ed8b90a0f192700ffb52eabc67%2F13591470410687926641&i=26474%2C22610%2C28908&j=41%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302564&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k99zy3hdpzppcw0g6bsck32jn44h910x50hgsyehhbs4y4hzpw7r9xd6rqqdja81731yyk1xsxbca3sppxfgbsg5gw6x1j3j5pw7tgzmrkwyxegf2se3wwz85fk556fe9h9063pv08qmetsb8zeh6etpqvj7g6t4kk215daj8q6jv42vgpr0zvmdyc61dvxzsqh33xss4vx7xtg88npmqssqwkdag03aypnpk1783nggqqbggw9n9a3bhtz8p7aexn5zsg5ehqrcvvm366x2zgr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720103333","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 0FFB463DB03CB009793080C1B53C23C9FD5377E1899EF35E72791D21CA62D52A222D662E2077C819E6DE8402D02F3C83CF5355E92DFA2B41CAD20448D14D8FA3
assets.ad4m.at/logo/ Frame 7DE6 3 KB
3 KB 55ms
54ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/0FFB463DB03CB009793080C1B53C23C9FD5377E1899EF35E72791D21CA62D52A222D662E2077C819E6DE8402D02F3C83CF5355E92DFA2B41CAD20448D14D8FA3
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19840%2C63352&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J&c=300&d=250&e=&g=eae246ed8b90a0f192700ffb52eabc67%2F13591470410687926641&i=26474%2C22610%2C28908&j=41%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302564&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k99zy3hdpzppcw0g6bsck32jn44h910x50hgsyehhbs4y4hzpw7r9xd6rqqdja81731yyk1xsxbca3sppxfgbsg5gw6x1j3j5pw7tgzmrkwyxegf2se3wwz85fk556fe9h9063pv08qmetsb8zeh6etpqvj7g6t4kk215daj8q6jv42vgpr0zvmdyc61dvxzsqh33xss4vx7xtg88npmqssqwkdag03aypnpk1783nggqqbggw9n9a3bhtz8p7aexn5zsg5ehqrcvvm366x2zgr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d464e345a3f736a86cb952ecb8d2e2a74e6991378bda2ebd7e5a98a86667a360

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 467738
cf-polished: origFmt=png, origSize=10674
alt-svc: h3=":443"; ma=86400
content-length: 2900
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:42:17 GMT
server: cloudflare
etag: "749e968ec8ea7c9ff764f0b5b5a295a0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Po1I6wkikBJbWdjV5qZj%2B%2FVFCUWeHAbh%2Bs7kK%2BHgyquCD6i%2FBcN2PPS6wYC9t22AaYl5YxAnwTVybuPIpFVzXdVNEvwgiF3cR89v4DdnP%2B8A7sPJ7kuKEdmAql3c%2FWfsbA46G5syZzzkSmx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b7791ff9f33614-FRA

GET
H2 200 50A0391ED1E82638BD388F91DB7A2617B584090578A365720D8AF5FD1BDF22035CB111A0506980F2E608C60A08D698A0A8D1AC530659B7A2489C546E1B8D6D1B
assets.ad4m.at/ Frame 7DE6 24 KB
24 KB 44ms
43ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/50A0391ED1E82638BD388F91DB7A2617B584090578A365720D8AF5FD1BDF22035CB111A0506980F2E608C60A08D698A0A8D1AC530659B7A2489C546E1B8D6D1B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19840%2C63352&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J&c=300&d=250&e=&g=eae246ed8b90a0f192700ffb52eabc67%2F13591470410687926641&i=26474%2C22610%2C28908&j=41%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302564&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k99zy3hdpzppcw0g6bsck32jn44h910x50hgsyehhbs4y4hzpw7r9xd6rqqdja81731yyk1xsxbca3sppxfgbsg5gw6x1j3j5pw7tgzmrkwyxegf2se3wwz85fk556fe9h9063pv08qmetsb8zeh6etpqvj7g6t4kk215daj8q6jv42vgpr0zvmdyc61dvxzsqh33xss4vx7xtg88npmqssqwkdag03aypnpk1783nggqqbggw9n9a3bhtz8p7aexn5zsg5ehqrcvvm366x2zgr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dea84dbaeff7fc5384ed3601f039fd8941c523895588b3c22843ab50c3d1d0d7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 460460
cf-polished: qual=85, origFmt=jpeg, origSize=25176
alt-svc: h3=":443"; ma=86400
content-length: 24106
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2023 16:46:26 GMT
server: cloudflare
etag: "e3d69db8e3a46b3d72f640f07639e36c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHAQM%2FEPY%2FTebEsHRIymijZTdK%2B8fB1ekhtYiRSOEfso5fbtzgZxEzC50GTAig45rjQqMrMwtgQMqtMd%2FwL47KZLT1OCqpjMYFUQeahaOE4D6N7zPxzZOAXx6PeIfR3uA7jiwaBJVgzMgFjq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b7791ff9f43614-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 7DE6 43 B
704 B 125ms
61ms Image
image/gif 23.192.250.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2463630&v=17927&q=371115&r=412871&pv=1&pref3=oneidbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqemoneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19840%2C63352&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J&c=300&d=250&e=&g=eae246ed8b90a0f192700ffb52eabc67%2F13591470410687926641&i=26474%2C22610%2C28908&j=41%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302564&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k99zy3hdpzppcw0g6bsck32jn44h910x50hgsyehhbs4y4hzpw7r9xd6rqqdja81731yyk1xsxbca3sppxfgbsg5gw6x1j3j5pw7tgzmrkwyxegf2se3wwz85fk556fe9h9063pv08qmetsb8zeh6etpqvj7g6t4kk215daj8q6jv42vgpr0zvmdyc61dvxzsqh33xss4vx7xtg88npmqssqwkdag03aypnpk1783nggqqbggw9n9a3bhtz8p7aexn5zsg5ehqrcvvm366x2zgr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.250.178 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-250-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Dec 2023 07:05:02 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 CEA01F26ECDA379B989AFCCDD90D855E85BC4EDC0167FDDF6D7518E94FACA1E86F5413262BA983FD7B3EB522C0EFBE68D862FAE17675C1759EF9CEF695FF252E
assets.ad4m.at/logo/ Frame 7DE6 4 KB
4 KB 55ms
55ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CEA01F26ECDA379B989AFCCDD90D855E85BC4EDC0167FDDF6D7518E94FACA1E86F5413262BA983FD7B3EB522C0EFBE68D862FAE17675C1759EF9CEF695FF252E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19840%2C63352&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J&c=300&d=250&e=&g=eae246ed8b90a0f192700ffb52eabc67%2F13591470410687926641&i=26474%2C22610%2C28908&j=41%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302564&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k99zy3hdpzppcw0g6bsck32jn44h910x50hgsyehhbs4y4hzpw7r9xd6rqqdja81731yyk1xsxbca3sppxfgbsg5gw6x1j3j5pw7tgzmrkwyxegf2se3wwz85fk556fe9h9063pv08qmetsb8zeh6etpqvj7g6t4kk215daj8q6jv42vgpr0zvmdyc61dvxzsqh33xss4vx7xtg88npmqssqwkdag03aypnpk1783nggqqbggw9n9a3bhtz8p7aexn5zsg5ehqrcvvm366x2zgr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baea1b0179de2ed86f05d1c2cf49a0196f60d4d54caebc4fd4dcd3ec82ed892c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 465000
cf-polished: origFmt=png, origSize=14213
alt-svc: h3=":443"; ma=86400
content-length: 4130
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:35:59 GMT
server: cloudflare
etag: "b2cd853289d9bbd9287c939fa27fb2a1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4g7PCR%2Fy1VFxCH8Y4O27owGKVjc5dH4qOWUQ55Ekja5yBif9PGxHUicBwShUJQIr%2F7UIbxnme6pJfbh7QbIJGd6%2B%2FsSY4iOSUcPnFFEChydWGW6v7jILSBOLXI6wxXp4w22r4MFOjhZt8Kv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b7791ff9f63614-FRA

GET
H2 200 B902938409DC456E78B06CA3D968089A3B24CF453EBED3D522151E05E0E5473662A8AB5E8006250E8B3642ABB87892B88B07789C96E65246389AFA58354A01D5
assets.ad4m.at/ Frame 7DE6 35 KB
35 KB 56ms
55ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B902938409DC456E78B06CA3D968089A3B24CF453EBED3D522151E05E0E5473662A8AB5E8006250E8B3642ABB87892B88B07789C96E65246389AFA58354A01D5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19840%2C63352&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J&c=300&d=250&e=&g=eae246ed8b90a0f192700ffb52eabc67%2F13591470410687926641&i=26474%2C22610%2C28908&j=41%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302564&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k99zy3hdpzppcw0g6bsck32jn44h910x50hgsyehhbs4y4hzpw7r9xd6rqqdja81731yyk1xsxbca3sppxfgbsg5gw6x1j3j5pw7tgzmrkwyxegf2se3wwz85fk556fe9h9063pv08qmetsb8zeh6etpqvj7g6t4kk215daj8q6jv42vgpr0zvmdyc61dvxzsqh33xss4vx7xtg88npmqssqwkdag03aypnpk1783nggqqbggw9n9a3bhtz8p7aexn5zsg5ehqrcvvm366x2zgr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44373fdef02923f072a69e4e6b3c1f2f34ea6f740ccad132faa20ce99741b48e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 468074
cf-polished: qual=85, origFmt=jpeg, origSize=110199
alt-svc: h3=":443"; ma=86400
content-length: 35928
cf-bgj: imgq:85,h2pri
last-modified: Tue, 28 Nov 2023 17:14:53 GMT
server: cloudflare
etag: "1416cb261db9ada6c2fca174724f9ea8"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=becn6vukwXwtGRx29AfDv%2FiNDASdkzydvcE3Jc6BGZpEHDP8JQ5TXDEK4A%2BIo0PDF2jHLXvAtNKHDHbnQzRIbsXizyWExEKh%2FOkjHDYkvxlNDeReqaBoMBcfO3rMUfUCevlcrJLzsHnP%2BdH7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b7791ff9fc3614-FRA

GET
H2 200 963fb8e2eec080164ced0d8b1bcc4e5d Show response
trck.trendtours.de/trck/epv/ Frame 7DE6 640 B
952 B 209ms
111ms Script
application/javascript 51.83.212.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://trck.trendtours.de/trck/epv/963fb8e2eec080164ced0d8b1bcc4e5d?subid=oneid9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2oneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C19840%2C63352&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J&c=300&d=250&e=&g=eae246ed8b90a0f192700ffb52eabc67%2F13591470410687926641&i=26474%2C22610%2C28908&j=41%2C16%2C24&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302564&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k99zy3hdpzppcw0g6bsck32jn44h910x50hgsyehhbs4y4hzpw7r9xd6rqqdja81731yyk1xsxbca3sppxfgbsg5gw6x1j3j5pw7tgzmrkwyxegf2se3wwz85fk556fe9h9063pv08qmetsb8zeh6etpqvj7g6t4kk215daj8q6jv42vgpr0zvmdyc61dvxzsqh33xss4vx7xtg88npmqssqwkdag03aypnpk1783nggqqbggw9n9a3bhtz8p7aexn5zsg5ehqrcvvm366x2zgr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCp_SWHXuKZfiNKJeH7_UPmdaR-AGaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0EYx__-TvrNyvksytIfzTlrfrHx34n52Zx5ZDLKFidZ5_1Xe4n64L50M71qxQhHHKu_6CZmKpZFKXdqJfIaNBlnmVRvvPhHxdIflNp-NY8sP6ZA1UJzWqgnXtzXZ_bVYTD5E4Uz2-k5P2lE1UXBAUStIToyIjSY1qAnECCQeqPYCSNO37TiCm1dUKvjXBqTGkzUBVQbNF1YV_wRcYXPxIrAryYexZJGLacptY9-nGhKOSMjFJLALgbdZsWxkgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYoPXk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2GJZdlmtg88fvc9smKlXsYsHp8rQ%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.212.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ip112.ip-51-83-212.eu
Software: nginx /
Resource Hash: f28ae5e775e07431d40a15359bac762f640bbe7e2e56a1a904a7c057df10908c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
attribution-reporting-register-source: {"source_event_id":"16800505250109142","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-https-header: 1
content-length: 640

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 4A80 115 KB
14 KB 54ms
54ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C11184%2C19840&b=1xVfbfKfZd1c9HdH9tAtb9rC2SKTGGmUx73J%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem&f=wqZHdfjf1j4SEHRH2tEC867tzSATmmJCKJpP%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ&c=300&d=250&e=&g=edfeb25695cd45b09b5a4a3c6f8e7bad%2F3477082243280992167&i=26474%2C20374%2C22610&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302568&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fkafk4am2m85xbqxxx8sf7yjwwecv88bb8v73bkzemewk9716bfpy938ka9y4h6jbn541hywxraz83a614akyvwnxm0q914r23zp3jdggkj92mhfxw266y4gdvmnz20ck37jyzew2v6trfk9rhja1rdr3yjgxqap1qkdkqh37cnyqgamgf78gn6vhhg318zxndrjes56s3axgrr5xd6ka62yxzt9rhgnprgqm8223eav94w3f8qp39hxa7b7j5gnpqnrw8t4zyfj6ek2bp5vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5HP1HXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdJHRs3JNDERK-TYkjdRy33vMFVio1AQE_p6wmvr_fbX9ZTHUn-z8yCl9gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zZurvkJBg-QZv81Hpy8OuTpe5Lw%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1140027
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLvPpmiiaceeLJXDpuHsOiFLvsefPNyLbg3ZBXpBm77394TykORUiaJ03mC1zY2EvlGAqhFQphD7zmhPi%2FRIgc%2FY5BT7ygu2Swtdgvxw%2BFpGvFZ5P3rQNGCdi1EiwIImJcsEE7Uxu9g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b7791fdbaf1c9f-FRA
expires: Wed, 27 Dec 2023 07:05:02 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame 4A80 9 KB
9 KB 48ms
42ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C11184%2C19840&b=1xVfbfKfZd1c9HdH9tAtb9rC2SKTGGmUx73J%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem&f=wqZHdfjf1j4SEHRH2tEC867tzSATmmJCKJpP%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ&c=300&d=250&e=&g=edfeb25695cd45b09b5a4a3c6f8e7bad%2F3477082243280992167&i=26474%2C20374%2C22610&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302568&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fkafk4am2m85xbqxxx8sf7yjwwecv88bb8v73bkzemewk9716bfpy938ka9y4h6jbn541hywxraz83a614akyvwnxm0q914r23zp3jdggkj92mhfxw266y4gdvmnz20ck37jyzew2v6trfk9rhja1rdr3yjgxqap1qkdkqh37cnyqgamgf78gn6vhhg318zxndrjes56s3axgrr5xd6ka62yxzt9rhgnprgqm8223eav94w3f8qp39hxa7b7j5gnpqnrw8t4zyfj6ek2bp5vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5HP1HXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdJHRs3JNDERK-TYkjdRy33vMFVio1AQE_p6wmvr_fbX9ZTHUn-z8yCl9gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zZurvkJBg-QZv81Hpy8OuTpe5Lw%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3983434
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhosD9yQglbZvN8%2BkvwL6zwHPV9begG2UuzUGSMyMsTw7AHb8esgXlqZq2ym7m38J6KqHUcmk08wbZeJQkpjK5%2FrsXVwef7yeeMU4N3bbHfVbmqKUAQmFkJKV2CdBFhKTH6G%2FfBJhsfboQA2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b7791ff9eb3614-FRA

GET
H2 200 60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
assets.ad4m.at/ Frame 4A80 28 KB
29 KB 53ms
47ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/60E988674A375A0D248F79BE73B17558F6DE13BA7BD626BA3ECE3CE45F1E8D4E2A797E05335FDF754A97E81953DCE8924DA57CE77B35FA4F8DC239219DA96769
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C11184%2C19840&b=1xVfbfKfZd1c9HdH9tAtb9rC2SKTGGmUx73J%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem&f=wqZHdfjf1j4SEHRH2tEC867tzSATmmJCKJpP%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ&c=300&d=250&e=&g=edfeb25695cd45b09b5a4a3c6f8e7bad%2F3477082243280992167&i=26474%2C20374%2C22610&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302568&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fkafk4am2m85xbqxxx8sf7yjwwecv88bb8v73bkzemewk9716bfpy938ka9y4h6jbn541hywxraz83a614akyvwnxm0q914r23zp3jdggkj92mhfxw266y4gdvmnz20ck37jyzew2v6trfk9rhja1rdr3yjgxqap1qkdkqh37cnyqgamgf78gn6vhhg318zxndrjes56s3axgrr5xd6ka62yxzt9rhgnprgqm8223eav94w3f8qp39hxa7b7j5gnpqnrw8t4zyfj6ek2bp5vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5HP1HXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdJHRs3JNDERK-TYkjdRy33vMFVio1AQE_p6wmvr_fbX9ZTHUn-z8yCl9gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zZurvkJBg-QZv81Hpy8OuTpe5Lw%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0471f27843ee42d45cf9b749a57ec4bbc26dd40f961989ed7cfe4e0f24ea6fe

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3989955
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28958
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:06:38 GMT
server: cloudflare
etag: "346e75cff96234b45fe664b527c7c88d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9U3zPiFnI7zwWN19xMKeweh4k94GuYSycp%2BMF%2BP2445mbQgax3hD32ToElJWRwyI197U1X8LjUdGq0HNXUCoR%2B2AwfMMu1nbhVhD7awyhRnpG9gMsJAPwDRZxwUX6gJmuzr8rhvM0uWcBxv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b7791ff9f03614-FRA

GET
H2 200 2aed39855b5f46b7d90f959867be60f8
pv.medialead.de/trck/epv/ Frame 4A80 0
326 B 99ms
29ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneid1xVfbfKfZd1c9HdH9tAtb9rC2SKTGGmUx73Joneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C11184%2C19840&b=1xVfbfKfZd1c9HdH9tAtb9rC2SKTGGmUx73J%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem&f=wqZHdfjf1j4SEHRH2tEC867tzSATmmJCKJpP%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ&c=300&d=250&e=&g=edfeb25695cd45b09b5a4a3c6f8e7bad%2F3477082243280992167&i=26474%2C20374%2C22610&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302568&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fkafk4am2m85xbqxxx8sf7yjwwecv88bb8v73bkzemewk9716bfpy938ka9y4h6jbn541hywxraz83a614akyvwnxm0q914r23zp3jdggkj92mhfxw266y4gdvmnz20ck37jyzew2v6trfk9rhja1rdr3yjgxqap1qkdkqh37cnyqgamgf78gn6vhhg318zxndrjes56s3axgrr5xd6ka62yxzt9rhgnprgqm8223eav94w3f8qp39hxa7b7j5gnpqnrw8t4zyfj6ek2bp5vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5HP1HXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdJHRs3JNDERK-TYkjdRy33vMFVio1AQE_p6wmvr_fbX9ZTHUn-z8yCl9gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zZurvkJBg-QZv81Hpy8OuTpe5Lw%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720104426","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 FD5F24A2D31F8DF379AC66382D10C95BCB2B6DBDAB1DA6A8C928B4E2932EB8E5F816C97A7A7B662747A82FA3B32C5D2169F78EB90A71DB8E4B05718BDD554064
assets.ad4m.at/logo/ Frame 4A80 4 KB
4 KB 52ms
51ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/FD5F24A2D31F8DF379AC66382D10C95BCB2B6DBDAB1DA6A8C928B4E2932EB8E5F816C97A7A7B662747A82FA3B32C5D2169F78EB90A71DB8E4B05718BDD554064
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C11184%2C19840&b=1xVfbfKfZd1c9HdH9tAtb9rC2SKTGGmUx73J%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem&f=wqZHdfjf1j4SEHRH2tEC867tzSATmmJCKJpP%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ&c=300&d=250&e=&g=edfeb25695cd45b09b5a4a3c6f8e7bad%2F3477082243280992167&i=26474%2C20374%2C22610&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302568&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fkafk4am2m85xbqxxx8sf7yjwwecv88bb8v73bkzemewk9716bfpy938ka9y4h6jbn541hywxraz83a614akyvwnxm0q914r23zp3jdggkj92mhfxw266y4gdvmnz20ck37jyzew2v6trfk9rhja1rdr3yjgxqap1qkdkqh37cnyqgamgf78gn6vhhg318zxndrjes56s3axgrr5xd6ka62yxzt9rhgnprgqm8223eav94w3f8qp39hxa7b7j5gnpqnrw8t4zyfj6ek2bp5vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5HP1HXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdJHRs3JNDERK-TYkjdRy33vMFVio1AQE_p6wmvr_fbX9ZTHUn-z8yCl9gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zZurvkJBg-QZv81Hpy8OuTpe5Lw%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f49cc673474a4be69bf9a456a0ed0b9affb62e6f6b7cf074c5037520f065c1d2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 459409
cf-polished: origFmt=png, origSize=4700
alt-svc: h3=":443"; ma=86400
content-length: 4212
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 21:11:43 GMT
server: cloudflare
etag: "62efef40f1e85e16d21df2011c1e9e73"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGsS69TBFqqcAY9FlTjpwNxVtHZ6exlW%2BKuIgYs6Snjlf1CRcVq8gg1VVr2zATcGFUN%2BdYMkQ4jWsXqBujEGklzFwu%2FD0z6Knw1CtSu3QMGYa7m6NlZHtjBu3eze33Gr4h9T8ASgY5rWQLy5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b779200a103614-FRA

GET
H2 200 7FE0F60184B8707CB4E52907E84ABF5F2942E25C75CD0D84CBAB8E652522C20786FE0CAB8FD6F7E8494D211127C98389FCFC432B4C8D17D1B74406E1DA298B4F
assets.ad4m.at/product_image/ Frame 4A80 57 KB
58 KB 61ms
60ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/7FE0F60184B8707CB4E52907E84ABF5F2942E25C75CD0D84CBAB8E652522C20786FE0CAB8FD6F7E8494D211127C98389FCFC432B4C8D17D1B74406E1DA298B4F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C11184%2C19840&b=1xVfbfKfZd1c9HdH9tAtb9rC2SKTGGmUx73J%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem&f=wqZHdfjf1j4SEHRH2tEC867tzSATmmJCKJpP%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ&c=300&d=250&e=&g=edfeb25695cd45b09b5a4a3c6f8e7bad%2F3477082243280992167&i=26474%2C20374%2C22610&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302568&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fkafk4am2m85xbqxxx8sf7yjwwecv88bb8v73bkzemewk9716bfpy938ka9y4h6jbn541hywxraz83a614akyvwnxm0q914r23zp3jdggkj92mhfxw266y4gdvmnz20ck37jyzew2v6trfk9rhja1rdr3yjgxqap1qkdkqh37cnyqgamgf78gn6vhhg318zxndrjes56s3axgrr5xd6ka62yxzt9rhgnprgqm8223eav94w3f8qp39hxa7b7j5gnpqnrw8t4zyfj6ek2bp5vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5HP1HXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdJHRs3JNDERK-TYkjdRy33vMFVio1AQE_p6wmvr_fbX9ZTHUn-z8yCl9gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zZurvkJBg-QZv81Hpy8OuTpe5Lw%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3962eb8341093bf31b12bd98a5fbe2658845248d049cab68d3718634c8523dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2422599
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 58498
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 10:00:47 GMT
server: cloudflare
etag: "5cfaf431e5e72f935e193ef28529a54f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8junz6xXcjOrZOFWpEBdP1ZurBD1YkvffQHR%2BNO1KODAu6hTKxb%2FSCUNsgnTU2Z5L%2FtlxnNaHzFdLMpjAkflXttEMQgD7yg44l08es35RKfJN0278NMWsdP7qcW%2F88j%2FNOXxCL7kvY%2BQ2XX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b779200a123614-FRA

GET
H3

200

B22944204.250994090;dc_pre=CL7XrenErIMDFXQKVQgdKNAJGg;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/ Frame 4A80
Redirect Chain

https://www.awin1.com/cshow.php?s=2389702&v=11953&q=363641&r=412871&pv=1&pref3=oneidEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbkoneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0
https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_pre=CL7XrenErIMDFXQKVQgdKNAJGg;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_...

42 B
63 B

42ms
42ms

Image
image/gif

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_pre=CL7XrenErIMDFXQKVQgdKNAJGg;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C11184%2C19840&b=1xVfbfKfZd1c9HdH9tAtb9rC2SKTGGmUx73J%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem&f=wqZHdfjf1j4SEHRH2tEC867tzSATmmJCKJpP%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ&c=300&d=250&e=&g=edfeb25695cd45b09b5a4a3c6f8e7bad%2F3477082243280992167&i=26474%2C20374%2C22610&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302568&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fkafk4am2m85xbqxxx8sf7yjwwecv88bb8v73bkzemewk9716bfpy938ka9y4h6jbn541hywxraz83a614akyvwnxm0q914r23zp3jdggkj92mhfxw266y4gdvmnz20ck37jyzew2v6trfk9rhja1rdr3yjgxqap1qkdkqh37cnyqgamgf78gn6vhhg318zxndrjes56s3axgrr5xd6ka62yxzt9rhgnprgqm8223eav94w3f8qp39hxa7b7j5gnpqnrw8t4zyfj6ek2bp5vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5HP1HXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdJHRs3JNDERK-TYkjdRy33vMFVio1AQE_p6wmvr_fbX9ZTHUn-z8yCl9gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zZurvkJBg-QZv81Hpy8OuTpe5Lw%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0

Protocol

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_pre=CL7XrenErIMDFXQKVQgdKNAJGg;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0FFB463DB03CB009793080C1B53C23C9FD5377E1899EF35E72791D21CA62D52A222D662E2077C819E6DE8402D02F3C83CF5355E92DFA2B41CAD20448D14D8FA3
assets.ad4m.at/logo/ Frame 4A80 3 KB
3 KB 59ms
58ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/0FFB463DB03CB009793080C1B53C23C9FD5377E1899EF35E72791D21CA62D52A222D662E2077C819E6DE8402D02F3C83CF5355E92DFA2B41CAD20448D14D8FA3
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C11184%2C19840&b=1xVfbfKfZd1c9HdH9tAtb9rC2SKTGGmUx73J%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem&f=wqZHdfjf1j4SEHRH2tEC867tzSATmmJCKJpP%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ&c=300&d=250&e=&g=edfeb25695cd45b09b5a4a3c6f8e7bad%2F3477082243280992167&i=26474%2C20374%2C22610&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302568&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fkafk4am2m85xbqxxx8sf7yjwwecv88bb8v73bkzemewk9716bfpy938ka9y4h6jbn541hywxraz83a614akyvwnxm0q914r23zp3jdggkj92mhfxw266y4gdvmnz20ck37jyzew2v6trfk9rhja1rdr3yjgxqap1qkdkqh37cnyqgamgf78gn6vhhg318zxndrjes56s3axgrr5xd6ka62yxzt9rhgnprgqm8223eav94w3f8qp39hxa7b7j5gnpqnrw8t4zyfj6ek2bp5vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5HP1HXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdJHRs3JNDERK-TYkjdRy33vMFVio1AQE_p6wmvr_fbX9ZTHUn-z8yCl9gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zZurvkJBg-QZv81Hpy8OuTpe5Lw%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d464e345a3f736a86cb952ecb8d2e2a74e6991378bda2ebd7e5a98a86667a360

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 467738
cf-polished: origFmt=png, origSize=10674
alt-svc: h3=":443"; ma=86400
content-length: 2900
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:42:17 GMT
server: cloudflare
etag: "749e968ec8ea7c9ff764f0b5b5a295a0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03V1qjLxNcb75FLjKLAI4WfT7NtENX%2FcNQuGFhDascgE%2FwX8HtweLJY5iNZCdH9HPCbQ5YPuVnHok1iL9xBnMElRwoe9iHNm0v%2Bdqlk%2B%2BB%2BMMTv66ue4AVW870MeXVhX046sV8uQE%2B%2BNxfo7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b779200a133614-FRA

GET
H2 200 50A0391ED1E82638BD388F91DB7A2617B584090578A365720D8AF5FD1BDF22035CB111A0506980F2E608C60A08D698A0A8D1AC530659B7A2489C546E1B8D6D1B
assets.ad4m.at/ Frame 4A80 24 KB
24 KB 60ms
60ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/50A0391ED1E82638BD388F91DB7A2617B584090578A365720D8AF5FD1BDF22035CB111A0506980F2E608C60A08D698A0A8D1AC530659B7A2489C546E1B8D6D1B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C11184%2C19840&b=1xVfbfKfZd1c9HdH9tAtb9rC2SKTGGmUx73J%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem&f=wqZHdfjf1j4SEHRH2tEC867tzSATmmJCKJpP%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ&c=300&d=250&e=&g=edfeb25695cd45b09b5a4a3c6f8e7bad%2F3477082243280992167&i=26474%2C20374%2C22610&j=41%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302568&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1j5fkafk4am2m85xbqxxx8sf7yjwwecv88bb8v73bkzemewk9716bfpy938ka9y4h6jbn541hywxraz83a614akyvwnxm0q914r23zp3jdggkj92mhfxw266y4gdvmnz20ck37jyzew2v6trfk9rhja1rdr3yjgxqap1qkdkqh37cnyqgamgf78gn6vhhg318zxndrjes56s3axgrr5xd6ka62yxzt9rhgnprgqm8223eav94w3f8qp39hxa7b7j5gnpqnrw8t4zyfj6ek2bp5vr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC5HP1HXuKZeiUJ8eM7_UPzrqpkA-aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0DAWFm6qoCQFcTtG35AeBjTyOUQkZmTHwe_NfSqSG4-AwGVNLXiF9LTZwPzg0RkbDkZg1Wd3IjnBUPk9irmxwU7j1zx_o9VZZOYpUwRjsc_tK8W_MPrwEqSCx9Bz5pMsTAJdvjyiykvrUZrAy_1vFRCjOHmbARjrhiA4C24nXK87MbkE7l8HI42e98WFPWslzKsVdJHRs3JNDERK-TYkjdRy33vMFVio1AQE_p6wmvr_fbX9ZTHUn-z8yCl9gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYx_vj6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3zZurvkJBg-QZv81Hpy8OuTpe5Lw%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dea84dbaeff7fc5384ed3601f039fd8941c523895588b3c22843ab50c3d1d0d7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 460460
cf-polished: qual=85, origFmt=jpeg, origSize=25176
alt-svc: h3=":443"; ma=86400
content-length: 24106
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2023 16:46:26 GMT
server: cloudflare
etag: "e3d69db8e3a46b3d72f640f07639e36c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkP203dwTuayPMbiwG%2F0uO%2BNNJCeQoqxbU4QsPa0Yg9pjSZ3nI0%2FWBoPB9Hadtrl0pKuVBl0KvzZKT6hsT5PRGeY%2F5HVLJ1iDWoTMnEYBfpxzeZDHkGJ51g96o%2BqzfV7kmo0L%2B64lH6keBA0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b779200a153614-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 4A80 43 B
704 B 121ms
64ms Image
image/gif 23.192.250.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2463630&v=17927&q=371115&r=412871&pv=1&pref3=oneidbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqemoneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.250.178 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-250-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Dec 2023 07:05:02 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame D09D 115 KB
14 KB 54ms
54ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C63352%2C11184&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7&c=300&d=250&e=&g=a642404264b2020e9af9ab715732166f%2F2487855907477922609&i=26474%2C28908%2C20374&j=41%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302586&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjk57gj86c9vj4vn5sam325csxhgsm60sbjfejxg0ftkt86mpaqkzntqf634k2wkptxxsjwe5dc1wrnhs38e5e56tfy1fhw0vmvkn3b26qw31gzwvzcd7swpxpk2zz8tcy3h8w0pzr6zj4gees6p01dtm4ny0rk9av47ccss2dpsnwg31d4dh3kkmd67c93v7jwphsc5gsxqx6rqcb6jcv0f9gdgh6c0vmcs2ndv4m8xb2e2bskb3vm04246t202ek5n6k30qq2r5n9mbb6r21y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1140027
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IY7XTryfku4nJwNk8jjcfJ3B7lD6a7wGBydRuzVbZTGfEnBvkq4xlN0s8FYn8vat9yy6EaqEQqRG2I7er9rjy%2B6Alv1Kk%2Bi5U6xjD5BwHmStZ1Defsz6qCx2pRxTmjnkxTdHpUFbTdU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b7791fdbb21c9f-FRA
expires: Wed, 27 Dec 2023 07:05:02 GMT

GET
H2 200 E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
assets.ad4m.at/logo/ Frame D09D 9 KB
9 KB 48ms
43ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E622BC9BD82AE6F51E341CE5BBC00C7BCEF1113266FC86A7954D357A123D68059FD32592A221C64F87EEABAF18D4698D5388E6B9CA984D807BB6BB7E4D07744E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C63352%2C11184&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7&c=300&d=250&e=&g=a642404264b2020e9af9ab715732166f%2F2487855907477922609&i=26474%2C28908%2C20374&j=41%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302586&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjk57gj86c9vj4vn5sam325csxhgsm60sbjfejxg0ftkt86mpaqkzntqf634k2wkptxxsjwe5dc1wrnhs38e5e56tfy1fhw0vmvkn3b26qw31gzwvzcd7swpxpk2zz8tcy3h8w0pzr6zj4gees6p01dtm4ny0rk9av47ccss2dpsnwg31d4dh3kkmd67c93v7jwphsc5gsxqx6rqcb6jcv0f9gdgh6c0vmcs2ndv4m8xb2e2bskb3vm04246t202ek5n6k30qq2r5n9mbb6r21y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3983434
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 8772
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:13:38 GMT
server: cloudflare
etag: "15b1f39d668aa86c2ba2ba17d94cc733"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rb%2F6v19%2BDzq8go6pRfRW2S7mSCNTFCU4O7R0hy%2FKqnxSzvWNEmcbw2nqoA%2FnUCDC%2FWX0Va1GmZ1OCoOuAxD4BYNLQv%2FykDUTmTophKHqeDsaMpHBJ%2FOtniJAuLefLPD6%2FWureCqkpPbnthU4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b7791ff9ea3614-FRA

GET
H2 200 2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
assets.ad4m.at/ Frame D09D 32 KB
33 KB 42ms
37ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/2A409C956034279942BB00C734EEBA96A30BFA66974E50A0A1FCCC37F0E29F63CDE4339A721079F3863F9D3A2D1FC91B69CE99DD1EDFB0C05A709324F55DF63A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C63352%2C11184&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7&c=300&d=250&e=&g=a642404264b2020e9af9ab715732166f%2F2487855907477922609&i=26474%2C28908%2C20374&j=41%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302586&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjk57gj86c9vj4vn5sam325csxhgsm60sbjfejxg0ftkt86mpaqkzntqf634k2wkptxxsjwe5dc1wrnhs38e5e56tfy1fhw0vmvkn3b26qw31gzwvzcd7swpxpk2zz8tcy3h8w0pzr6zj4gees6p01dtm4ny0rk9av47ccss2dpsnwg31d4dh3kkmd67c93v7jwphsc5gsxqx6rqcb6jcv0f9gdgh6c0vmcs2ndv4m8xb2e2bskb3vm04246t202ek5n6k30qq2r5n9mbb6r21y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4057062
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 33043
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 08:07:19 GMT
server: cloudflare
etag: "4248eb804269666620fb86952a326d7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPdHKGwNBF2hyYjWvVP1TqCxnuwB%2Brj9SafVRpkWOnU%2FWDchd8a%2FwHxas1V%2F1vPVLvUZPdIdFWgAZecWIABLWXOraF8VfHG2p653saW6WIHLdnQXzed1cmHiH5whzlu6CcoyrHgSbL7zKlU0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b7791ff9e93614-FRA

GET
H2 200 2aed39855b5f46b7651ba591340f258c
pv.medialead.de/trck/epv/ Frame D09D 0
326 B 95ms
29ms Image
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/epv/2aed39855b5f46b7651ba591340f258c?t=htlp&subid=wkzMotivBoneidpb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRjoneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C63352%2C11184&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7&c=300&d=250&e=&g=a642404264b2020e9af9ab715732166f%2F2487855907477922609&i=26474%2C28908%2C20374&j=41%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302586&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjk57gj86c9vj4vn5sam325csxhgsm60sbjfejxg0ftkt86mpaqkzntqf634k2wkptxxsjwe5dc1wrnhs38e5e56tfy1fhw0vmvkn3b26qw31gzwvzcd7swpxpk2zz8tcy3h8w0pzr6zj4gees6p01dtm4ny0rk9av47ccss2dpsnwg31d4dh3kkmd67c93v7jwphsc5gsxqx6rqcb6jcv0f9gdgh6c0vmcs2ndv4m8xb2e2bskb3vm04246t202ek5n6k30qq2r5n9mbb6r21y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
attribution-reporting-register-source: {"source_event_id":"17200573720103333","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 CEA01F26ECDA379B989AFCCDD90D855E85BC4EDC0167FDDF6D7518E94FACA1E86F5413262BA983FD7B3EB522C0EFBE68D862FAE17675C1759EF9CEF695FF252E
assets.ad4m.at/logo/ Frame D09D 4 KB
4 KB 54ms
53ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CEA01F26ECDA379B989AFCCDD90D855E85BC4EDC0167FDDF6D7518E94FACA1E86F5413262BA983FD7B3EB522C0EFBE68D862FAE17675C1759EF9CEF695FF252E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C63352%2C11184&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7&c=300&d=250&e=&g=a642404264b2020e9af9ab715732166f%2F2487855907477922609&i=26474%2C28908%2C20374&j=41%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302586&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjk57gj86c9vj4vn5sam325csxhgsm60sbjfejxg0ftkt86mpaqkzntqf634k2wkptxxsjwe5dc1wrnhs38e5e56tfy1fhw0vmvkn3b26qw31gzwvzcd7swpxpk2zz8tcy3h8w0pzr6zj4gees6p01dtm4ny0rk9av47ccss2dpsnwg31d4dh3kkmd67c93v7jwphsc5gsxqx6rqcb6jcv0f9gdgh6c0vmcs2ndv4m8xb2e2bskb3vm04246t202ek5n6k30qq2r5n9mbb6r21y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baea1b0179de2ed86f05d1c2cf49a0196f60d4d54caebc4fd4dcd3ec82ed892c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 465000
cf-polished: origFmt=png, origSize=14213
alt-svc: h3=":443"; ma=86400
content-length: 4130
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:35:59 GMT
server: cloudflare
etag: "b2cd853289d9bbd9287c939fa27fb2a1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BY7JLyF5dV6xJS5xfZ7Oj6sSXNpO2Jk8cyK%2FJXFxdlHLFdk%2F0CClTFkVAbtzMEKQnInds5Kr9aHNyYDeT9PEL8JsnIjsRVDrI8fZGRo8RzqsqHWcfg2%2BPnMX3ul7qjLLZ%2FMF44j9wvtoQTmf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b779200a173614-FRA

GET
H2 200 B902938409DC456E78B06CA3D968089A3B24CF453EBED3D522151E05E0E5473662A8AB5E8006250E8B3642ABB87892B88B07789C96E65246389AFA58354A01D5
assets.ad4m.at/ Frame D09D 35 KB
35 KB 52ms
51ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B902938409DC456E78B06CA3D968089A3B24CF453EBED3D522151E05E0E5473662A8AB5E8006250E8B3642ABB87892B88B07789C96E65246389AFA58354A01D5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C63352%2C11184&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7&c=300&d=250&e=&g=a642404264b2020e9af9ab715732166f%2F2487855907477922609&i=26474%2C28908%2C20374&j=41%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302586&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjk57gj86c9vj4vn5sam325csxhgsm60sbjfejxg0ftkt86mpaqkzntqf634k2wkptxxsjwe5dc1wrnhs38e5e56tfy1fhw0vmvkn3b26qw31gzwvzcd7swpxpk2zz8tcy3h8w0pzr6zj4gees6p01dtm4ny0rk9av47ccss2dpsnwg31d4dh3kkmd67c93v7jwphsc5gsxqx6rqcb6jcv0f9gdgh6c0vmcs2ndv4m8xb2e2bskb3vm04246t202ek5n6k30qq2r5n9mbb6r21y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44373fdef02923f072a69e4e6b3c1f2f34ea6f740ccad132faa20ce99741b48e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 468074
cf-polished: qual=85, origFmt=jpeg, origSize=110199
alt-svc: h3=":443"; ma=86400
content-length: 35928
cf-bgj: imgq:85,h2pri
last-modified: Tue, 28 Nov 2023 17:14:53 GMT
server: cloudflare
etag: "1416cb261db9ada6c2fca174724f9ea8"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNqWxjpClkbMd7OwBwel%2FQi0Ra0UPSozq%2FmFfXZNDkTUNXH0OB5WQLz12J04%2Bydlemr6XoDX3Eo1xECxkTI%2BWfN2tHMOweDFyJ2ygyCDSFYaKT6vxUdGRoMocCWK4JnBzY4WbH6BMETMlT8U"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b779200a183614-FRA

GET
H2 200 963fb8e2eec080164ced0d8b1bcc4e5d Show response
trck.trendtours.de/trck/epv/ Frame D09D 640 B
952 B 200ms
112ms Script
application/javascript 51.83.212.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://trck.trendtours.de/trck/epv/963fb8e2eec080164ced0d8b1bcc4e5d?subid=oneid9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2oneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C63352%2C11184&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7&c=300&d=250&e=&g=a642404264b2020e9af9ab715732166f%2F2487855907477922609&i=26474%2C28908%2C20374&j=41%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302586&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjk57gj86c9vj4vn5sam325csxhgsm60sbjfejxg0ftkt86mpaqkzntqf634k2wkptxxsjwe5dc1wrnhs38e5e56tfy1fhw0vmvkn3b26qw31gzwvzcd7swpxpk2zz8tcy3h8w0pzr6zj4gees6p01dtm4ny0rk9av47ccss2dpsnwg31d4dh3kkmd67c93v7jwphsc5gsxqx6rqcb6jcv0f9gdgh6c0vmcs2ndv4m8xb2e2bskb3vm04246t202ek5n6k30qq2r5n9mbb6r21y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.212.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ip112.ip-51-83-212.eu
Software: nginx /
Resource Hash: c19e4e4ff6bf0c1c08602a49ad2799d460eaf95f31dd3a86beb3cfffb8382eb3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
attribution-reporting-register-source: {"source_event_id":"16800505250109142","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-https-header: 1
content-length: 640

GET
H2 200 FD5F24A2D31F8DF379AC66382D10C95BCB2B6DBDAB1DA6A8C928B4E2932EB8E5F816C97A7A7B662747A82FA3B32C5D2169F78EB90A71DB8E4B05718BDD554064
assets.ad4m.at/logo/ Frame D09D 4 KB
4 KB 56ms
55ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/FD5F24A2D31F8DF379AC66382D10C95BCB2B6DBDAB1DA6A8C928B4E2932EB8E5F816C97A7A7B662747A82FA3B32C5D2169F78EB90A71DB8E4B05718BDD554064
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C63352%2C11184&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7&c=300&d=250&e=&g=a642404264b2020e9af9ab715732166f%2F2487855907477922609&i=26474%2C28908%2C20374&j=41%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302586&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjk57gj86c9vj4vn5sam325csxhgsm60sbjfejxg0ftkt86mpaqkzntqf634k2wkptxxsjwe5dc1wrnhs38e5e56tfy1fhw0vmvkn3b26qw31gzwvzcd7swpxpk2zz8tcy3h8w0pzr6zj4gees6p01dtm4ny0rk9av47ccss2dpsnwg31d4dh3kkmd67c93v7jwphsc5gsxqx6rqcb6jcv0f9gdgh6c0vmcs2ndv4m8xb2e2bskb3vm04246t202ek5n6k30qq2r5n9mbb6r21y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f49cc673474a4be69bf9a456a0ed0b9affb62e6f6b7cf074c5037520f065c1d2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 459409
cf-polished: origFmt=png, origSize=4700
alt-svc: h3=":443"; ma=86400
content-length: 4212
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Nov 2023 21:11:43 GMT
server: cloudflare
etag: "62efef40f1e85e16d21df2011c1e9e73"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ry6Nfp7AwPx0xfMjcybk77T5b6RmjTeYA7h3DdgTrmu%2BrtRkgvybJfanhV8Nx4ak2dAC4P7kNqN%2BPhln%2BUr4xJHgZpsuw1XdgBfCXq9t8araeErztiHJnDD%2B7c9gXe6jNHc9VEfODBEhsZq7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b779200a1b3614-FRA

GET
H2 200 7FE0F60184B8707CB4E52907E84ABF5F2942E25C75CD0D84CBAB8E652522C20786FE0CAB8FD6F7E8494D211127C98389FCFC432B4C8D17D1B74406E1DA298B4F
assets.ad4m.at/product_image/ Frame D09D 57 KB
57 KB 65ms
64ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/7FE0F60184B8707CB4E52907E84ABF5F2942E25C75CD0D84CBAB8E652522C20786FE0CAB8FD6F7E8494D211127C98389FCFC432B4C8D17D1B74406E1DA298B4F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C63352%2C11184&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7&c=300&d=250&e=&g=a642404264b2020e9af9ab715732166f%2F2487855907477922609&i=26474%2C28908%2C20374&j=41%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302586&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjk57gj86c9vj4vn5sam325csxhgsm60sbjfejxg0ftkt86mpaqkzntqf634k2wkptxxsjwe5dc1wrnhs38e5e56tfy1fhw0vmvkn3b26qw31gzwvzcd7swpxpk2zz8tcy3h8w0pzr6zj4gees6p01dtm4ny0rk9av47ccss2dpsnwg31d4dh3kkmd67c93v7jwphsc5gsxqx6rqcb6jcv0f9gdgh6c0vmcs2ndv4m8xb2e2bskb3vm04246t202ek5n6k30qq2r5n9mbb6r21y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3962eb8341093bf31b12bd98a5fbe2658845248d049cab68d3718634c8523dc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2422599
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 58498
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Nov 2023 10:00:47 GMT
server: cloudflare
etag: "5cfaf431e5e72f935e193ef28529a54f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCPnjFd4bDKbK9pIb9vdPGNsS1KNcTUVlMvuKTnMK%2FVJNmASQMUjP%2BdRI5wpQvHcAHQ2wAt01D0DEOWnLoHtp%2FMqz6G42SRYGLXT6fJm%2FBpjzVNKcOU7ynnUqYU4mCmIG%2FelGQAOq6Lz5In3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b779200a1c3614-FRA

GET
H3

200

B22944204.250994090;dc_pre=CM2IrunErIMDFUmZ_QcdqZ0B_g;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/ Frame D09D
Redirect Chain

https://www.awin1.com/cshow.php?s=2389702&v=11953&q=363641&r=412871&pv=1&pref3=oneidEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbkoneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0
https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_pre=CM2IrunErIMDFUmZ_QcdqZ0B_g;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_...

42 B
63 B

44ms
44ms

Image
image/gif

172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_pre=CM2IrunErIMDFUmZ_QcdqZ0B_g;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=34719%2C63352%2C11184&b=pb3h1fgfrVGckH4HmtztrMBf9SRT88MawqRj%2C9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2CEQkHDfEfxqbhzHAHjt4t4d6UKSVTYY4UBgbk&f=JjDSzf5fgrwSBH6H7tqCQBGCxSgT448aP34B%2C1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2CAPkaYfqfGgAhAHRH4tMCMbYsRS4TRR8h3JX7&c=300&d=250&e=&g=a642404264b2020e9af9ab715732166f%2F2487855907477922609&i=26474%2C28908%2C20374&j=41%2C24%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302586&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jjk57gj86c9vj4vn5sam325csxhgsm60sbjfejxg0ftkt86mpaqkzntqf634k2wkptxxsjwe5dc1wrnhs38e5e56tfy1fhw0vmvkn3b26qw31gzwvzcd7swpxpk2zz8tcy3h8w0pzr6zj4gees6p01dtm4ny0rk9av47ccss2dpsnwg31d4dh3kkmd67c93v7jwphsc5gsxqx6rqcb6jcv0f9gdgh6c0vmcs2ndv4m8xb2e2bskb3vm04246t202ek5n6k30qq2r5n9mbb6r21y%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCcL0bHXuKZfriJ6_G9u8P4_eI0AqaoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0Iq5pLuYET92sekvcPaEBM17g3ab72Rim91Tldzywjx7DWQqzDPg6LRiepEWxxhsmo51bL5tyr_jqccanVCY7UicPYk0p2g5zU2d8wBiMlCRxOipynTMGj2Ul7ALPoOHjDnm5_EAyh6yQZAJ72LDYY_3hHMAVMOsBsQf2KSaac2bVjQuAF_HB1RT54tn4JJmjRv4sUzvwn5YyyGUTTP3Fg3X-B-YZQq4p2OdDik21tn17RmLXmz7VJf2M1oPgAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYqcjk6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1etiV-TIcN2-VdetLIoNgXn0hfzg%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0

Protocol

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N1033083.286154AWIN/B22944204.250994090;dc_pre=CM2IrunErIMDFUmZ_QcdqZ0B_g;dc_trk_aid=447374061;dc_trk_cid=118838849;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame E1B9 115 KB
14 KB 65ms
65ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C19840%2C196438&b=9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2CPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8&f=1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2Cbj2SQfZf59KdsYHbHzt8Cpb1tbSJTMMqTKqem&c=300&d=250&e=&g=b1b2ee0a0dabf9512b8c7b0f7b504fe4%2F10345385199233203248&i=28908%2C22610%2C25174&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302596&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hds7z1q4kkk2sg32b3k3e0x29wg416qd2nava6kfktc3fae852fw6cehp7k9qrt9v04ahr5j0mk9dtg9d48q9gcafm27gj80m12cgm2a6qdfm66tx75v103xz38tja915jm63eazbt1re0dryabkz2wtt4xbkh2a134k54cxcb34tczst104ajdyw01jhrbcx4cjpqzhdtmj4dy2q5ge69zrm668xa20m1ryetbghjw4mrym5ng6wgkthr4tp0bypew3b6rfntghqw7bc9d8mxy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1140027
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gP%2BHOT8OgI4P%2BGSyc5ahSf1ZPVFXql8%2BYPkqOId69sPuKc0gVsAjuCEFFnLjGM5UgR8u3kXufJVYTc9t0HhmMO36j38Ob4JMpyEGQ5jviu3ASEybKpLMxk0oUljinPPfCAGeKLDevFA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 83b7791ffbc71c9f-FRA
expires: Wed, 27 Dec 2023 07:05:02 GMT

GET
H2 200 CEA01F26ECDA379B989AFCCDD90D855E85BC4EDC0167FDDF6D7518E94FACA1E86F5413262BA983FD7B3EB522C0EFBE68D862FAE17675C1759EF9CEF695FF252E
assets.ad4m.at/logo/ Frame E1B9 4 KB
4 KB 53ms
53ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CEA01F26ECDA379B989AFCCDD90D855E85BC4EDC0167FDDF6D7518E94FACA1E86F5413262BA983FD7B3EB522C0EFBE68D862FAE17675C1759EF9CEF695FF252E
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C19840%2C196438&b=9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2CPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8&f=1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2Cbj2SQfZf59KdsYHbHzt8Cpb1tbSJTMMqTKqem&c=300&d=250&e=&g=b1b2ee0a0dabf9512b8c7b0f7b504fe4%2F10345385199233203248&i=28908%2C22610%2C25174&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302596&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hds7z1q4kkk2sg32b3k3e0x29wg416qd2nava6kfktc3fae852fw6cehp7k9qrt9v04ahr5j0mk9dtg9d48q9gcafm27gj80m12cgm2a6qdfm66tx75v103xz38tja915jm63eazbt1re0dryabkz2wtt4xbkh2a134k54cxcb34tczst104ajdyw01jhrbcx4cjpqzhdtmj4dy2q5ge69zrm668xa20m1ryetbghjw4mrym5ng6wgkthr4tp0bypew3b6rfntghqw7bc9d8mxy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baea1b0179de2ed86f05d1c2cf49a0196f60d4d54caebc4fd4dcd3ec82ed892c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 465000
cf-polished: origFmt=png, origSize=14213
alt-svc: h3=":443"; ma=86400
content-length: 4130
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:35:59 GMT
server: cloudflare
etag: "b2cd853289d9bbd9287c939fa27fb2a1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqo%2B12mmdoYhgDgSchzsFdO9CIinrL2zwZScAErFzl7cy%2Bkfkei9kij2NThRfBSHJL3e8wxG9FwrNA6wc3Q4q5Ktg%2BTxMZs6UsjaFNPUfNaWwFMi0GeIcnCfwrLeKK25NlX3Ydel4zUTCcjM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b779200a0d3614-FRA

GET
H2 200 B902938409DC456E78B06CA3D968089A3B24CF453EBED3D522151E05E0E5473662A8AB5E8006250E8B3642ABB87892B88B07789C96E65246389AFA58354A01D5
assets.ad4m.at/ Frame E1B9 35 KB
35 KB 57ms
57ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B902938409DC456E78B06CA3D968089A3B24CF453EBED3D522151E05E0E5473662A8AB5E8006250E8B3642ABB87892B88B07789C96E65246389AFA58354A01D5
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C19840%2C196438&b=9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2CPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8&f=1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2Cbj2SQfZf59KdsYHbHzt8Cpb1tbSJTMMqTKqem&c=300&d=250&e=&g=b1b2ee0a0dabf9512b8c7b0f7b504fe4%2F10345385199233203248&i=28908%2C22610%2C25174&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302596&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hds7z1q4kkk2sg32b3k3e0x29wg416qd2nava6kfktc3fae852fw6cehp7k9qrt9v04ahr5j0mk9dtg9d48q9gcafm27gj80m12cgm2a6qdfm66tx75v103xz38tja915jm63eazbt1re0dryabkz2wtt4xbkh2a134k54cxcb34tczst104ajdyw01jhrbcx4cjpqzhdtmj4dy2q5ge69zrm668xa20m1ryetbghjw4mrym5ng6wgkthr4tp0bypew3b6rfntghqw7bc9d8mxy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44373fdef02923f072a69e4e6b3c1f2f34ea6f740ccad132faa20ce99741b48e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 468074
cf-polished: qual=85, origFmt=jpeg, origSize=110199
alt-svc: h3=":443"; ma=86400
content-length: 35928
cf-bgj: imgq:85,h2pri
last-modified: Tue, 28 Nov 2023 17:14:53 GMT
server: cloudflare
etag: "1416cb261db9ada6c2fca174724f9ea8"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yuOWFnqQZgd%2BSBNODWHERU98EQVtOJaj21QqStXypGq46dvdtQGzXaRXf7LNJU%2FCSmeW5PYvdLLskWirsgLFjg947%2BPlY5wk28QbVjotktD5j1OM4TkBqlFlv5Ij%2BsqoLrMH%2BTvj4UMsv2v"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b779200a0f3614-FRA

GET
H2 200 963fb8e2eec080164ced0d8b1bcc4e5d Show response
trck.trendtours.de/trck/epv/ Frame E1B9 640 B
953 B 186ms
110ms Script
application/javascript 51.83.212.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://trck.trendtours.de/trck/epv/963fb8e2eec080164ced0d8b1bcc4e5d?subid=oneid9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2oneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C19840%2C196438&b=9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2CPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8&f=1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2Cbj2SQfZf59KdsYHbHzt8Cpb1tbSJTMMqTKqem&c=300&d=250&e=&g=b1b2ee0a0dabf9512b8c7b0f7b504fe4%2F10345385199233203248&i=28908%2C22610%2C25174&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302596&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hds7z1q4kkk2sg32b3k3e0x29wg416qd2nava6kfktc3fae852fw6cehp7k9qrt9v04ahr5j0mk9dtg9d48q9gcafm27gj80m12cgm2a6qdfm66tx75v103xz38tja915jm63eazbt1re0dryabkz2wtt4xbkh2a134k54cxcb34tczst104ajdyw01jhrbcx4cjpqzhdtmj4dy2q5ge69zrm668xa20m1ryetbghjw4mrym5ng6wgkthr4tp0bypew3b6rfntghqw7bc9d8mxy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.212.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ip112.ip-51-83-212.eu
Software: nginx /
Resource Hash: 4ab069da8ee4d39a37a16d06140d4cd280dd249ad7debd58045e2422b34c695c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
attribution-reporting-register-source: {"source_event_id":"16800505250109142","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
x-https-header: 1
content-length: 640

GET
H2 200 0FFB463DB03CB009793080C1B53C23C9FD5377E1899EF35E72791D21CA62D52A222D662E2077C819E6DE8402D02F3C83CF5355E92DFA2B41CAD20448D14D8FA3
assets.ad4m.at/logo/ Frame E1B9 3 KB
3 KB 46ms
45ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/0FFB463DB03CB009793080C1B53C23C9FD5377E1899EF35E72791D21CA62D52A222D662E2077C819E6DE8402D02F3C83CF5355E92DFA2B41CAD20448D14D8FA3
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C19840%2C196438&b=9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2CPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8&f=1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2Cbj2SQfZf59KdsYHbHzt8Cpb1tbSJTMMqTKqem&c=300&d=250&e=&g=b1b2ee0a0dabf9512b8c7b0f7b504fe4%2F10345385199233203248&i=28908%2C22610%2C25174&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302596&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hds7z1q4kkk2sg32b3k3e0x29wg416qd2nava6kfktc3fae852fw6cehp7k9qrt9v04ahr5j0mk9dtg9d48q9gcafm27gj80m12cgm2a6qdfm66tx75v103xz38tja915jm63eazbt1re0dryabkz2wtt4xbkh2a134k54cxcb34tczst104ajdyw01jhrbcx4cjpqzhdtmj4dy2q5ge69zrm668xa20m1ryetbghjw4mrym5ng6wgkthr4tp0bypew3b6rfntghqw7bc9d8mxy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d464e345a3f736a86cb952ecb8d2e2a74e6991378bda2ebd7e5a98a86667a360

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 467738
cf-polished: origFmt=png, origSize=10674
alt-svc: h3=":443"; ma=86400
content-length: 2900
cf-bgj: imgq:85,h2pri
last-modified: Thu, 12 Oct 2023 15:42:17 GMT
server: cloudflare
etag: "749e968ec8ea7c9ff764f0b5b5a295a0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6BUvZ3F6UoGtaD4i1TfbSAHaM0fDdN%2BOUKQ42oFc%2Bq4RwtPYgRNz4IJsrkM617HF6rbj1S3u0COPj5q4uxFD264FRGNCu6n3htb739sNkCtulPxe6RXDUxNTrxmCKyPVxc89s5eJCdav3EP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b779200a1e3614-FRA

GET
H2 200 50A0391ED1E82638BD388F91DB7A2617B584090578A365720D8AF5FD1BDF22035CB111A0506980F2E608C60A08D698A0A8D1AC530659B7A2489C546E1B8D6D1B
assets.ad4m.at/ Frame E1B9 24 KB
24 KB 51ms
50ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/50A0391ED1E82638BD388F91DB7A2617B584090578A365720D8AF5FD1BDF22035CB111A0506980F2E608C60A08D698A0A8D1AC530659B7A2489C546E1B8D6D1B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C19840%2C196438&b=9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2CPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8&f=1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2Cbj2SQfZf59KdsYHbHzt8Cpb1tbSJTMMqTKqem&c=300&d=250&e=&g=b1b2ee0a0dabf9512b8c7b0f7b504fe4%2F10345385199233203248&i=28908%2C22610%2C25174&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302596&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hds7z1q4kkk2sg32b3k3e0x29wg416qd2nava6kfktc3fae852fw6cehp7k9qrt9v04ahr5j0mk9dtg9d48q9gcafm27gj80m12cgm2a6qdfm66tx75v103xz38tja915jm63eazbt1re0dryabkz2wtt4xbkh2a134k54cxcb34tczst104ajdyw01jhrbcx4cjpqzhdtmj4dy2q5ge69zrm668xa20m1ryetbghjw4mrym5ng6wgkthr4tp0bypew3b6rfntghqw7bc9d8mxy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dea84dbaeff7fc5384ed3601f039fd8941c523895588b3c22843ab50c3d1d0d7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 460460
cf-polished: qual=85, origFmt=jpeg, origSize=25176
alt-svc: h3=":443"; ma=86400
content-length: 24106
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2023 16:46:26 GMT
server: cloudflare
etag: "e3d69db8e3a46b3d72f640f07639e36c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCMn2PhYQNinrhgnXgXNmvHqIghDTlXRiP6Ja6O3OjSM00IZdr1SHmUXpBKQd86lqKflC9oT3fD500%2B7Jlbh8BpQ%2Fuga18SyvVTHWnxlg9RMetG428luYDHF9WWxSnVt%2Fj4IrFaoaanTEA%2Br"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b779200a203614-FRA

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame E1B9 43 B
704 B 112ms
61ms Image
image/gif 23.192.250.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2463630&v=17927&q=371115&r=412871&pv=1&pref3=oneidbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqemoneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C19840%2C196438&b=9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2CPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8&f=1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2Cbj2SQfZf59KdsYHbHzt8Cpb1tbSJTMMqTKqem&c=300&d=250&e=&g=b1b2ee0a0dabf9512b8c7b0f7b504fe4%2F10345385199233203248&i=28908%2C22610%2C25174&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302596&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hds7z1q4kkk2sg32b3k3e0x29wg416qd2nava6kfktc3fae852fw6cehp7k9qrt9v04ahr5j0mk9dtg9d48q9gcafm27gj80m12cgm2a6qdfm66tx75v103xz38tja915jm63eazbt1re0dryabkz2wtt4xbkh2a134k54cxcb34tczst104ajdyw01jhrbcx4cjpqzhdtmj4dy2q5ge69zrm668xa20m1ryetbghjw4mrym5ng6wgkthr4tp0bypew3b6rfntghqw7bc9d8mxy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.250.178 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-250-178.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Dec 2023 07:05:02 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
assets.ad4m.at/logo/ Frame E1B9 9 KB
10 KB 50ms
49ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/F1668CEEF41AAD8A0C029F9D23FE46EC6F8068CDC15DA60F85AFC1E3BD14A8C560B4DF91D88D53A78DBCC7160246BC21A8B17CCED604428331EE91402A545B83
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C19840%2C196438&b=9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2CPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8&f=1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2Cbj2SQfZf59KdsYHbHzt8Cpb1tbSJTMMqTKqem&c=300&d=250&e=&g=b1b2ee0a0dabf9512b8c7b0f7b504fe4%2F10345385199233203248&i=28908%2C22610%2C25174&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302596&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hds7z1q4kkk2sg32b3k3e0x29wg416qd2nava6kfktc3fae852fw6cehp7k9qrt9v04ahr5j0mk9dtg9d48q9gcafm27gj80m12cgm2a6qdfm66tx75v103xz38tja915jm63eazbt1re0dryabkz2wtt4xbkh2a134k54cxcb34tczst104ajdyw01jhrbcx4cjpqzhdtmj4dy2q5ge69zrm668xa20m1ryetbghjw4mrym5ng6wgkthr4tp0bypew3b6rfntghqw7bc9d8mxy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 468647
cf-polished: qual=85, origFmt=jpeg, origSize=13332
alt-svc: h3=":443"; ma=86400
content-length: 9604
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 17:02:02 GMT
server: cloudflare
etag: "23e86ef8ba51d351917574e3e8d33ca5"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQfhVhdf3BrfxFzhZSRjeFW6fQwjHXxFoBId3FRPJ8Htf86otnPEjG5E4jitBvg3oznktUF8l2UmfRol9wMwJiToF0p66wAJW1%2BJaZK8lBGFXTCE0VdOP1nlLTjJIX37ZCFqEtKaSHxlQeO2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b779200a213614-FRA

GET
H2 200 BE6DC3223230068E9577E01057A3B7B2EF16298C4CB50492A156BC698A0B935475C050BE8658A2EEFAFF80ECE4CCAAFC1E82AC22B24DC4054F36591D448FD712
assets.ad4m.at/ Frame E1B9 28 KB
29 KB 51ms
51ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/BE6DC3223230068E9577E01057A3B7B2EF16298C4CB50492A156BC698A0B935475C050BE8658A2EEFAFF80ECE4CCAAFC1E82AC22B24DC4054F36591D448FD712
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C19840%2C196438&b=9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2CPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8&f=1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2Cbj2SQfZf59KdsYHbHzt8Cpb1tbSJTMMqTKqem&c=300&d=250&e=&g=b1b2ee0a0dabf9512b8c7b0f7b504fe4%2F10345385199233203248&i=28908%2C22610%2C25174&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302596&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hds7z1q4kkk2sg32b3k3e0x29wg416qd2nava6kfktc3fae852fw6cehp7k9qrt9v04ahr5j0mk9dtg9d48q9gcafm27gj80m12cgm2a6qdfm66tx75v103xz38tja915jm63eazbt1re0dryabkz2wtt4xbkh2a134k54cxcb34tczst104ajdyw01jhrbcx4cjpqzhdtmj4dy2q5ge69zrm668xa20m1ryetbghjw4mrym5ng6wgkthr4tp0bypew3b6rfntghqw7bc9d8mxy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013c46bb69056b44df46c3a4d22b3b4ec4eb52aa2d8253019988ffe1494caf7f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2847991
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 28954
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Nov 2023 07:58:31 GMT
server: cloudflare
etag: "85b2952dc2f72512aefd9f8454909e82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MeVXuD2kfMIyFECREBnEYUwgTL60nMV9F1Hg9cQBACwme0J%2BVM777wG0qzJCz2zjtcNYOB9LRmEBWCSnQjb1y9kYGpKzzsAKlkcPGi79LXUGJvNezHsuuhh1TnZ%2B2SDP4NzBHfo9lyUdLWg2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 83b779200a233614-FRA

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame E1B9
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CL33punErIMDFV6DgwcdxqcIHg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8oneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703574302_17354ea1-a3bd-11ee-9488-2234841a3abe

0
549 B

110ms
28ms

Image
text/plain

87.118.116.9
KEYWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703574302_17354ea1-a3bd-11ee-9488-2234841a3abe
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C19840%2C196438&b=9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2CPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8&f=1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2Cbj2SQfZf59KdsYHbHzt8Cpb1tbSJTMMqTKqem&c=300&d=250&e=&g=b1b2ee0a0dabf9512b8c7b0f7b504fe4%2F10345385199233203248&i=28908%2C22610%2C25174&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302596&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hds7z1q4kkk2sg32b3k3e0x29wg416qd2nava6kfktc3fae852fw6cehp7k9qrt9v04ahr5j0mk9dtg9d48q9gcafm27gj80m12cgm2a6qdfm66tx75v103xz38tja915jm63eazbt1re0dryabkz2wtt4xbkh2a134k54cxcb34tczst104ajdyw01jhrbcx4cjpqzhdtmj4dy2q5ge69zrm668xa20m1ryetbghjw4mrym5ng6wgkthr4tp0bypew3b6rfntghqw7bc9d8mxy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS: km36617.keymachine.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Dec 2023 07:05:02 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Tue, 26 Dec 2023 07:05:02 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1703574302_17354ea1-a3bd-11ee-9488-2234841a3abe
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 04AB 13 KB
5 KB 32ms
31ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://held24.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

accept-ranges: bytes
age: 26272
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 23:47:10 GMT
expires: Tue, 24 Dec 2024 23:47:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 728B 829 B
1 KB 37ms
35ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7fd7689773df8e38eea1bcf475cdb59d2c897b9206781f3d7883037334f5e2d4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mDMFapDLbd2ey9Oj0nDlaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://held24.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-mDMFapDLbd2ey9Oj0nDlaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 07:05:02 GMT
expires: Tue, 26 Dec 2023 07:05:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 04AB 39 KB
15 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 10:15:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 728B 0
0 58ms
58ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2048463497000382&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 dc_oe=ChMI2v706MSsgwMVhtsRCB1ixAcnEAAYACCc7ONgQhMI7_LD6MSsgwMVppD9Bx3RzA7x;dc_eps=AHas8cDxDSyW39o44JLaLcbxo5neGoqBfpHRQgKhn1XyzBxePRvBnCcXd57Hgc4G7haXQuKtjzPVR-zQ_A;met=1;&timestamp=1703574302782;e...
ade.googlesyndication.com/ddm/activity/ Frame 83E6 42 B
401 B 130ms
60ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2v706MSsgwMVhtsRCB1ixAcnEAAYACCc7ONgQhMI7_LD6MSsgwMVppD9Bx3RzA7x;dc_eps=AHas8cDxDSyW39o44JLaLcbxo5neGoqBfpHRQgKhn1XyzBxePRvBnCcXd57Hgc4G7haXQuKtjzPVR-zQ_A;met=1;&timestamp=1703574302782;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIs7D06MSsgwMV0XDgCh2fTgbfEAAYACCc7ONgQhMI7vLD6MSsgwMVppD9Bx3RzA7x;dc_eps=AHas8cAB5sXzyL32E57Q4P8sUuKpXv5fRGumcgrwq44ZnJN_MQht9WOpM3nDvcoubmaQAQbqUyATAurwVQ;met=1;&timestamp=1703574302784;e...
ade.googlesyndication.com/ddm/activity/ Frame 9982 42 B
107 B 130ms
61ms Image
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIs7D06MSsgwMV0XDgCh2fTgbfEAAYACCc7ONgQhMI7vLD6MSsgwMVppD9Bx3RzA7x;dc_eps=AHas8cAB5sXzyL32E57Q4P8sUuKpXv5fRGumcgrwq44ZnJN_MQht9WOpM3nDvcoubmaQAQbqUyATAurwVQ;met=1;&timestamp=1703574302784;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 04AB 0
10 B 23ms
23ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?c_vpxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 htlp.html Show response
trck.trendtours.de/trck/htlp/ Frame 1DE4 0
301 B 109ms
109ms Document
application/javascript 51.83.212.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://trck.trendtours.de/trck/htlp/htlp.html?utm_medium=affiliate&campaign_id=165&pvid=658a7b1eb3766501af9f451f&gdpr=0&gdpr_consent=&gdpr_pd=0
Requested by: Host: trck.trendtours.de
URL: https://trck.trendtours.de/trck/epv/963fb8e2eec080164ced0d8b1bcc4e5d?subid=oneid9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2oneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.212.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ip112.ip-51-83-212.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"16556147020109025","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Tue, 26 Dec 2023 07:05:03 GMT
server: nginx
vary: Origin
x-https-header: 1

GET
H2 200 tt_trendtours%20allgemein_uppr_Native-Ads_V2_627x627.jpg
ht.uppr.de/campaign_168_Trendtours/20210212_nativeAds/ Frame E1B9 206 KB
206 KB 77ms
21ms Image
image/jpeg 54.37.204.178
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ht.uppr.de/campaign_168_Trendtours/20210212_nativeAds/tt_trendtours%20allgemein_uppr_Native-Ads_V2_627x627.jpg
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=63352%2C19840%2C196438&b=9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2%2Cbj2SQfZfx7BFYHbHztKtQmGTbSJTMMqTKqem%2CPmksBfbfbBKXt9HjHbtMtR5KaJS9TDDKF6RE8&f=1xVfbfKfD3Ges9HdH9tpCMg1U2SKTGGmUx73J%2C36Jfpf4fBAKF7HrHAtXCB4AHPSWTKKrhg2WZ%2Cbj2SQfZf59KdsYHbHzt8Cpb1tbSJTMMqTKqem&c=300&d=250&e=&g=b1b2ee0a0dabf9512b8c7b0f7b504fe4%2F10345385199233203248&i=28908%2C22610%2C25174&j=24%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach126_CH_ADXONLY&r=1703574302596&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hds7z1q4kkk2sg32b3k3e0x29wg416qd2nava6kfktc3fae852fw6cehp7k9qrt9v04ahr5j0mk9dtg9d48q9gcafm27gj80m12cgm2a6qdfm66tx75v103xz38tja915jm63eazbt1re0dryabkz2wtt4xbkh2a134k54cxcb34tczst104ajdyw01jhrbcx4cjpqzhdtmj4dy2q5ge69zrm668xa20m1ryetbghjw4mrym5ng6wgkthr4tp0bypew3b6rfntghqw7bc9d8mxy%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCYY8iHXuKZaLTJc7X9u8Pwo2qiA2aoOiiXcP8zfuLCcCNtwEQASAAYPWVzoHgBIIBF2NhLXB1Yi00NTI1Njg0MTIwMDAzMjI2yAEJqQJtPB3sDH6yPqgDAcgDAqoEvgFP0CnLMmeK9epXeNaibunTFhfoA1Ec37Yz2yZYJ_ymFmZHHcbLrGkDSncwJKS750Tb4V9k7rNxYcwyJAm_ztnSVQrQb18a9jIVKATpWlCDyyQFEm1orWwlo2IWN2p3HaHAy0NNGKvS3Vo77uN4UX8KmZdH0MIzN-C-_y9S2MnKDeD_USPphasbQdEJlizX3SvtKQFOxZAWQ9IxN06ZzrZwPR-l1J-GVW0ageXJG2JyDUWwMQg7l-X2vNhLh6S8gAbt4JjDqr6-7wmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYubri6MSsgwP6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0m-YQuKJjMnWn834YtJ7ftLMyh3w%2526client%253Dca-pub-4525684120003226%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.37.204.178 , France, ASN16276 (OVH, FR),
Reverse DNS: 178.ip-54-37-204.eu
Software: nginx/1.24.0 /
Resource Hash: 870f41518e409f62cb8fb5b51f8daf678dea6b3da96c4e9952327ee5ed2cdeab

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
last-modified: Fri, 12 Feb 2021 14:26:14 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "60269006-33610"
content-length: 210448
content-type: image/jpeg

GET
H2 200 tt_trendtours%20allgemein_uppr_Native-Ads_V2_627x627.jpg
ht.uppr.de/campaign_168_Trendtours/20210212_nativeAds/ Frame 7DE6 206 KB
206 KB 118ms
62ms Image
image/jpeg 54.37.204.178
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ht.uppr.de/campaign_168_Trendtours/20210212_nativeAds/tt_trendtours%20allgemein_uppr_Native-Ads_V2_627x627.jpg
Requested by: Host: trck.trendtours.de
URL: https://trck.trendtours.de/trck/epv/963fb8e2eec080164ced0d8b1bcc4e5d?subid=oneid9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2oneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.37.204.178 , France, ASN16276 (OVH, FR),
Reverse DNS: 178.ip-54-37-204.eu
Software: nginx/1.24.0 /
Resource Hash: 870f41518e409f62cb8fb5b51f8daf678dea6b3da96c4e9952327ee5ed2cdeab

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
last-modified: Fri, 12 Feb 2021 14:26:14 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "60269006-33610"
content-length: 210448
content-type: image/jpeg

GET
H2 200 htlp.html Show response
trck.trendtours.de/trck/htlp/ Frame 3776 0
301 B 115ms
115ms Document
application/javascript 51.83.212.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://trck.trendtours.de/trck/htlp/htlp.html?utm_medium=affiliate&campaign_id=165&pvid=658a7b1eb3766501af9f451d&gdpr=0&gdpr_consent=&gdpr_pd=0
Requested by: Host: trck.trendtours.de
URL: https://trck.trendtours.de/trck/epv/963fb8e2eec080164ced0d8b1bcc4e5d?subid=oneid9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2oneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.212.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ip112.ip-51-83-212.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"16556147020109025","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Tue, 26 Dec 2023 07:05:03 GMT
server: nginx
vary: Origin
x-https-header: 1

GET
H2 200 tt_trendtours%20allgemein_uppr_Native-Ads_V2_627x627.jpg
ht.uppr.de/campaign_168_Trendtours/20210212_nativeAds/ Frame D09D 206 KB
206 KB 117ms
62ms Image
image/jpeg 54.37.204.178
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ht.uppr.de/campaign_168_Trendtours/20210212_nativeAds/tt_trendtours%20allgemein_uppr_Native-Ads_V2_627x627.jpg
Requested by: Host: trck.trendtours.de
URL: https://trck.trendtours.de/trck/epv/963fb8e2eec080164ced0d8b1bcc4e5d?subid=oneid9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2oneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.37.204.178 , France, ASN16276 (OVH, FR),
Reverse DNS: 178.ip-54-37-204.eu
Software: nginx/1.24.0 /
Resource Hash: 870f41518e409f62cb8fb5b51f8daf678dea6b3da96c4e9952327ee5ed2cdeab

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 07:05:02 GMT
last-modified: Fri, 12 Feb 2021 14:26:14 GMT
server: nginx/1.24.0
accept-ranges: bytes
etag: "60269006-33610"
content-length: 210448
content-type: image/jpeg

GET
H2 200 htlp.html Show response
trck.trendtours.de/trck/htlp/ Frame BE18 0
301 B 117ms
116ms Document
application/javascript 51.83.212.112
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://trck.trendtours.de/trck/htlp/htlp.html?utm_medium=affiliate&campaign_id=165&pvid=658a7b1eb3766501af9f451b&gdpr=0&gdpr_consent=&gdpr_pd=0
Requested by: Host: trck.trendtours.de
URL: https://trck.trendtours.de/trck/epv/963fb8e2eec080164ced0d8b1bcc4e5d?subid=oneid9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2oneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.212.112 , France, ASN16276 (OVH, FR),
Reverse DNS: ip112.ip-51-83-212.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"16556147020109025","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Tue, 26 Dec 2023 07:05:03 GMT
server: nginx
vary: Origin
x-https-header: 1

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B50E 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugljbjs58Sh05ckMUcka_N3CylVSZAe_w8qXPPFHmRy9IxW42aTYmc4hsOmVRIU051URcV94TN5Q0d_OpHTFLPGtGTPMA3Uiamhh5kx66SQ3p4wSqqNL41a7TMmPzEIWpPFEsegps8y5M_XFU9W03gQRKq&sai=AMfl-YQZXX_zyDCkIg_pdn0bRg9Oe3AF6iKMgTwxvME3OGTbtPF9FCGjfOpXbgArwxfNclpO8OcYzqHu7bDpyMVXe5hmEAEJ_haQZfvvm4bGOIPmlS_q1az2lSF1YWqdgkIXxVX3MZeV1YAlJZEDueTt&sig=Cg0ArKJSzHZm0EFL93tmEAE&cid=CAQSTgAvHhf_GQtqz569Jf-N0HiGmCfjkwSIaULGeKNNvE3pl7hX-Q_j7SccQqUkCX0BYeD6krzmFKWfsFk1_rGTm0MfKHuXr7i3TTrh3I11_RgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=296,732,1000,1000,1000&tos=296,436,268,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703574301748&rpt=295&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9982 0
22 B 58ms
58ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4555035495823&version=m202309260101&ct=119&x=1&cor=12508712737948238000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 83E6 0
22 B 58ms
58ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5820193961933&version=m202309260101&ct=119&x=1&cor=14761453971653396000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 61ms
60ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2048463497000382&bg=!6Oul66TNAAY3kmNgF5I7ADQBe5WfOFmCXxrMVcl189wIlXlKrLONVx0H4qWPKx97yEkgUQk0Y2xjB6_myM3VqQmwxHi3AgAAADRSAAAAAmgBBwoAYODyHbqFguczVhwborBCHpzw8R0m10X67dUIvhLkKex_Tk7h531v1Ey4qmJnkzjewCk2pDoMxgmawWOVL59dKI-BfhZR32pVSiE5HnMiWE48Fww097T66uJmIjt4kEoIzJkDARqi88b--PFH3zyIvhkCXXkfxMifLswsPSl-Q7lKG-_Q7zO22zGdZ7Si3qnoZY68l3ekTyuXtLuBS1mwdLB_RuhxhSmYqpbH_z4zjVDo5eJU6a3AMMFKBHNNoDZLkfXjvgQHUp_3DXkVSq0qBlp5P2X0nuOUwP9AiMXXXRXOUpWQ0W1f5lAO3IA3WGuHxQ5-MU1ThcG74_Exc9kv3InoEJc-NAzETCqCnJWP07VqC2SEJmIyIy9O8AOUBocFAOTQwtWfskMpxNr0IdzdD7LdAuVGKFmJTmPCHZI6maIvGfJZX6zQ7NyTLGlPJ6mW28VcdMnFj605xhbX6ejGcBgbax1krkmUMaXiPCr9ciFvr4yIXIk5o0MjgifVEmBTUy8ClQpY2Y97JeAEwd27mVyEBWPxxXvEO7V-ToGP7f84-oZz_1xP_8OLcVACst-qXQn7pmNoCwA8PcXpFBxkUmaaLbUWr3uLfdte5aeqFHHoDhpxsUzIsHPlLqOOzHekeuKHIUe3khs0XEMa2kpdWT1iaum2iop1j8YDanuXcTojCsO9YAxkg_OwdN41MhY40XFMFyX0wkk5D_GNOFftTNnywcATixDYyyIpT8x9Glw_qFqK3OoSqRbZ8lJ8tGI6_brg-utRZnqn01EX4upYK-bmGbRdyEbgxyRelWymccUo0UwRPWH3PrYJOOkynxKDDq_wCRJL0KnUw95UvNlDK-UnU-mwuhu3xZw7Og7L9OCNnZSatxzl5UsxRLWRo7uxaI1h1NANN6_z_dlW5yzc9UBMsaILHYxFH2i_KpR10EqvcF6hnCRPrc_MGQCVbvGUXJ-K8KrNMwJOFm9IW3Gxv1abovVT63o4dQwxpMX9VX1NOaM3-Avu6atBtpJyGOTRarG4WtsDV3atzMfprvIygMKWs4wcS4H0Cu8btqCYGwJHtyJYsqIgKLzPewfo0WJxqQr0aR86uqbhwW1qy_wzEVi2LIUxZv8o-Mm7WVi1Tu8RwMi8SUhvUoOjXri2v72c-bm7FYM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9982 42 B
64 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzZ-o5a43Il9syTX7IT6_iIm5sUaNoe5QHUOKAYQHBFBc-Daf6cj7tIUA-7MwmVPFjyZb7jzvDl8Mz9wkX-LvmfjrKNw3a5y-67FoMgp9PnIOz3fifEHFOBL477RbkpqYbV7ylTEFkH4EKhUuwmJovRNv1&sai=AMfl-YSH4vuxGIgyLgplE0al_z_jgwi2BLuZ8QowwViHtq_dnFR9Fh-4Mvl4w76BQQRWytQWF0aL2HKEkVdN9EPJa21akhSFYlrGwAP3hEj1WjvMZxLY-nX0tJmN0yd163JTPgEzbH3MxTFwYFT8SXxu&sig=Cg0ArKJSzN8Pa7dcL7tCEAE&cid=CAQSTgAvHhf_GQtqz569Jf-N0HiGmCfjkwSIaULGeKNNvE3pl7hX-Q_j7SccQqUkCX0BYeD6krzmFKWfsFk1_rGTm0MfKHuXr7i3TTrh3I11_RgB&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703574301708&rpt=330&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 83E6 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsMgmBCWpbUAfVUx4aOrtKZ8ObLwSS-dHG-Mjr3fYAZwMi5rrBScaCdvl-CD3Dh3Y8aepTGH-4JHdLefJkAgPu0QVyNLGzfIYd7Izs2WSFCMJGtkkWCB8nTJYhhEBFlDa4tz-cT5Q00xMTffftg8ujYxyS&sai=AMfl-YQaKRhHq4IhuTG8nseFi54HJxp-QYskywOuOPHt70F8FKL-v75-_K_hMuS4zR3mfx35n-uBWMy5vNuwBvE1oR1neeWhTPPGHRpNSRbJazjLcZPX0VtVw3BX7xJJRrP-IzDqYvd-tUocL3XAhxQY&sig=Cg0ArKJSzOrcmf3VVFmpEAE&cid=CAQSTgAvHhf_GQtqz569Jf-N0HiGmCfjkwSIaULGeKNNvE3pl7hX-Q_j7SccQqUkCX0BYeD6krzmFKWfsFk1_rGTm0MfKHuXr7i3TTrh3I11_RgB&id=lidar2&mcvt=1004&p=0,0,600,160&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703574301718&rpt=320&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 58ms
58ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_prose&sts=pfmsb&evt=place&vh=1200&eid=44806133&pos=UNKNOWN_POSITION&vpt=DESKTOP&pvc=2048463497000382

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 07:05:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIebqElA4mSUfyjKXfCBXzU&google_cver=1&google_push=AXcoOmTgdBOUEh5RqaKtrZ48N6Dy0502fgM5lgjvucmyrMLT4WcEMY8-BMcb1Q7PmlIyFQSlm0dBGmU7CN_SsNwOYoS8n1Va2-Pbv3SS

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 17:56:06	Name: userId Value: ulW-cb-zA_L9FcidWbrvrpDpC4iDR6NZ
held24.ch/	1969-12-31 23:59:59	Name: PHPSESSID Value: scjh44ic9rmcdh3s3pqefi7h6n
held24.ch/	1970-01-20 17:20:06	Name: kliedjxq Value: ti6sp0zzqyqr
held24.ch/	1970-01-20 17:20:06	Name: m4ueesan Value: n99bg6k3ge4u
held24.ch/	1970-01-20 17:20:06	Name: ac1sweae Value: py6dck05de3f
held24.ch/	1970-01-20 17:20:06	Name: 3toko1rg Value: 7l0ys6yjl7xr
.held24.ch/	1970-01-21 02:48:54	Name: _ga_JNW7GGM0LX Value: GS1.1.1703574300.1.0.1703574300.0.0.0
.held24.ch/	1970-01-21 02:48:54	Name: _ga Value: GA1.2.488114919.1703574301
.held24.ch/	1970-01-20 17:14:20	Name: _gid Value: GA1.2.1162492497.1703574301
.held24.ch/	1970-01-20 17:12:54	Name: _gat_gtag_UA_196902677_3 Value: 1
.held24.ch/	1970-01-21 02:34:30	Name: __gads Value: ID=16694a6d28dd2f04:T=1703574301:RT=1703574301:S=ALNI_MbZFWel8bmfd1jvFxEZS5vvL9hN-A
.held24.ch/	1970-01-21 02:34:30	Name: __gpi Value: UID=00000d2b2e53a740:T=1703574301:RT=1703574301:S=ALNI_Ma_zfLVljtS_3F9jPy4D1u56qF7vw
.casalemedia.com/	1970-01-20 19:22:30	Name: CMPS Value: 5204
.doubleclick.net/	1970-01-21 02:48:54	Name: IDE Value: AHWqTUm83-TCizw2Ps5r2lTSLOoCBoHyiGvxYRJ4gNnGnqG-pxKR8l2oiJrNQgPbnXM
.doubleclick.net/	1970-01-20 21:32:06	Name: APC Value: AfxxVi6gYwb_n1_Cu5rAUCDwGXiqk39ZMF9TqzNwMDlzkpS-KRDkqg
.casalemedia.com/	1970-01-21 01:58:30	Name: CMID Value: ZYp7HWnFd23V9YzuJlda9gAA
.casalemedia.com/	1970-01-20 19:22:30	Name: CMPRO Value: 1122
.sitescout.com/	1970-01-21 01:58:30	Name: ssi Value: de2eb076-97fc-47fd-a4d3-5c70c2d352c3#1703574302169
.w55c.net/	1970-01-21 02:44:35	Name: wfivefivec Value: ykLUC8GY1Ri1uS5
.uuidksinc.net/	1970-01-21 01:58:30	Name: jcsuuid Value: dYYedvh5gssbcufdBJzh
.ctnsnet.com/	1970-01-21 01:58:30	Name: cid_7e8c87b1d8ad40f7a571dc37725ece7e Value: 1
.ctnsnet.com/	1970-01-21 01:58:30	Name: gid_CAESEAfjJM29zdWKWyuK70syXMY Value: 1
.travelaudience.com/	1970-01-21 02:44:35	Name: _tracker Value: %7B%22UUID%22%3A%220FE2C6BF-D393-4C05-0A7B-3C7472F5760B%22%7D
.acuityplatform.com/	1970-01-21 01:58:30	Name: auid Value: 869334896357
.acuityplatform.com/	1970-01-21 01:58:30	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRikeDm+OmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYpHg5vjo90aGlyZFBhcnR5VXNlcklkWkNBRVNFQ1I3RDhNa2ZHTGxxME1UUVVsRGJ2a/v7hnZlcnNpb27C+w=="
.adform.net/	1970-01-20 17:57:32	Name: C Value: 1
.w55c.net/	1970-01-20 17:56:06	Name: matchgoogle Value: 5
.sitescout.com/	1970-01-20 17:56:06	Name: _ssuma Value: eyI2OCI6MTcwMzU3NDMwMjE5Nn0
.de17a.com/	1970-01-21 01:51:18	Name: guid Value: 1.5548459532766452382
.rfihub.com/	1970-01-21 02:34:30	Name: rud Value: H4sIAAAAAAAA_-MSNjY1NjI1MDU3MTU1MzU3MjU2thTiM9QtDwoz1TXMdfMusnQFAFwdTK0lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjY1NjI1MDU3MTU1MzU3MjU2thTiM9QtDwoz1TXMdfMusnQFAFwdTK0lAAAA
.rfihub.com/	1970-01-21 02:34:30	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dQoq8_Qyd8kxTvJPNa9yicwzybNw9A3iNTQ3MDY1NzE2MDIyMHvFiMI3BwC8aWRDPQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dQoq8_Qyd8kxTvJPNa9yicwzybNw9AUAhacnKB4AAAA
.adform.net/	1970-01-20 18:39:18	Name: uid Value: 5218347918811677365
.yahoo.com/	1970-01-21 01:58:51	Name: A3 Value: d=AQABBB57imUCEErzUjC6JqESB7crYaUIyjAFEgEBAQHMi2WUZQAAAAAA_eMAAA&S=AQAAAlhEY1uhPWBX8WpXjb9Q2dI
.everesttech.net/	1970-01-21 01:58:30	Name: everest_g_v2 Value: g_surferid~ZYp7HgAJv3rg0ABd
.linkedin.com/	1970-01-21 01:58:30	Name: bcookie Value: "v=2&604fe8c6-f138-4a19-8786-21ec6424d006"
.linkedin.com/	1970-01-20 21:32:06	Name: li_gc Value: MTswOzE3MDM1NzQzMDI7MjswMjG761DzJ+6ceWEjhiRxD8N3ctq8luO/FT1jinRrvwO2KA==
.linkedin.com/	1970-01-20 17:14:20	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2812:u=1:x=1:i=1703574302:t=1703660702:v=2:sig=AQFLy4gw5YMrPt4lnYIp-Q43tQ7oPry0"
.dotomi.com/	1970-01-20 17:12:54	Name: DotomiTest Value: 27634bfc96b185a
.adx.opera.com/	1970-01-21 01:58:30	Name: UID Value: OPUa2d467f55ed54b5aa6694736b006dd54
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.gonet-ads.com/	1970-01-21 01:59:56	Name: pid Value: NmQ2Y2U1N2EwYzYxYWE0Mg
.turn.com/	1970-01-20 21:32:06	Name: uid Value: 4403945288313583914
.tribalfusion.com/	1970-01-20 19:22:30	Name: ANON_ID Value: a5ntmIsjyDjmTFM6EKNQgcEeiymC3gZdseK83fS4RfE3HUEDTniCdtbOFeouZb5OlIAqfiHy1SjhNN9TSrf0F1GSsk
sync.srv.stackadapt.com/	1970-01-21 01:58:30	Name: sa-user-id Value: s%3A0-8723e6b5-2977-5129-5c09-48f0a0f70a3b.JdizRVzw25cCLrqGXiPRGsPSnz3RPjyOYgROBODYD6w
.srv.stackadapt.com/	1970-01-21 01:58:30	Name: sa-user-id Value: s%3A0-8723e6b5-2977-5129-5c09-48f0a0f70a3b.JdizRVzw25cCLrqGXiPRGsPSnz3RPjyOYgROBODYD6w
sync.srv.stackadapt.com/	1970-01-21 01:58:30	Name: sa-user-id-v2 Value: s%3AhyPmtSl3USlcCUjwoPcKO5VYG1Y.8O1ZgPHGx3aXBEOK3lm3ZXqifE98%2FPj%2BkI8EPg%2B9b1Q
.srv.stackadapt.com/	1970-01-21 01:58:30	Name: sa-user-id-v2 Value: s%3AhyPmtSl3USlcCUjwoPcKO5VYG1Y.8O1ZgPHGx3aXBEOK3lm3ZXqifE98%2FPj%2BkI8EPg%2B9b1Q
sync.srv.stackadapt.com/	1970-01-21 01:58:30	Name: sa-user-id-v3 Value: s%3AAQAKILB4e4_bvsl2LsBmuaWMJ5e8eNV7cq_MXIsw8UVGObXFEHwYBCCe9qmsBjABOgQ8w7t9QgRlEqqM.w5r%2FJ%2FYJ83kzXqoU1kED3su0N8iq8FPR37GawhQtcoc
.srv.stackadapt.com/	1970-01-21 01:58:30	Name: sa-user-id-v3 Value: s%3AAQAKILB4e4_bvsl2LsBmuaWMJ5e8eNV7cq_MXIsw8UVGObXFEHwYBCCe9qmsBjABOgQ8w7t9QgRlEqqM.w5r%2FJ%2FYJ83kzXqoU1kED3su0N8iq8FPR37GawhQtcoc
.adkernel.com/	1970-01-20 17:56:06	Name: ADKUID Value: A5513383713192395317
.awin1.com/	1970-01-20 17:15:47	Name: awpv17927 Value: 412871\|1703574302\|172d8670-a3bd-11ee-8661-22610dd0df18
.awin1.com/	1970-01-20 17:56:06	Name: awpv11953 Value: 412871\|1703574302\|172dad80-a3bd-11ee-a9f2-22382f104756
.e-volution.ai/	1970-01-20 17:33:03	Name: ADK_EX_193 Value: 1
.e-volution.ai/	1970-01-20 17:56:06	Name: ADKUID Value: A5513383713192395317
.awin1.com/	1970-01-20 17:22:59	Name: awpv11938 Value: 412871\|1703574302\|17354ea1-a3bd-11ee-9488-2234841a3abe
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-20 17:23:02	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1703574302_17354ea1-a3bd-11ee-9488-2234841a3abe%22%2C%22sp%22%3A%22awin%22%7D

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
other	warning	URL: https://trck.trendtours.de/trck/epv/963fb8e2eec080164ced0d8b1bcc4e5d?subid=oneid9VPuMfmf1752tKHBH2t7t5mZt9SmTzzrUrbx2oneid__suite_Netmix_Reach126_CH_ADXONLY&gdpr_consent=&gdpr=0&gdpr_pd=0 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ade.googlesyndication.com
ads.travelaudience.com
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
d5p.de17a.com
dclk-match.dotomi.com
dsp.adkernel.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
held24.ch
ht.uppr.de
match.adsrvr.org
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.wp.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
px.ads.linkedin.com
r.turn.com
r5---sn-1gieen7e.c.2mdn.net
region1.google-analytics.com
rtb2-useast.e-volution.ai
s.tribalfusion.com
s.uuidksinc.net
s.w.org
s0.2mdn.net
static-de.ad4mat.net
stats.wp.com
sync-tm.everesttech.net
sync.gonet-ads.com
sync.srv.stackadapt.com
t.adx.opera.com
t.mindtake.com
tpc.googlesyndication.com
trck.trendtours.de
ums.acuityplatform.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
googlecm.hit.gemius.pl
142.250.185.162
151.101.194.49
154.59.122.79
167.86.103.144
172.217.16.134
172.217.18.98
172.64.151.101
174.137.133.49
185.196.197.130
188.42.105.236
192.0.76.3
192.0.77.48
193.0.160.131
2001:4860:4802:32::36
213.155.156.184
216.58.206.34
23.192.250.178
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700::6811:190e
2606:4700::6812:19ad
2620:1ec:21::14
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2006
2a00:1450:400a:8::a
2a02:fa8:8806:13::1370
2a05:d018:d29:3601:aac8:1b9f:b7f8:fd94
3.76.149.124
34.160.236.64
35.186.193.173
35.190.0.66
35.71.131.137
37.157.6.254
46.228.164.11
51.83.212.112
51.89.9.253
52.50.148.141
54.211.244.166
54.37.204.178
82.145.213.8
87.118.116.9
91.121.248.44
98.98.134.241
001a2258543cdfb1a64870e366d0d343197d7d326351bcb87a046fc0ac3bbd58
002ef7b4a29a3f983551e8b073d8ec4d2c265f84fb5ea7b45e1e40ed04e58f44
013c46bb69056b44df46c3a4d22b3b4ec4eb52aa2d8253019988ffe1494caf7f
014e0e2eddb09f4c9fea4a3bb8a7fdd66ba6165b5e9153e64e187f8bd2b77f8c
01d4ecf94464857d66d8cbc33cbde19c95ad6a712caf583b131a046535b11c13
03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
05c1e66033df62911f38a773dcb6b74fc4364dfb5dbba2a934c7d85765767b3d
068d730a228680f875cf30f88297ceb890a52ae37ecfcdcc67d2ccf3952ecff9
080951f2334464958a0c2a8c84ead3d417f21af9d3c0c9bce7520b95c16da623
0890f8b51f425eb893b1b2cbc3a8759e58d6e2b4c890906df38ed5195789194c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be3ae4135141dc59b1c92061820d114988fd3705b4df22b81ee363a265c40aa
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0dc2ab2774f0572fdc80c8cea27095c4b249ba628ae83ec41300b482fb4fe17e
0e5051bc73f1ef348b99a85bb8648f9bbab671eafba784470d8f4fd2d268bbf6
0e8fa76948cd97127badfe945a1d20bb7fbd84cff7a47ff45f199ea917b1d697
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f5719420315156e616fcc0eae83f3a9493a5c7fe355c15002bd9aeec039bfa4
10cde3f051ab9eefa8676bee667fd65705c5fcf1d0544f9acffe7caa224d14b9
1400303e5121c39a70117fa5fe06f89d134cb9f987a18c23f5ebce06e0f40e65
15d39db75538fef846e94fc234b7a5fa5e5c635a6ba0cc6528a3f3007fa8cc22
1ac9caa59450894552d35ffc309351ea38abd142a933c4eef84850bb81af140b
1c17853a24a2838943d26f2cd8aa51d31ecb366238937813802f57e477dd005c
1fb7258dbd3ec61d75e6662c640f7975166e3c5d285a0ed5a46695e8a8eb7da5
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
235f05f73222554d536281f75fe9179d4c1aaaacebcf46d7a2c7bec90e4fcf9f
291517512623ed07cd4fc1c914576a0ae9442e3fba5e712919aff84ff2927176
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2c17d41ec4703caecc59dd5ea1eb0cc741cd430d86e7b17a132238981afd23d7
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
31d79447702bb609a219a0924247bab64f2ee02fdea19985f951775f18ac7573
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
3465dd6bbf8475d71a78430a0ce7184dabeefdb52408e0c428393aa9bada4829
367cb6c696672368fa3fc69032564e0268524d0db61476f97643071d4ebbbc04
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
395ad641638f39d9905f7b21f2d151bb987809302244b5219ab1fffe51180aba
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3a58de8d9c7b24b39cfd318f36cf8ac8e2eb491829df30979155028a448fa254
3b159412c44873b8d07ddac50294bd538e742294318614fa796e89f0d1f7f956
3c38dcab2b3dc7725bee4c3c6d8bac07bcbd94c980f0affb82a5999ddf793ed9
3dd5bb9fda081a3cb1bd6d513edb1a71746031bec07d8c646abe5813ba9dd4c4
41478e547c5b6ad66bfcf91ead5350fa0bc247956c3ff912020327e3e9ad0d2b
419fc2d77e2ff149c939cd8059c6c26dec13adf55ed86cf1b1d96c35578c2400
41f6d8ee6b8bf9c45239c2a59ac26b2025ebb2d9e1d0dff436294d0f5bded646
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
438ec5bb1e20ed26b69f5a15905af976f3b9415b995978358e45cef6bb4bb058
44373fdef02923f072a69e4e6b3c1f2f34ea6f740ccad132faa20ce99741b48e
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ab069da8ee4d39a37a16d06140d4cd280dd249ad7debd58045e2422b34c695c
4c638bdd4657d9d90beac8361a874c3b48c3f01516bce304cc2b0301c3294502
4e17f25a33727defde4f0e88b24844c00e48ed88484c4440d978025a82567287
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50d6bd49dedfc7a641677101843f62872fe8f90175d962867c282cca26f166d5
51ffb5d890658f2cad0642c2d28519528e08a948e6a369b207c9615da13f381f
5270f4bd8461f7c6f72fce6a5cde3a770597db1d136aac7ca4793e636c82ee29
5328a0758b3ea3b95de403f4076bc30da4a810175522b10907f3b1e73f6e2a97
54ca47ee4ad055d2ae39dbeb64e7c42a1afac5b5983bf10e9938c85dcb8025e2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
597eaccbdd58fb88b44c384555bff097c57071730baf3c1136e89202b28d8dd0
5cf0d589127ea8b98dac129f74506b8a199d7b613cab0cf586ae95ee69428a4b
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6494566919e28711a1f36d6389923dfccb4750fb9522e9e6d1967ab778ab0073
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
69a80c644be546f4d35fa8ce6923116693e712f6a6f4e0f216f602e85dbbdf85
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c5c417da9de9e3b94f1b060d7ef137e4cb26f26e8d157966e7c80c2e9001fe0
6e87397773b5cd8972e246dd9e598091959bf20fcf46ae722b85dc7ae8edf3e7
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
715054e2b63c0a104ab34f2d8edc9f72e20bf45b71098b022053d0dc645cfb7a
72f454f3dcc5ccd7098ac0b05d1fe8e742ee14a2c709c7149919c952594e0590
73043fc759e9c46576434c2d2a1c61751437a69ba8c137b6a97be9b098fd28a6
7ce387849b027ffe085479dabcef0eb5a4a467496e32b404b69a4175d83d5a26
7d5d04665f45acfd3c1d740acd5a1b5ab4816fc4e60316dd35a2723c388ce526
7fd7689773df8e38eea1bcf475cdb59d2c897b9206781f3d7883037334f5e2d4
80e695879b02c74e338e745020ef1969aed7589d0bd49c6c98ab360f915d6650
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
84297c23f08a11cf0ebb76b38bf55ccbd7065c521ee29d41781e3260f10acce2
85bc3c92e747827208646cc3f307a87f0fe08cdde19402c2f80b85d842955eb5
870f41518e409f62cb8fb5b51f8daf678dea6b3da96c4e9952327ee5ed2cdeab
877114c35f4d21070e2cd28451a515493963cf7f5e8dc3a4ddb7e23b06f39c3a
8d6579024f213909db812a013dcea4dc6ee10f50bcab9a06f0dea3bae30ce367
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8f2934b956f4839f93f401c44a753695de1d76dd457f52a832a45ddb2dbcd6ec
9197d73a9972e30740497c820689b4e863a7f5ea265ee5efd1f617f6260ddfc3
91c86e76693fc278899037d0d8a66c2fe01fc83e5cbae1a54a47fe0f61b2be15
9205eb0db5e48f4105622db6139619b98b447f444b6e8c548e4e56aafd2b9aaa
923c49455918cd3d4e0d69b7431dd8a1aec94ddc2dcb2a688884450b76f3af09
982c8e5b88d12c2a906130391925d23ff6a6533c16111f9c81234fbd0f7ec613
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a8c598a7f274fe47d24861dcab1e7b1054a890f51b5ec612cd86413fa813129
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4993341938410743791ff9af6016389543dcc9daedfdc8d23dfcfc1cc41859
9cf195414bc2eadbdae3d8d80b4ac8ae415d12086b4a6b9456548447ac23b17e
9d5985fb411aa49165043a6b8ce26f5a7d761f7720f318f23f3de173ed8b0e33
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e1a3dde3bfaf871c6481cc587c623d0ac24737cd6f16ee9fbd485cf458a2a4
a5a112cb60cdb6cc6c169ec10c012ca87084dab7c1f742effda95ab780c3b3d5
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a93e10c4768666d63e75d5ba14657b746921a22c4bedd18111c2ac2383e8e2e9
ae447c4a73b83bca7650a9732f61d84bb34904956099d0d38185b923e2642020
af53c5f5187e75a414a988d2da582ee0640b6a89a974e85d8389257d9198bdcf
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0e4d6e13eb1fd414025e5c3c3f18b9212fd0cd69890e7f69804ae69dec5bbb3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a77564cec4d7dd5ff14dff5579a260908e3a8ea9dc7e8f757bc86b7c88a216
b2ef0537cdf3bc830d32e94eea8aeb729859c83fdca8c4925f0d8a4c8a0b03a8
b41835ad763abb366c167dab7c1fbc77a7a81e5bbc51c2ce66bfa5250bfc9a00
b4cfa3299bd172bd3872533f109584f69126bcf952fea96f69b3a12fe3aaf64e
b525f27e66476e4c748759921adc9558735824036d2a58c2f44d3e9d74b83d98
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7a0960dbb83d463418017ff78f73277cf5b1fc98e962e8926451068227fcea5
b947d7034e1ed3b674b4bf27cc37fc77a2dd19192b576a849b647cdeb43f851e
baea1b0179de2ed86f05d1c2cf49a0196f60d4d54caebc4fd4dcd3ec82ed892c
bb70d3e85dd6dcb38e197792d2fd12c7e2458516bff30410e0672c3097695f81
bd031d768f7c1d2e9829b60d82ae388d1cf562611976c1f9d2dc69c61fe93b00
bd213446287693e851042a2e326cfbf2268a0075cd7db0552c9448733c31d4cf
bdae14000f409e929efc6f3cfd785b90a939d22044705a48f1a3b5074620fc12
c19e4e4ff6bf0c1c08602a49ad2799d460eaf95f31dd3a86beb3cfffb8382eb3
c217f2ca39d9c4f8be58f3afa83182757f37042c904260cf592d158d9fcdd6ae
c3962eb8341093bf31b12bd98a5fbe2658845248d049cab68d3718634c8523dc
c4338434527c2703a0630c6d5561653bc2790abd608cfe5f83fb200ff20bbdc2
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c56b3403a5ac4fe6af110d8844ac82fa94f855b6b085291b8afe08e8e5bb3324
c777c31531c1ca8f8600c8946ff1305c28cf309a50b45ca86b664e3ddb80585e
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cb13530dbc6cb041023f7354969fbf9fa873252144541a95fa5a5bac8118c9d6
cb1888bd025791c9b4ffcfdf60d55dbfa3652698697f939e9fb3a1010ea47ca2
cbcd77ecab66f9f76b9faebc880a03ed5af5b3a0fed6ff39838a3bbc1217a107
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc5afa3cbf80ed8a39987d2f4cc9215f915cfde9c83e86d5ee4a874bd69a401
d0de0a1e343c53355f109cdfefb4e4cab0609f38cf0c387c7914ec1a22ae2fd4
d4097394a0f80464feb5d850c78e3ae9469e61e3306230a655bd4e0e1e8fc009
d41dc07aed30cb54de661289691254b1288a52bcf4d121cec3acb89d4aa872a8
d464e345a3f736a86cb952ecb8d2e2a74e6991378bda2ebd7e5a98a86667a360
d4cfbfae77f927305dec8a698d1987780f4540c417a26641ad66b02d7149cc06
d5e4dc4425331a2fac2ce6812d317c1aadabcfb510a50e1c80baa7e96f848b90
da1b1dba110f3d97894949bedfc60fe7fec3659813c957f88e51d550bc95ad88
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea84dbaeff7fc5384ed3601f039fd8941c523895588b3c22843ab50c3d1d0d7
e01a51e4d911428e3d37cf80e0c53c895aeaf53b74a327f7cc2615223565749c
e0471f27843ee42d45cf9b749a57ec4bbc26dd40f961989ed7cfe4e0f24ea6fe
e2059efe10edadd90e619f86f7559c0f8a4263f52a07442783b00efd38ffde9b
e23b6f4539643a37f0d615a630a76fc48571ebb8b0a9219ad38b4827a60ee18c
e2c0665fa20a2ffced66b11f09e48ca31399319a6858792841cae58b4295e2dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e735fb7a473ff8cf5f99dc8f487e6c0f8d9c9916888e865d15c1910a882ec5
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
e8b236d10c0e2ed290e99d6bed2185dcc8f53ae6a6394b0a0409e7077d42afce
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eebc43233c3478ae63cd2e6761ac57cc58ed325ffd0ceb4ffa0f8f6d5d6582e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8764ed39e34f936e15eb134fc2691430101699ee603b624d6a43fb84c43bbb
f1fe82579d8f1099fd843df64fb1e3cc94193fe7248511ca29d85677fc5ed90f
f28ae5e775e07431d40a15359bac762f640bbe7e2e56a1a904a7c057df10908c
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f49cc673474a4be69bf9a456a0ed0b9affb62e6f6b7cf074c5037520f065c1d2
f5360dc94380bd7d473bf4bbc2a7f6d5fcaede07a391f14ecb28a5df05c72e29
f5a8ba5dd4565e4f383c1b59c23e3cca09c7c5e27694eeae5065b0d23e834075
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f63e133d6c8913624670c7df93ba3ce2aa5870c5e69bc62a983ddb452d3290fe
f65f13d1b628aede91412c609036d4969892955c977e0bc8a066dad79fa0c141
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f97f50780895cb200405df8c7bd49cf19ff8b443e2273064aeb1608b55b43e18
fa2a873fb74a7ab85518958dcb7d21a5867a576ea9d855fd94609ca951deb3f2
fa6dbf56efed1b69b023b1601a9632014760997b1ac750af80088e8ca2fb5439
fb86444b2ef82739ff7168ab1020954de17416e3374ef61f264bea16135918ab
fdb3fc721b9e0a55b21f3a921a610103d29974450935a700158a06f60340befb
fef172aa11731a106c312e669f85891af331b49a59c4a42798b460705ba10aea
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

held24.ch Open in urlscan Pro 167.86.103.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

351 Requests

89 %HTTPS

42 %IPv6

46 Domains

61 Subdomains

37 IPs

12 Countries

5804 kBTransfer

11587 kBSize

59 Cookies

9 Outgoing links

Redirected requests

351 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

held24.ch Open in urlscan Pro
167.86.103.144 Public Scan

Screenshot
Live screenshot

Full Image

351
Requests

89 %
HTTPS

42 %
IPv6

46
Domains

61
Subdomains

37
IPs

12
Countries

5804 kB
Transfer

11587 kB
Size

59
Cookies

351 HTTP transactions
8 data transactions