urlscan.io logo urlscan.io
SecurityTrails logo

www.gonser.ch Open in urlscan Pro
3.120.64.70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rcapitalone.com/
Effective URL: https://www.gonser.ch/
Submission: On July 26 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 44 IPs in 8 countries across 39 domains to perform 121 HTTP transactions. The main IP is 3.120.64.70, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.gonser.ch.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 10th 2021. Valid for: a year.
This is the only time www.gonser.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 23.82.12.29 30633 (LEASEWEB-...)
2 52.45.37.82 14618 (AMAZON-AES)
1 52.218.96.90 16509 (AMAZON-02)
3 3.125.239.17 16509 (AMAZON-02)
19 3.120.64.70 16509 (AMAZON-02)
28 143.204.98.113 16509 (AMAZON-02)
3 13.224.111.53 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:3::485 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20c... 16509 (AMAZON-02)
2 84.200.5.215 31400 (ACCELERAT...)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
1 2a01:ab20:0:2... 47302 (CYON)
2 2a03:2880:f12... 32934 (FACEBOOK)
4 199.232.80.84 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 136.243.111.209 24940 (HETZNER-AS)
1 2 144.76.104.53 24940 (HETZNER-AS)
4 6 37.157.4.23 198622 (ADFORM)
2 37.157.2.248 198622 (ADFORM)
1 2 78.46.90.238 24940 (HETZNER-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.101.13.108 54113 (FASTLY)
9 10 216.58.212.166 15169 (GOOGLE)
3 6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 1 212.83.50.108 47447 (TTM)
2 5 185.33.220.242 29990 (ASN-APPNEX)
1 1 85.114.159.112 24961 (MYLOC-AS ...)
1 217.79.188.11 24961 (MYLOC-AS ...)
1 1 18.193.33.191 16509 (AMAZON-02)
1 54.151.126.25 16509 (AMAZON-02)
3 184.30.20.207 16625 (AKAMAI-AS)
1 2 142.250.186.70 15169 (GOOGLE)
1 34.254.127.126 16509 (AMAZON-02)
2 212.48.120.130 8893 (ARTFILES-...)
121 44
2    23.82.12.29 (Silver Spring, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rcapitalone.com
2    52.45.37.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-37-82.compute-1.amazonaws.com
v4.s.arclk.net
1    52.218.96.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
3    3.125.239.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-239-17.eu-central-1.compute.amazonaws.com
vipaffnetwork.com
19    3.120.64.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
www.gonser.ch
28    143.204.98.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-113.fra50.r.cloudfront.net
cdn10.plentymarkets.com
3    13.224.111.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-53.mad50.r.cloudfront.net
cdn02.plentymarkets.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:20c8:8a00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin1.com
2    84.200.5.215 (Germany)

ASN31400 (ACCELERATED-IT, DE)
tc.connects.ch
www.lacmp.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a02:26f0:6c00:28f::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.findologic.com
1    2a01:ab20:0:203::52 (Switzerland)

ASN47302 (CYON, CH)
gonser-services.ch
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
4    199.232.80.84 (Marseille, France)

ASN54113 (FASTLY, US)
ct.pinterest.com
1    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    136.243.111.209 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: bouncer.newsletter2go.com
static.newsletter2go.com
2    144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de
ad.ad-srv.net
6    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
2    78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de
hal9000.redintelligence.net
2    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
10    216.58.212.166 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net
ad.doubleclick.net
4780959.fls.doubleclick.net
6    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    212.83.50.108 (Germany)

ASN47447 (TTM, DE)
r.adserver01.de
5    185.33.220.242 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
ib.adnxs.com
1    85.114.159.112 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad11.adfarm1.adition.com
ad11.adfarm1.adition.com
1    217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com
imagesrv.adition.com
1    18.193.33.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
secure.converto.com
1    54.151.126.25 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-126-25.us-west-1.compute.amazonaws.com
saxp.zedo.com
3    184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
2    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
5994599.fls.doubleclick.net
1    34.254.127.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-127-126.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
2    212.48.120.130 (Lübeck, Germany)

ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE)
www.usemax.de
www.usemaxserver.de
Apex Domain
Subdomains		 Transfer
31 plentymarkets.com
cdn10.plentymarkets.com
cdn02.plentymarkets.com
2 MB
19 gonser.ch
www.gonser.ch
300 KB
13 doubleclick.net
stats.g.doubleclick.net
ad.doubleclick.net
5994599.fls.doubleclick.net
4780959.fls.doubleclick.net
3 KB
8 adform.net
track.adform.net
s2.adform.net
59 KB
7 google.com
www.google.com
adservice.google.com
2 KB
6 adnxs.com
acdn.adnxs.com
secure.adnxs.com
ib.adnxs.com
8 KB
6 google.de
www.google.de
adservice.google.de
2 KB
4 pinterest.com
ct.pinterest.com
1 KB
4 google-analytics.com
www.google-analytics.com
58 KB
3 mathtag.com
pixel.mathtag.com
2 KB
3 bing.com
bat.bing.com
9 KB
3 gstatic.com
fonts.gstatic.com
44 KB
3 vipaffnetwork.com
vipaffnetwork.com
4 KB
2 adition.com
ad11.adfarm1.adition.com
imagesrv.adition.com
509 B
2 ad4m.at
ad4m.at
15 KB
2 redintelligence.net
hal9000.redintelligence.net
2 KB
2 ad-srv.net
ad.ad-srv.net
2 KB
2 facebook.com
www.facebook.com
388 B
2 findologic.com
cdn.findologic.com
12 KB
2 facebook.net
connect.facebook.net
99 KB
2 pinimg.com
s.pinimg.com
18 KB
2 arclk.net
v4.s.arclk.net
3 KB
2 rcapitalone.com
rcapitalone.com
1 KB
1 usemaxserver.de
www.usemaxserver.de
564 B
1 usemax.de
www.usemax.de
811 B
1 adsrvr.org
insight.adsrvr.org
261 B
1 zedo.com
saxp.zedo.com
986 B
1 converto.com
secure.converto.com
243 B
1 adserver01.de
r.adserver01.de
220 B
1 lacmp.net
www.lacmp.net
5 KB
1 newsletter2go.com
static.newsletter2go.com
7 KB
1 gonser-services.ch
gonser-services.ch
845 B
1 connects.ch
tc.connects.ch
5 KB
1 dwin1.com
www.dwin1.com
7 KB
1 googletagmanager.com
www.googletagmanager.com
63 KB
1 googleapis.com
fonts.googleapis.com
845 B
1 jsdelivr.net
cdn.jsdelivr.net
17 KB
1 cloudflare.com
cdnjs.cloudflare.com
2 KB
1 amazonaws.com
s3-eu-west-1.amazonaws.com
7 KB
121 39
Domain Requested by
28 cdn10.plentymarkets.com www.gonser.ch
cdn10.plentymarkets.com
19 www.gonser.ch www.gonser.ch
cdn10.plentymarkets.com
8 ad.doubleclick.net 8 redirects
6 adservice.google.com 3 redirects ad.ad-srv.net
4780959.fls.doubleclick.net
5994599.fls.doubleclick.net
6 track.adform.net 4 redirects www.gonser.ch
hal9000.redintelligence.net
5 adservice.google.de www.gonser.ch
adservice.google.com
4 secure.adnxs.com 2 redirects www.gonser.ch
ad.ad-srv.net
4 ct.pinterest.com s.pinimg.com
www.gonser.ch
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.gonser.ch
3 pixel.mathtag.com hal9000.redintelligence.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.gonser.ch
3 fonts.gstatic.com fonts.googleapis.com
3 cdn02.plentymarkets.com www.gonser.ch
3 vipaffnetwork.com v4.s.arclk.net
vipaffnetwork.com
2 4780959.fls.doubleclick.net 1 redirects ad.ad-srv.net
2 5994599.fls.doubleclick.net 1 redirects hal9000.redintelligence.net
2 ad4m.at rcapitalone.com
ad4m.at
2 hal9000.redintelligence.net 1 redirects rcapitalone.com
2 s2.adform.net www.gonser.ch
hal9000.redintelligence.net
2 ad.ad-srv.net 1 redirects rcapitalone.com
2 www.facebook.com www.gonser.ch
2 cdn.findologic.com www.gonser.ch
cdn.findologic.com
2 connect.facebook.net rcapitalone.com
connect.facebook.net
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 v4.s.arclk.net rcapitalone.com
v4.s.arclk.net
2 rcapitalone.com 1 redirects
1 www.usemaxserver.de www.usemax.de
1 www.usemax.de ad.ad-srv.net
1 insight.adsrvr.org ad.ad-srv.net
1 ib.adnxs.com www.gonser.ch
1 saxp.zedo.com www.gonser.ch
1 secure.converto.com 1 redirects
1 imagesrv.adition.com www.gonser.ch
1 ad11.adfarm1.adition.com 1 redirects
1 r.adserver01.de 1 redirects
1 acdn.adnxs.com www.gonser.ch
1 www.lacmp.net tc.connects.ch
1 static.newsletter2go.com www.gonser.ch
1 www.google.de www.gonser.ch
1 www.google.com www.gonser.ch
1 stats.g.doubleclick.net www.google-analytics.com
1 gonser-services.ch cdn10.plentymarkets.com
1 tc.connects.ch www.googletagmanager.com
1 www.dwin1.com www.googletagmanager.com
1 www.googletagmanager.com www.gonser.ch
1 fonts.googleapis.com cdn10.plentymarkets.com
1 cdn.jsdelivr.net www.gonser.ch
1 cdnjs.cloudflare.com www.gonser.ch
1 s3-eu-west-1.amazonaws.com v4.s.arclk.net
121 49

This site contains links to these domains. Also see Links.

Domain
charity.gonser.ch
hubs.gonser.ch
www.facebook.com
www.instagram.com
Subject Issuer Validity Valid
s.arclk.net
Amazon		 2021-03-02 -
2022-03-31		 a year crt.sh
*.s3-eu-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
vipaffnetwork.com
R3		 2021-05-26 -
2021-08-24		 3 months crt.sh
www.gonser.ch
Sectigo RSA Domain Validation Secure Server CA		 2021-02-10 -
2022-02-10		 a year crt.sh
cdn10.plentymarkets.com
Amazon		 2021-03-18 -
2022-04-16		 a year crt.sh
*.plentymarkets.com
Amazon		 2021-03-01 -
2022-03-29		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.dwin1.com
Amazon		 2020-12-04 -
2022-01-02		 a year crt.sh
tc.connects.ch
R3		 2021-07-23 -
2021-10-21		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-04-12 -
2021-10-12		 6 months crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2020-07-16 -
2021-08-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
1470211240.rsc.cdn77.org
R3		 2021-07-03 -
2021-10-01		 3 months crt.sh
gonser-services.ch
R3		 2021-07-02 -
2021-09-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.newsletter2go.com
RapidSSL TLS RSA CA G1		 2020-05-31 -
2022-05-31		 2 years crt.sh
www.lacmp.net
R3		 2021-07-23 -
2021-10-21		 3 months crt.sh
ad-srv.net
R3		 2021-06-21 -
2021-09-19		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
redintelligence.net
R3		 2021-06-21 -
2021-09-19		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.adition.com
AlphaSSL CA - SHA256 - G2		 2021-04-15 -
2022-05-17		 a year crt.sh
saxp.zedo.com
Go Daddy Secure Certificate Authority - G2		 2020-04-08 -
2022-06-07		 2 years crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
usemax.de
Sectigo RSA Domain Validation Secure Server CA		 2019-11-04 -
2021-11-07		 2 years crt.sh
usemaxserver.de
Sectigo RSA Domain Validation Secure Server CA		 2021-06-09 -
2022-07-10		 a year crt.sh

This page contains 12 frames:

Primary Page: https://www.gonser.ch/
Frame ID: AA9DD9B67A5EFA11DDCD97E07B2D290F
Requests: 95 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1
Frame ID: E08C58C71147B37989D990FE3F4C8EE5
Requests: 5 HTTP requests in this frame

Frame: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Frame ID: EA6C680C4A84FAA6F076D62C5AEE856B
Requests: 11 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1
Frame ID: A1D0C9E9FA16EFC7BBB4889B16DD5359
Requests: 6 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 659A691BD4A5B57EDFABFBB4DE766F10
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023
Frame ID: F0508E6617CDCD89AB070A13EA1831CF
Requests: 1 HTTP requests in this frame

Frame: https://4780959.fls.doubleclick.net/activityi;dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209217099.041
Frame ID: A7A6BFB5A304E6B9E0135C56A1B2DBF0
Requests: 1 HTTP requests in this frame

Frame: https://www.usemaxserver.de/rt.php?ext_i=1861786487&ext_domain=1
Frame ID: 5ADEB60B1AAD42D676C42236D8C88937
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209217099.041;~oref=https://ad.ad-srv.net/
Frame ID: BA85EB64860B9483CB250D8650502F58
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023;~oref=https://hal9000.redintelligence.net/
Frame ID: F9EF4CD10E5A9A4821CB9F20DC15D644
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209217099.041;~oref=https://ad.ad-srv.net/
Frame ID: 562499C99711747CD5AA7F0A179D1898
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023;~oref=https://hal9000.redintelligence.net/
Frame ID: A5B4BC8E185C51119B6F32F70417B193
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://rcapitalone.com/ Page URL
  2. http://rcapitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyNzM... HTTP 302
    https://v4.s.arclk.net/api/user/014a8c15be7d6be098719b625618db1af6696146b8.r?tk=eyJhbGciOiJIUzI1NiI... Page URL
  3. https://vipaffnetwork.com/click?trvid=13958 Page URL
  4. https://vipaffnetwork.com/click?trvid=13958&trvjs=t Page URL
  5. https://vipaffnetwork.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3d3dy5nb25zZXIuY2gvIiwiUmVkaXJlY3RXb3JkaW5... Page URL
  6. https://www.gonser.ch/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /plentymarkets/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

121
Requests

99 %
HTTPS

43 %
IPv6

39
Domains

49
Subdomains

44
IPs

8
Countries

2543 kB
Transfer

4983 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rcapitalone.com/ Page URL
  2. http://rcapitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyNzMyOTg5NywiaWF0IjoxNjI3MzIyNjk3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycWFtaW5vbnB1ajJiNThrbGMwMXRza2oiLCJuYmYiOjE2MjczMjI2OTcsInRzIjoxNjI3MzIyNjk3NTA2NTUxfQ.qmu4kj3g2riTP7omfcQJ_HYb6eQtb4iiUmj4YWMPXi8&sid=fca8d608-ee3b-11eb-bf6e-5ac807d445a6 HTTP 302
    https://v4.s.arclk.net/api/user/014a8c15be7d6be098719b625618db1af6696146b8.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA3MjYxODA0IiwiZCI6InJjYXBpdGFsb25lLmNvbSJ9.2owgOPZCMbC7IUDWDnF2wG0Y2xbJ_rnLaIEqbo9Z8PI Page URL
  3. https://vipaffnetwork.com/click?trvid=13958 Page URL
  4. https://vipaffnetwork.com/click?trvid=13958&trvjs=t Page URL
  5. https://vipaffnetwork.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3d3dy5nb25zZXIuY2gvIiwiUmVkaXJlY3RXb3JkaW5nIjoiWW91IGFyZSBiZWluZyBhdXRvbWF0aWNhbGx5IHJlZGlyZWN0ZWQuIiwiUmVkaXJlY3RUaXRsZSI6IlJlZGlyZWN0aW9uLi4uIiwiUmVkaXJlY3RMaW5rVGV4dCI6Ik9yIGNsaWNrIGhlcmUgdG8gY29udGludWUuIiwiSW5zdGFsbElkIjoyMDAxfQ== Page URL
  6. https://www.gonser.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://rcapitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyNzMyOTg5NywiaWF0IjoxNjI3MzIyNjk3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycWFtaW5vbnB1ajJiNThrbGMwMXRza2oiLCJuYmYiOjE2MjczMjI2OTcsInRzIjoxNjI3MzIyNjk3NTA2NTUxfQ.qmu4kj3g2riTP7omfcQJ_HYb6eQtb4iiUmj4YWMPXi8&sid=fca8d608-ee3b-11eb-bf6e-5ac807d445a6 HTTP 302
  • https://v4.s.arclk.net/api/user/014a8c15be7d6be098719b625618db1af6696146b8.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA3MjYxODA0IiwiZCI6InJjYXBpdGFsb25lLmNvbSJ9.2owgOPZCMbC7IUDWDnF2wG0Y2xbJ_rnLaIEqbo9Z8PI
Request Chain 93
  • https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1
Request Chain 94
  • https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Request Chain 95
  • https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1
Request Chain 99
  • https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CMzu-bupgfICFZaLsgodAmQGHw;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1 HTTP 302
  • https://adservice.google.com/ddm/fls/p/gdpr=0;dc_pre=CMzu-bupgfICFZaLsgodAmQGHw;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1;~oref=https://www.gonser.ch/ HTTP 302
  • https://adservice.google.de/ddm/fls/p/gdpr=0;dc_pre=CMzu-bupgfICFZaLsgodAmQGHw;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1;~oref=https://www.gonser.ch/
Request Chain 100
  • https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CKX0-bupgfICFRD_sgodVlQPLg;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
  • https://adservice.google.com/ddm/fls/p/gdpr=0;dc_pre=CKX0-bupgfICFRD_sgodVlQPLg;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.gonser.ch/ HTTP 302
  • https://adservice.google.de/ddm/fls/p/gdpr=0;dc_pre=CKX0-bupgfICFRD_sgodVlQPLg;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.gonser.ch/
Request Chain 101
  • https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CMXz-bupgfICFY2LsgodjfENNQ;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
  • https://adservice.google.com/ddm/fls/p/gdpr=0;dc_pre=CMXz-bupgfICFY2LsgodjfENNQ;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.gonser.ch/ HTTP 302
  • https://adservice.google.de/ddm/fls/p/gdpr=0;dc_pre=CMXz-bupgfICFY2LsgodjfENNQ;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.gonser.ch/
Request Chain 102
  • https://r.adserver01.de/rt/perf_ch.php?gdpr=0&gdpr_consent= HTTP 302
  • https://secure.adnxs.com/seg?add=19751009&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19751009%26t%3D2
Request Chain 103
  • https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_RetargetingPixel]=ASRET2 HTTP 302
  • https://imagesrv.adition.com/1x1.gif
Request Chain 104
  • https://secure.converto.com/img/bh.gif?n=3365&g=20&a=443&s=1&l=1&t=i&f=1 HTTP 302
  • https://saxp.zedo.com/img/bh.gif?n=3365&g=20&a=443&s=1&l=1&t=i&f=1
Request Chain 107
  • https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Request Chain 108
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023
Request Chain 110
  • https://secure.adnxs.com/seg?add=24823586&t=2&gdpr=0&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24823586%26t%3D2%26gdpr%3D0%26gdpr_consent%3D
Request Chain 112
  • https://4780959.fls.doubleclick.net/activityi;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209217099.041 HTTP 302
  • https://4780959.fls.doubleclick.net/activityi;dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209217099.041
Request Chain 115
  • https://track.adform.net/Serving/TrackPoint/?pm=1966228&ADFPageName=Home&ADFdivider=%7C&ord=779282954390&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.gonser.ch%2F HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1966228&ADFPageName=Home&ADFdivider=%7C&ord=779282954390&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.gonser.ch%2F
Request Chain 116
  • https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=157940794073&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.gonser.ch%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D11571%26version%3D1%26gdpr%3D0%26gdpr_consent%3D%26redirected%3D1 HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=157940794073&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.gonser.ch%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D11571%26version%3D1%26gdpr%3D0%26gdpr_consent%3D%26redirected%3D1
Request Chain 118
  • https://ad.doubleclick.net/ddm/activity/src=9949552;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1143524561857.703 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=9949552;dc_pre=CIaBgLypgfICFY2lsgodaxYDWg;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1143524561857.703 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=9949552;dc_pre=CIaBgLypgfICFY2lsgodaxYDWg;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1143524561857.703

121 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
rcapitalone.com/ 		471 B
830 B 		Document
General
Check archive.org
Download Go to
Full URL
http://rcapitalone.com/
Protocol
HTTP/1.1
Server
23.82.12.29 Silver Spring, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
nginx /
Resource Hash
aef742e31e88844b1b8b60d1aa18e1582d38cb6a538326c39058c658177967a7

Request headers

Host
rcapitalone.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
471
content-type
text/html; charset=utf-8
date
Mon, 26 Jul 2021 18:04:56 GMT
server
nginx
set-cookie
sid=fca8d608-ee3b-11eb-bf6e-5ac807d445a6; path=/; domain=.rcapitalone.com; expires=Sat, 13 Aug 2089 21:19:04 GMT; max-age=2147483647; HttpOnly
014a8c15be7d6be098719b625618db1af6696146b8.r
v4.s.arclk.net/api/user/
Redirect Chain
  • http://rcapitalone.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTYyNzMyOTg5NywiaWF0IjoxNjI3MzIyNjk3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIycWFtaW5vbnB1ajJiNThrbGMwMXRza...
  • https://v4.s.arclk.net/api/user/014a8c15be7d6be098719b625618db1af6696146b8.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA3MjYxODA0IiwiZCI6InJjYXBp...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v4.s.arclk.net/api/user/014a8c15be7d6be098719b625618db1af6696146b8.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA3MjYxODA0IiwiZCI6InJjYXBpdGFsb25lLmNvbSJ9.2owgOPZCMbC7IUDWDnF2wG0Y2xbJ_rnLaIEqbo9Z8PI
Requested by
Host: rcapitalone.com
URL: http://rcapitalone.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.37.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-37-82.compute-1.amazonaws.com
Software
/
Resource Hash
3081b46bc8f9e2c48b646c68161d43b34b0b43ccb69b1213f8c83770db4b498a

Request headers

:method
GET
:authority
v4.s.arclk.net
:scheme
https
:path
/api/user/014a8c15be7d6be098719b625618db1af6696146b8.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA3MjYxODA0IiwiZCI6InJjYXBpdGFsb25lLmNvbSJ9.2owgOPZCMbC7IUDWDnF2wG0Y2xbJ_rnLaIEqbo9Z8PI
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://rcapitalone.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://rcapitalone.com/

Response headers

date
Mon, 26 Jul 2021 18:04:58 GMT
content-type
text/html; charset=utf-8
content-length
2147
p3p
CP="CUR NOI NID STA STP"
x-robots-tag
noindex, nofollow
set-cookie
checkme=096aa6e577e7cd3baf2d51b2fecf59fbb789; Path=/
accept-ch
UA,UA-Full-Version,UA-Platform,UA-Arch,UA-Model,UA-Mobile,Width,Viewport-Width,Downlink,DPR,Save-Data

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Mon, 26 Jul 2021 18:04:57 GMT
location
https://v4.s.arclk.net/api/user/014a8c15be7d6be098719b625618db1af6696146b8.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA3MjYxODA0IiwiZCI6InJjYXBpdGFsb25lLmNvbSJ9.2owgOPZCMbC7IUDWDnF2wG0Y2xbJ_rnLaIEqbo9Z8PI
server
nginx
set-cookie
sid=fca8d608-ee3b-11eb-bf6e-5ac807d445a6; path=/; domain=.rcapitalone.com; expires=Sat, 13 Aug 2089 21:19:05 GMT; max-age=2147483647; HttpOnly
ajax-loader.gif
s3-eu-west-1.amazonaws.com/pxgif/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/pxgif/ajax-loader.gif
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/014a8c15be7d6be098719b625618db1af6696146b8.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA3MjYxODA0IiwiZCI6InJjYXBpdGFsb25lLmNvbSJ9.2owgOPZCMbC7IUDWDnF2wG0Y2xbJ_rnLaIEqbo9Z8PI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.96.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 18:04:59 GMT
Last-Modified
Fri, 12 Aug 2016 15:23:54 GMT
Server
AmazonS3
x-amz-request-id
6QK8D12DQFM8BCY1
ETag
"dc5b98ed1c3c7959cdcb76113e7442cd"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
6820
x-amz-id-2
Ua9x2m1JW2j21+6CyNNHjCjMHmuqjEfdG0WkdVwMsw8P8xPKvX623EmADTFj3meqei9iIBLjA0s=
014a8c15be7d6be098719b625618db1af6696146b8.r
v4.s.arclk.net/api/product/ 		43 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v4.s.arclk.net/api/product/014a8c15be7d6be098719b625618db1af6696146b8.r?confirm=096aa6e577e7cd3baf2d51b2fecf59fb&size=1920000&noframe=1&tnc_ref=http%3A%2F%2Frcapitalone.com%2F&reftaken=feed&refEqual=true
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/014a8c15be7d6be098719b625618db1af6696146b8.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA3MjYxODA0IiwiZCI6InJjYXBpdGFsb25lLmNvbSJ9.2owgOPZCMbC7IUDWDnF2wG0Y2xbJ_rnLaIEqbo9Z8PI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.37.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-37-82.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

:path
/api/product/014a8c15be7d6be098719b625618db1af6696146b8.r?confirm=096aa6e577e7cd3baf2d51b2fecf59fb&size=1920000&noframe=1&tnc_ref=http%3A%2F%2Frcapitalone.com%2F&reftaken=feed&refEqual=true
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
v4.s.arclk.net
cookie
checkme=096aa6e577e7cd3baf2d51b2fecf59fbb789
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:58 GMT
referrer-policy
no-referrer
p3p
CP="CUR NOI NID STA STP"
x-robots-tag
noindex, nofollow
content-length
43
content-type
text/html; charset=utf-8
click
vipaffnetwork.com/ 		284 B
465 B 		Document
General
Check archive.org
Download Go to
Full URL
https://vipaffnetwork.com/click?trvid=13958
Requested by
Host: v4.s.arclk.net
URL: https://v4.s.arclk.net/api/user/014a8c15be7d6be098719b625618db1af6696146b8.r?tk=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwdWIiOiI1MjJjNjE1YTlhODQ4MGNhYjhiMTA0MTIiLCJ0cyI6IjA3MjYxODA0IiwiZCI6InJjYXBpdGFsb25lLmNvbSJ9.2owgOPZCMbC7IUDWDnF2wG0Y2xbJ_rnLaIEqbo9Z8PI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.125.239.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-239-17.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
vipaffnetwork.com
:scheme
https
:path
/click?trvid=13958
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Mon, 26 Jul 2021 18:04:58 GMT
content-type
text/html; charset=utf-8
content-length
284
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
click
vipaffnetwork.com/ 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vipaffnetwork.com/click?trvid=13958&trvjs=t
Requested by
Host: vipaffnetwork.com
URL: https://vipaffnetwork.com/click?trvid=13958
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.125.239.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-239-17.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1974d0b9dc67edf874db9385bb98dc9f1509cf047f188a624eeaf3616541647

Request headers

:method
GET
:authority
vipaffnetwork.com
:scheme
https
:path
/click?trvid=13958&trvjs=t
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://vipaffnetwork.com/click?trvid=13958
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://vipaffnetwork.com/click?trvid=13958

Response headers

server
nginx
date
Mon, 26 Jul 2021 18:04:58 GMT
content-type
text/html; charset=utf-8
content-length
1140
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
set-cookie
ClickDataNG=H4sIAAAAAAAA_2RSUW_bPAz8KwafWkBQbCdxEhXFh3zpsA1tigFt15e9KDKdaHEkj5Kcdm3_-yDbawPszSTPJx7vXqBFctoaEJDxlKfAwD83CCJl4MLm_u-3sqZF8liCqGTtkIGqtdp_LUHA7Nc0jJ-qcZ61ARiU0iOIrMhn4zwvFnMGSh4aqbcmorPxYjpnoN3q2_Kdi6yXXtseUOQpAwo1xip-YqkJlV-j39kSxJSBs4FUN8_mDGppSm22A3yoHqgGAcDAVhVSnE0W04zBhqRRuwHbzXrkzvvGidHoeDzyrTUOiavdCKJy54c9WjShP0cjn23wHxyrQIRGPYOAh7srYBBIn5C2upFVZdAfLe25sodRd73_PLW6vOxO8iOkaV54an-6Sw8MdLMsS0LnojOLKc-zgufZgmdZejotepHBIS23aDwIWNvfuq7laMrT5OxRm9IeXXJ7n2QpTy-SR22KyUXyVEzOk2XT1PiIm2vtR9PxjI-L5Oz6y_36hiW13mPyGdXenierHdkDjuYLnvLJeL7gszy5k5UkPfwF8TgVEhII-EdrjAS2WuF7mGwUNWwWHXLfP0IY1W3IHl1H1j_9zvA_SVP2ivvG2pZYnzZu5QH7WvXPwcpSYylmMqauAQF3DWnjO2uD8RRNu_rUadj2S8SR9n3_9RWi3YTGr6JnQ6hIb7W5aU5anqRxUvUxdiBMqGsGKjhvDyBe3t7-BAAA__-voTvIbAMAAA==; Expires=Wed, 25 Aug 2021 18:04:58 GMT; SameSite=None; Secure ClickDataNgFall=H4sIAAAAAAAA_2RSUW_bPAz8KwafWkBQbCdxEhXFh3zpsA1tigFt15e9KDKdaHEkj5Kcdm3_-yDbawPszSTPJx7vXqBFctoaEJDxlKfAwD83CCJl4MLm_u-3sqZF8liCqGTtkIGqtdp_LUHA7Nc0jJ-qcZ61ARiU0iOIrMhn4zwvFnMGSh4aqbcmorPxYjpnoN3q2_Kdi6yXXtseUOQpAwo1xip-YqkJlV-j39kSxJSBs4FUN8_mDGppSm22A3yoHqgGAcDAVhVSnE0W04zBhqRRuwHbzXrkzvvGidHoeDzyrTUOiavdCKJy54c9WjShP0cjn23wHxyrQIRGPYOAh7srYBBIn5C2upFVZdAfLe25sodRd73_PLW6vOxO8iOkaV54an-6Sw8MdLMsS0LnojOLKc-zgufZgmdZejotepHBIS23aDwIWNvfuq7laMrT5OxRm9IeXXJ7n2QpTy-SR22KyUXyVEzOk2XT1PiIm2vtR9PxjI-L5Oz6y_36hiW13mPyGdXenierHdkDjuYLnvLJeL7gszy5k5UkPfwF8TgVEhII-EdrjAS2WuF7mGwUNWwWHXLfP0IY1W3IHl1H1j_9zvA_SVP2ivvG2pZYnzZu5QH7WvXPwcpSYylmMqauAQF3DWnjO2uD8RRNu_rUadj2S8SR9n3_9RWi3YTGr6JnQ6hIb7W5aU5anqRxUvUxdiBMqGsGKjhvDyBe3t7-BAAA__-voTvIbAMAAA==; Expires=Wed, 25 Aug 2021 18:04:58 GMT
double
vipaffnetwork.com/ 		623 B
803 B 		Document
General
Check archive.org
Download Go to
Full URL
https://vipaffnetwork.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3d3dy5nb25zZXIuY2gvIiwiUmVkaXJlY3RXb3JkaW5nIjoiWW91IGFyZSBiZWluZyBhdXRvbWF0aWNhbGx5IHJlZGlyZWN0ZWQuIiwiUmVkaXJlY3RUaXRsZSI6IlJlZGlyZWN0aW9uLi4uIiwiUmVkaXJlY3RMaW5rVGV4dCI6Ik9yIGNsaWNrIGhlcmUgdG8gY29udGludWUuIiwiSW5zdGFsbElkIjoyMDAxfQ==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.125.239.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-239-17.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
df0dcb80ddf134111f08bb1baf4bd246e3f0375ed929e8693959d42e0abd6e8f

Request headers

:method
GET
:authority
vipaffnetwork.com
:scheme
https
:path
/double?t=2&d=eyJVUkwiOiJodHRwczovL3d3dy5nb25zZXIuY2gvIiwiUmVkaXJlY3RXb3JkaW5nIjoiWW91IGFyZSBiZWluZyBhdXRvbWF0aWNhbGx5IHJlZGlyZWN0ZWQuIiwiUmVkaXJlY3RUaXRsZSI6IlJlZGlyZWN0aW9uLi4uIiwiUmVkaXJlY3RMaW5rVGV4dCI6Ik9yIGNsaWNrIGhlcmUgdG8gY29udGludWUuIiwiSW5zdGFsbElkIjoyMDAxfQ==
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ClickDataNG=H4sIAAAAAAAA_2RSUW_bPAz8KwafWkBQbCdxEhXFh3zpsA1tigFt15e9KDKdaHEkj5Kcdm3_-yDbawPszSTPJx7vXqBFctoaEJDxlKfAwD83CCJl4MLm_u-3sqZF8liCqGTtkIGqtdp_LUHA7Nc0jJ-qcZ61ARiU0iOIrMhn4zwvFnMGSh4aqbcmorPxYjpnoN3q2_Kdi6yXXtseUOQpAwo1xip-YqkJlV-j39kSxJSBs4FUN8_mDGppSm22A3yoHqgGAcDAVhVSnE0W04zBhqRRuwHbzXrkzvvGidHoeDzyrTUOiavdCKJy54c9WjShP0cjn23wHxyrQIRGPYOAh7srYBBIn5C2upFVZdAfLe25sodRd73_PLW6vOxO8iOkaV54an-6Sw8MdLMsS0LnojOLKc-zgufZgmdZejotepHBIS23aDwIWNvfuq7laMrT5OxRm9IeXXJ7n2QpTy-SR22KyUXyVEzOk2XT1PiIm2vtR9PxjI-L5Oz6y_36hiW13mPyGdXenierHdkDjuYLnvLJeL7gszy5k5UkPfwF8TgVEhII-EdrjAS2WuF7mGwUNWwWHXLfP0IY1W3IHl1H1j_9zvA_SVP2ivvG2pZYnzZu5QH7WvXPwcpSYylmMqauAQF3DWnjO2uD8RRNu_rUadj2S8SR9n3_9RWi3YTGr6JnQ6hIb7W5aU5anqRxUvUxdiBMqGsGKjhvDyBe3t7-BAAA__-voTvIbAMAAA==; ClickDataNgFall=H4sIAAAAAAAA_2RSUW_bPAz8KwafWkBQbCdxEhXFh3zpsA1tigFt15e9KDKdaHEkj5Kcdm3_-yDbawPszSTPJx7vXqBFctoaEJDxlKfAwD83CCJl4MLm_u-3sqZF8liCqGTtkIGqtdp_LUHA7Nc0jJ-qcZ61ARiU0iOIrMhn4zwvFnMGSh4aqbcmorPxYjpnoN3q2_Kdi6yXXtseUOQpAwo1xip-YqkJlV-j39kSxJSBs4FUN8_mDGppSm22A3yoHqgGAcDAVhVSnE0W04zBhqRRuwHbzXrkzvvGidHoeDzyrTUOiavdCKJy54c9WjShP0cjn23wHxyrQIRGPYOAh7srYBBIn5C2upFVZdAfLe25sodRd73_PLW6vOxO8iOkaV54an-6Sw8MdLMsS0LnojOLKc-zgufZgmdZejotepHBIS23aDwIWNvfuq7laMrT5OxRm9IeXXJ7n2QpTy-SR22KyUXyVEzOk2XT1PiIm2vtR9PxjI-L5Oz6y_36hiW13mPyGdXenierHdkDjuYLnvLJeL7gszy5k5UkPfwF8TgVEhII-EdrjAS2WuF7mGwUNWwWHXLfP0IY1W3IHl1H1j_9zvA_SVP2ivvG2pZYnzZu5QH7WvXPwcpSYylmMqauAQF3DWnjO2uD8RRNu_rUadj2S8SR9n3_9RWi3YTGr6JnQ6hIb7W5aU5anqRxUvUxdiBMqGsGKjhvDyBe3t7-BAAA__-voTvIbAMAAA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Mon, 26 Jul 2021 18:04:58 GMT
content-type
text/html; charset=utf-8
content-length
623
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires
Thu, 01 Jan 1970 00:00:00 UTC
pragma
no-cache
Primary Request /
www.gonser.ch/ 		626 KB
82 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
da368b7786e3efee5e45bc696c9ba59ef0b48cb3ef8e1857ce0ab00a82a16703
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
www.gonser.ch
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Mon, 26 Jul 2021 18:04:59 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-plenty-shop
Ceres
content-security-policy
frame-ancestors 'self'
x-plenty-shop-version
eyJpdiI6InJhS0ZycG1uY09acTdITjllMk9QR0E9PSIsInZhbHVlIjoiNHdBVnNVNUd1MHVcL0NWdlFuZG9UVXc9PSIsIm1hYyI6ImYxODA4ZmIxNDAzZmJhYTE3MWRkMGZhNzkxM2FmODJlNDE1ODI0MDQ5M2I4YzZiY2VlOTFlZDhiODM4YTEyM2QifQ==
x-ssr-active
1
x-plenty-shop-stage
production
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-plenty-cache-status
HIT
content-encoding
gzip
cache-control
private,no-store,must-revalidate
pragma
no-cache
ceres-icons.css
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/css/ 		66 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/css/ceres-icons.css
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35a394e3e8588a37b93cb0c4f06d5c7b18d288059dc30f57cba2785f18d85d20

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 21:11:00 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 07:07:42 GMT
server
AmazonS3
age
75240
etag
W/"e310e0c74f226fa55a405b62923f2e47"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
fRWHJhLyNhf_WGEbNYHmJ43uHnVF_V71
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
dKt2OrR1O134B3dpHI7Wc22oBSI9S9988Vec4VoKUGyXFkIRg_ZYaQ==
expires
Fri, 23 Jul 2021 07:07:41 GMT
main-base.min.css
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/gonserdt/css/ 		506 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/gonserdt/css/main-base.min.css
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02b759110fa13dd2202678b58470ada3e1b7d7f147fbab290e77efb75574ca1b

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 01:19:59 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 07:08:00 GMT
server
AmazonS3
age
60301
etag
W/"cfc0a1d030fe374b2c486b86e5a888e2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Lh8uYSZAp5Gtx910RhJnfiuUfcRTrvBp
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
JUK5GQTVd7cDcocjGJC1bZKz8nHu0lE5AbFZNY7WtaaupptUeXt0Sg==
expires
Fri, 23 Jul 2021 07:07:59 GMT
main.css
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/cfourarticlenotifications/css/ 		97 B
511 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/cfourarticlenotifications/css/main.css
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bbb9aec1d8e82301b7ad4ebc4ffce0b3a638d73f0f612383713b24e15bdc10df

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 01:19:59 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
last-modified
Fri, 16 Jul 2021 07:07:59 GMT
server
AmazonS3
age
60301
etag
"f1e990495842b2c233a4453e28e3a151"
x-cache
Hit from cloudfront
x-amz-version-id
ppy7b2V1jKfKhcoG.Xvu4KHdGcLo0R7n
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
text/css
content-length
97
x-amz-cf-id
cFyOtvmKdisfbtfW97Bbev7T3mhNi-WwSL-NynG1W1HLw065bCshhQ==
expires
Fri, 23 Jul 2021 07:07:58 GMT
findologic.min.css
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/findologic/css/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/findologic/css/findologic.min.css
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ede3c4f041fb4473fc7952139f0297291d6b3bbeecbe45d2872b8f404bdf2ad

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 01:19:59 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 07:07:59 GMT
server
AmazonS3
age
60301
etag
W/"a953afc1d63c6af8a71057a9d0c2d103"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
EwU83lIFxiUWTjWNskjGVvnN1tNkubNd
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
PCFDCvun9M5VUiEEvdnXwysiarKox-4Urhw8RbtZvBZFeJpGgdVB1Q==
expires
Fri, 23 Jul 2021 07:07:58 GMT
gonserbox-klein.png
www.gonser.ch/layout/gonser_2015_20190704/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/layout/gonser_2015_20190704/img/gonserbox-klein.png
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6824695692a6ccb50cd16bfce8cbcc2a1c6e6e1adf3578ce9e6b423106414157

Request headers

:path
/layout/gonser_2015_20190704/img/gonserbox-klein.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gonser.ch
referer
https://www.gonser.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
last-modified
Fri, 08 Mar 2019 13:10:39 GMT
server
nginx
etag
"5c8269cf-16d4"
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
5844
expires
Mon, 09 Aug 2021 18:04:59 GMT
zahlart-bankzahlung.png
www.gonser.ch/images/gallery/gonser-2015/zahlarten/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/images/gallery/gonser-2015/zahlarten/zahlart-bankzahlung.png
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
263d71d257e8ffa6aeed6dcc1a9b6fe88b61d38c13181eb00115ced54d4a918a

Request headers

:path
/images/gallery/gonser-2015/zahlarten/zahlart-bankzahlung.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gonser.ch
referer
https://www.gonser.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
last-modified
Tue, 20 Jan 2015 10:13:57 GMT
server
nginx
etag
"54be2a65-1b20"
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
6944
expires
Mon, 09 Aug 2021 18:04:59 GMT
zahlart-kreditkarte.png
www.gonser.ch/images/gallery/gonser-2015/zahlarten/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/images/gallery/gonser-2015/zahlarten/zahlart-kreditkarte.png
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
483f498432e2432f9878924f6103c26d3ecf1a71a973ced38d9bec843cfe0297

Request headers

:path
/images/gallery/gonser-2015/zahlarten/zahlart-kreditkarte.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gonser.ch
referer
https://www.gonser.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
last-modified
Thu, 21 Mar 2019 07:48:21 GMT
server
nginx
etag
"5c9341c5-d91"
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
3473
expires
Mon, 09 Aug 2021 18:04:59 GMT
zahlart-paypal.png
www.gonser.ch/images/gallery/gonser-2015/zahlarten/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/images/gallery/gonser-2015/zahlarten/zahlart-paypal.png
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
63238449f8169563732e486bbd85aa432a13e68d06be671475d9c33b83f0dd79

Request headers

:path
/images/gallery/gonser-2015/zahlarten/zahlart-paypal.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gonser.ch
referer
https://www.gonser.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
last-modified
Mon, 20 Jun 2016 09:55:41 GMT
server
nginx
etag
"5767bd9d-862"
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2146
expires
Mon, 09 Aug 2021 18:04:59 GMT
zahlart-sofortueberweisung.png
www.gonser.ch/images/gallery/gonser-2015/zahlarten/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/images/gallery/gonser-2015/zahlarten/zahlart-sofortueberweisung.png
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6bad27d578e5780e745238f567a9e6722581165379fe9247ac1c72dfa5f6fd38

Request headers

:path
/images/gallery/gonser-2015/zahlarten/zahlart-sofortueberweisung.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gonser.ch
referer
https://www.gonser.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
last-modified
Tue, 19 Feb 2019 10:17:19 GMT
server
nginx
etag
"5c6bd7af-b5c"
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2908
expires
Mon, 09 Aug 2021 18:04:59 GMT
sicher-einkaufen-footer.png
www.gonser.ch/layout/gonser_2015_20150915/img/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/layout/gonser_2015_20150915/img/sicher-einkaufen-footer.png
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1309ba224b27bc03db61a1f96b80571423a4241e03a98502d0f67d05ab440845

Request headers

:path
/layout/gonser_2015_20150915/img/sicher-einkaufen-footer.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gonser.ch
referer
https://www.gonser.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
last-modified
Thu, 26 Feb 2015 13:19:31 GMT
server
nginx
etag
"54ef1d63-2940"
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
10560
expires
Mon, 09 Aug 2021 18:04:59 GMT
facebook.png
cdn10.plentymarkets.com/mrt54q44tptl/frontend/Frontend-Studios/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/frontend/Frontend-Studios/facebook.png
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4e254b61797b75a22053a73bfd30fc984d0e883be81edac8e58fae3b60862a62

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 01:27:18 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
age
59862
x-amz-meta-width
30
x-cache
Hit from cloudfront
x-amz-meta-height
30
content-length
1533
last-modified
Tue, 18 May 2021 06:11:47 GMT
server
AmazonS3
etag
"ad452e039e253aedbf59ecdc858b34fe"
x-amz-version-id
1neX6ak8R4yC_9GXjE_7tOyCDCFCdr87
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
nRYsiWGRwz7p-agqgBiqJXbEyJTO-bfDOoy1y0lI3jkQBxqrZBKnrQ==
expires
Thu, 20 May 2021 06:11:46 GMT
insta.png
cdn02.plentymarkets.com/mrt54q44tptl/frontend/Frontend-Studios/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/mrt54q44tptl/frontend/Frontend-Studios/insta.png
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-53.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a63b3df48e6193080845e91dd87d70089a450c7328f33c069c9188a0e7b088b6

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 08:42:26 GMT
via
1.1 d5cf9e2604452e6d04db24c2381f245d.cloudfront.net (CloudFront)
age
33754
x-amz-meta-width
32
x-cache
Hit from cloudfront
x-amz-meta-height
32
content-length
3904
last-modified
Wed, 14 Apr 2021 06:52:54 GMT
server
AmazonS3
etag
"0ee154b93e11bd60e425885976d9da21"
x-amz-version-id
Z4NozLXecMdqyfsD.yAuDpOdp9J2AtiL
cache-control
max-age=172800
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
ARhjORFcfqRJyKxPk0iVvze3uOPSU_leD5SHgvwxJ_psFzF-3TKY8g==
expires
Fri, 16 Apr 2021 06:52:53 GMT
ceres-client.min.js
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/ 		740 KB
231 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/ceres-client.min.js?v=5ea76d5abc97827a6f375d05590434287fd54c14
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6778fd369b4a1b47e6c5562fda6bc22caf95b51797f3979821189bbcd391bcc0

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:43:46 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 07:07:53 GMT
server
AmazonS3
age
138074
etag
W/"a7a110bc5d47c388b91f32fdb05c0db5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
boXVCYIm5Rg8FdGKGT83PhogVMcWrgPy
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
mTliRS5Rl1sAaoZnBzwWfE8SABO1SYydAGUK7YIg5AOTOa9-t8aZ1Q==
expires
Fri, 23 Jul 2021 07:07:52 GMT
feedback.min.js
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/feedback/js/dist/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/feedback/js/dist/feedback.min.js?v=5ea76d5abc97827a6f375d05590434287fd54c14
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17d47be4f32ff31db9a41ed7da11997f7e0d935ca1f47d9efec061400c10e191

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
CkAyudAgpSWDG2b_KlEFHt4GZw7rPPcx
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 07:07:58 GMT
server
AmazonS3
age
17852
etag
W/"f2f8ab1315317f342b449cba1f000273"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
max-age=604800
date
Mon, 26 Jul 2021 13:07:28 GMT
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
yqrG-f5UpbX2hpblyvjnqiyvVK-ywzp2m_P-k19FfUnFKKJ4If-5HA==
expires
Fri, 23 Jul 2021 07:07:57 GMT
svg-injector.min.js
cdnjs.cloudflare.com/ajax/libs/svg-injector/1.1.3/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/svg-injector/1.1.3/svg-injector.min.js
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a306526fc6a2c25361cccc5ba74de9592c51c225daa00e81e2fea18959d4499
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10872744
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1865
cf-request-id
08fd85fece000064df14a5b000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:51 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ff3-11e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yz2cziktIOTX4WjqpXRg5x35eyCAUoxmOSt%2BlSSdDAQmclUV4dcAd0Fc6Nzjfx6CF47dQCHSnLz3wC%2BAxbXxu3IiBCUDD6mw%2FTWBpUDIgeU%2Fe8mHsEp8EpfzcWH5Xd%2FlZR9BlgjkHSHYC43TPgFPEUCs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
674f8db629e643b8-FRA
expires
Sat, 16 Jul 2022 18:04:59 GMT
filters-component-min.js
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/findologic/js/dist/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/findologic/js/dist/filters-component-min.js
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
947951174878bc8d9920a398fe46eb50b5a0a3d813a74a78dd5e1a630452bec6

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 01:19:59 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 07:07:59 GMT
server
AmazonS3
age
60301
etag
W/"730fbaa6e2d62289f0303dc37b5c14ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
laWU1GPFqxo.Gt9k7a9IYBwlzLeXz6kx
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
LAqbKywa3o8eryGMjLmiSM8PJuzMwOawhS_7sqpANgn0ouTCPooOFA==
expires
Fri, 23 Jul 2021 07:07:58 GMT
jquery.fancybox.min.js
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.1/dist/ 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.1/dist/jquery.fancybox.min.js
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3f27849fbcb7ec27f0e71094e146f71be03c431f73a8c9c021a4462a39df5a22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
35099
x-jsd-version
3.1.25
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
16772
etag
W/"cdb1-/n8FFMBOB+Zo3nkJfnEje9rQoiQ"
x-served-by
cache-fra19170-FRA
x-jsd-version-type
version
date
Mon, 26 Jul 2021 18:04:59 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
css
fonts.googleapis.com/ 		9 KB
845 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/gonserdt/css/main-base.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
337dbd90c2e418ac7fafe28d235369f22405c35e33caf0a04b769375bf34e030
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn10.plentymarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 17:55:07 GMT
server
ESF
date
Mon, 26 Jul 2021 18:04:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Jul 2021 18:04:59 GMT
gtm.js
www.googletagmanager.com/ 		182 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TP425ZH
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf8a064b8c8a3aef03577d6da7abea971ed35c2bbfc32a62d3b5ffcf55488058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64389
x-xss-protection
0
expires
Mon, 26 Jul 2021 18:04:59 GMT
main.css
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/feedback/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/feedback/css/main.css
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7ba2dc023b6c418c8738942790dba9929b6833e3eab86c544520c586af2bf9

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 01:19:34 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 07:07:57 GMT
server
AmazonS3
age
60326
etag
W/"65a48a3716144982879e644499b96741"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
DWqVqDoo.3sFMVzwQeBGpe8bN7NQU2ot
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/css
x-amz-cf-id
YXriHilh8JeppN6bvEgLJgox9xenREW_0FC9qwzCybPQPWmjw8V60A==
expires
Fri, 23 Jul 2021 07:07:56 GMT
fontawesome-webfont.woff2
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/gonserdt/documents/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/gonserdt/documents/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/gonserdt/css/main-base.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin
https://www.gonser.ch
Referer
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/gonserdt/css/main-base.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 23:41:37 GMT
via
1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
152603
x-cache
Hit from cloudfront
content-length
71896
last-modified
Fri, 16 Jul 2021 07:08:06 GMT
server
AmazonS3
etag
"e6cf7c6ec7c2d6f670ae9d762604cb0b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
3sa61QjNw8fgEMA_c7HeNG.KafPztaSs
access-control-allow-origin
*
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
GMNuJlK7XnnhqKIGoW0DmygyKpZCkTFu0TnVXgjHUdw3PeTB2f3nFQ==
expires
Fri, 23 Jul 2021 07:08:05 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gonser.ch
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 01:25:07 GMT
x-content-type-options
nosniff
age
578392
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 01:25:07 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gonser.ch
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 18:26:10 GMT
x-content-type-options
nosniff
age
603529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 18:26:10 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP425ZH
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
6991
date
Mon, 26 Jul 2021 16:08:28 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Mon, 26 Jul 2021 18:08:28 GMT
14619.js
www.dwin1.com/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/14619.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP425ZH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:8a00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a20d7d126f2764f575487ba49d6a3446cafb5225520bb36cd8d463dd33fdf3a

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:05:00 GMT
content-encoding
gzip
x-amz-cf-pop
MAD50-C1
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Tue, 20 Jul 2021 15:12:49 GMT
server
AmazonS3
etag
W/"b6368d67e8fa56982563ab3babb86c44"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
x-amz-version-id
N8RANh2dqARXPTZ8x6P8M75VGvC3BUxq
via
1.1 95f1b7018f5640d0a596bfddfbb25f68.cloudfront.net (CloudFront)
cache-control
max-age=600, s-maxage=600
content-type
application/javascript; charset=utf-8
x-amz-cf-id
lZkkDxmjNri2tJHhMjZPTi-x_kt_AGz9QyYw38t_93l7szpVHz5gjQ==
lila.js
tc.connects.ch/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tc.connects.ch/lila.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP425ZH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),
Reverse DNS
Software
nginx /
Resource Hash
2bbd412bfc6e2aefaee5cf0648ad34e5ae55f21b7baec795169ad9d1a5361883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Oct 2020 13:24:42 GMT
server
nginx
etag
W/"5f7c701a-3f97"
content-type
application/javascript
x-xss-protection
1; mode=block
bat.js
bat.bing.com/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP425ZH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6e9e8d16e703a71a0020912bb5435e8af2e5b41bbd4661905471f84dfb52e1d3

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:58 GMT
content-encoding
gzip
last-modified
Tue, 20 Jul 2021 18:24:21 GMT
x-msedge-ref
Ref A: 2BF935C999104678940546C189487191 Ref B: FRAEDGE1407 Ref C: 2021-07-26T18:04:59Z
etag
"80b87575947dd71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9014
core.js
s.pinimg.com/ct/ 		1 KB
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP425ZH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28f::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
x-cdn
akamai
etag
"d281f5ef4add283680ff41edc6dd28c4"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
x-fallback
26bbb42a-2.16.186.126
accept-ranges
bytes
content-length
584
access-control-expose-headers
X-CDN
fbevents.js
connect.facebook.net/en_US/ 		95 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: rcapitalone.com
URL: http://rcapitalone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24676
x-xss-protection
0
pragma
public
x-fb-debug
2OtOo3KF/zmDmlFZwX2aCXCLwU8Vonys35H8u/2CC2an2SV0z4raViHOJugKWQGXfMCQ0WXHJCoET4q1+3tLmQ==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 26 Jul 2021 18:04:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
loader.min.js
cdn.findologic.com/static/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.findologic.com/static/loader.min.js
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3a831b2949d080b9ab402c2c968b99590a24b0bc2177c3de548bb318bd96689d

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 26 Jul 2021 18:04:59 GMT
content-encoding
br
x-77-nzt-ray
sxqtiSIz4U0=
x-77-cache
HIT
x-cache
HIT
x-age
76034
x-77-nzt
Abk73BB1wQrvAikBAA==
x-accel-expires
@1627333065
last-modified
Mon, 28 Jun 2021 14:45:40 GMT
server
CDN77-Turbo
etag
W/"60d9e094-45fe"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=86400
expires
Wed, 30 Jun 2021 20:57:10 GMT
ceres-client-44.min.js
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/chunks/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/chunks/ceres-client-44.min.js
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/ceres-client.min.js?v=5ea76d5abc97827a6f375d05590434287fd54c14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02f7d7fb801e94b815c14e6a1d8fa55f86833936973908427a55da5264314233

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 21:20:26 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 07:07:51 GMT
server
AmazonS3
age
74674
etag
W/"78e5771ce8ea55e124ff6bff87d92a10"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
wDuNMu7mHgJL1.r1QXyTvSNHDnL81h5m
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
61ujj8-XB56g-UoJpXaDyeMqG7TfD9d9zW84j4uiLE3FS9eMtZ4PKw==
expires
Fri, 23 Jul 2021 07:07:50 GMT
ceres-client-16.min.js
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/chunks/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/chunks/ceres-client-16.min.js
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/ceres-client.min.js?v=5ea76d5abc97827a6f375d05590434287fd54c14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e0d5acb2b973bf4242ceb722e72fd779885a881181de770e969e2b6e81bc617

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 21:20:26 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 07:07:51 GMT
server
AmazonS3
age
74674
etag
W/"32d58584fe521f8bb9d404da103ceb1e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
zz6FTVwf1HUGVAX6rmz2IUA2nRicG9Nx
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
xr5a0kBtu2KZ0YAd7ETXfggKOButaYkdFs9GFSbiVo9Xc9tzsF9ugg==
expires
Fri, 23 Jul 2021 07:07:50 GMT
ceres-client-8.min.js
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/chunks/ceres-client-8.min.js
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/ceres-client.min.js?v=5ea76d5abc97827a6f375d05590434287fd54c14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c119d5fc36ce5d1e12c4c3a0320e697b58c055d29b0dc47aba89051fdc37e03

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 21:20:26 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 07:07:53 GMT
server
AmazonS3
age
74674
etag
W/"6de46cb837756b55bb92ae88a4d238c5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
sAfL.FSnSmMrAeICMAdR_8GcIx2rCyXv
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
V8mLXxADrmENsToLdohhf8sYqN_7nhl9jzRv6tlOsUjpUkCZ7n7KVQ==
expires
Fri, 23 Jul 2021 07:07:52 GMT
ceres-client-6.min.js
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/chunks/ 		87 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/chunks/ceres-client-6.min.js
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/ceres-client.min.js?v=5ea76d5abc97827a6f375d05590434287fd54c14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fe28f84ad581c157ae81e5c7fecdf43b432125346a62d1934f0e8aeac3c8988

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 01:20:00 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 07:07:50 GMT
server
AmazonS3
age
60300
etag
W/"6140b305dc4996a2e95bda8e88702945"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
nOMfEXbhl1u4yZJzVb.mkljbidHolyw_
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
femgct9UWHRLwWiXZcLT14Otw7oRx5fwY-QL6V0IOYtBxtU2lLHqJw==
expires
Fri, 23 Jul 2021 07:07:49 GMT
ceres-client-15.min.js
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/chunks/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/chunks/ceres-client-15.min.js
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/ceres-client.min.js?v=5ea76d5abc97827a6f375d05590434287fd54c14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a050aed6f8e71c085e46e39ebe7f7ed33e1b0e3f53475e4c638b2940180791d4

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 21:20:26 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 07:07:51 GMT
server
AmazonS3
age
74674
etag
W/"03b142aafb80ae7fd151c4e524be14bb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
4Vkcc3Y3Va.yqqVv6bfi9hwM0q_wcXT5
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
WB8WYwXCI83ExiW8NJXB7U_A_u7jtXtE-WhsWF1-ewktMXmzUjzNUQ==
expires
Fri, 23 Jul 2021 07:07:50 GMT
ceres-client-25.min.js
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/chunks/ceres-client-25.min.js
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/ceres-client.min.js?v=5ea76d5abc97827a6f375d05590434287fd54c14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc7beb73e08550fcbfc6f0db5425506d50d927b8165192e4a962bf18a7db13c1

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 21:20:26 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 07:07:52 GMT
server
AmazonS3
age
74674
etag
W/"00ab56271c86745cfe99e408853caa2f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Uv7amG9eJp7FP8Tvi93j4FbCzEM4NFrU
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
XZ65az2fCcUzfd2pbDRtxKOXx8E2dV-Okr2ECbG7djgutRe1Am4ipA==
expires
Fri, 23 Jul 2021 07:07:51 GMT
/
www.gonser.ch/rest/io/basket/ 		753 B
921 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gonser.ch/rest/io/basket/?templateType=home&_=1627322699355
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/ceres-client.min.js?v=5ea76d5abc97827a6f375d05590434287fd54c14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8dde7642317527d6dd668d57927c31dff526df704ca50c385fe3a1247a8954db

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
_gcl_au=1.1.1204730289.1627322699
:path
/rest/io/basket/?templateType=home&_=1627322699355
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
www.gonser.ch
referer
https://www.gonser.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.gonser.ch/
X-Requested-With
XMLHttpRequest
Accept-Language
de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
cache-control
no-cache, private
server
nginx
set-cookie
plentyID=eyJpdiI6Ino3YlBoejFUR0tTb0RmaURnWU9UcEE9PSIsInZhbHVlIjoiUytZYkg4aUpnTXV1dzFINGhlYWozUis5RWp0c1dFYitQNVFUVUNrUlczWnJ1SEtjZzBoWnBITHRYY1hnR0tJayIsIm1hYyI6Ijc4OGQ1OTdhYWE3MTRlNDdkN2Q3YmRhMGU0MzI2ZDU4ZDIzYzBiZWYwOWZhZThjY2E3YWExNzEzNjZkYjkzM2YifQ%3D%3D; expires=Wed, 03-Nov-2021 19:04:59 GMT; Max-Age=8643600; path=/; domain=.gonser.ch; secure; httponly plenty_cache=deleted; expires=Sun, 26-Jul-2020 18:04:58 GMT; Max-Age=0; path=/; domain=www.gonser.ch; httponly
content-encoding
gzip
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
www.gonser.ch/rest/io/basket/items/ 		23 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gonser.ch/rest/io/basket/items/?template=Ceres%3A%3ABasket.Basket&templateType=home&_=1627322699356
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/ceres-client.min.js?v=5ea76d5abc97827a6f375d05590434287fd54c14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
87a2f8365c65b08bc824cecca8cefe071bbb0312957d3842b0557b3dbaed3fff

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
_gcl_au=1.1.1204730289.1627322699
:path
/rest/io/basket/items/?template=Ceres%3A%3ABasket.Basket&templateType=home&_=1627322699356
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
www.gonser.ch
referer
https://www.gonser.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.gonser.ch/
X-Requested-With
XMLHttpRequest
Accept-Language
de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
cache-control
no-cache, private
server
nginx
set-cookie
plentyID=eyJpdiI6IjQxaFNNeHFRa3NIMDVubXA2dExxU0E9PSIsInZhbHVlIjoiT09paXJGbzZBYnFHb1JDQmN1UG9NU29vaTdwNTRjeEhxbkhNVEdvKzNaVDd5SVwvSDhwSXBnMmRVcFpRNmFpcTUiLCJtYWMiOiI3ZTlhYWNhYmU4YzY0ZWMxNzg2M2VlNTJkZWU0OGFiYmQ1ZmE2ZjQ4YTA2YmIyM2M0MzEyOGNkMDQ3MDJkMDc2In0%3D; expires=Wed, 03-Nov-2021 19:04:59 GMT; Max-Age=8643600; path=/; domain=.gonser.ch; secure; httponly plenty_cache=deleted; expires=Sun, 26-Jul-2020 18:04:58 GMT; Max-Age=0; path=/; domain=www.gonser.ch; httponly
content-encoding
gzip
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
www.gonser.ch/rest/io/customer/ 		25 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gonser.ch/rest/io/customer/?templateType=home
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/ceres-client.min.js?v=5ea76d5abc97827a6f375d05590434287fd54c14
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f58ace84e88735de6302205e795e8e425f9ba4ced96a12a5867148a5c964acfb

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
_gcl_au=1.1.1204730289.1627322699
:path
/rest/io/customer/?templateType=home
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
www.gonser.ch
referer
https://www.gonser.ch/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.gonser.ch/
X-Requested-With
XMLHttpRequest
Accept-Language
de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
cache-control
no-cache, private
server
nginx
set-cookie
plentyID=eyJpdiI6ImVOeHpnUndnZTR2bzJzUm5Md3RcL0ZBPT0iLCJ2YWx1ZSI6ImFwRnU0Q2RKWHFPakZzRWhQK2N0UFo3WElBWG1TVUJuZU5jUjRNUk9ZVE5abXdVbW11eWVIdE1OYU5IUnhIU3giLCJtYWMiOiJlZTIxYTNmNDhmZmNjMjY4NWIxY2I2ZTE0NjcwOWFkZTM5NTIyNWI2MzA1Y2Y2OGFmMjllNDZkMGE4YmIwMzQwIn0%3D; expires=Wed, 03-Nov-2021 19:04:59 GMT; Max-Age=8643600; path=/; domain=.gonser.ch; secure; httponly plenty_cache=deleted; expires=Sun, 26-Jul-2020 18:04:58 GMT; Max-Age=0; path=/; domain=www.gonser.ch; httponly
content-encoding
gzip
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
hintergrund.png
www.gonser.ch/layout/gonser_2015_20171113/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/layout/gonser_2015_20171113/img/hintergrund.png
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/gonserdt/css/main-base.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2a5715197eb96bb39f8f4efe44343adb47b1fdaab45e7da970d1afa38448ea50

Request headers

:path
/layout/gonser_2015_20171113/img/hintergrund.png
pragma
no-cache
cookie
_gcl_au=1.1.1204730289.1627322699
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gonser.ch
referer
https://cdn10.plentymarkets.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://cdn10.plentymarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
last-modified
Mon, 20 Jun 2016 07:51:12 GMT
server
nginx
etag
"5767a070-1dce"
content-type
image/png
cache-control
max-age=1209600
accept-ranges
bytes
content-length
7630
expires
Mon, 09 Aug 2021 18:04:59 GMT
menuebild-24.jpg
www.gonser.ch/images/gallery/gonser-2015/menuebilder/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/images/gallery/gonser-2015/menuebilder/menuebild-24.jpg
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/gonserdt/css/main-base.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
85baa67b6e630a446f4bd1fcd8db03e23268c2f7af7171b3c011a0107b4e5765

Request headers

:path
/images/gallery/gonser-2015/menuebilder/menuebild-24.jpg
pragma
no-cache
cookie
_gcl_au=1.1.1204730289.1627322699
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gonser.ch
referer
https://cdn10.plentymarkets.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://cdn10.plentymarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
last-modified
Thu, 17 Sep 2015 09:23:05 GMT
server
nginx
x-nginx-image
Resized
etag
"55fa8679-686f"
content-type
image/jpeg
cache-control
max-age=1209600
content-length
26735
expires
Mon, 09 Aug 2021 18:04:59 GMT
menuebild-193-2.jpg
www.gonser.ch/images/gallery/gonser-2015/menuebilder/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/images/gallery/gonser-2015/menuebilder/menuebild-193-2.jpg
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/gonserdt/css/main-base.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9c17f7641c292d904bc694ca5582287de651a98b873434862099959d0d912ef5

Request headers

:path
/images/gallery/gonser-2015/menuebilder/menuebild-193-2.jpg
pragma
no-cache
cookie
_gcl_au=1.1.1204730289.1627322699
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gonser.ch
referer
https://cdn10.plentymarkets.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://cdn10.plentymarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
last-modified
Thu, 24 May 2018 12:36:47 GMT
server
nginx
x-nginx-image
Resized
etag
"5b06b1df-58ff"
content-type
image/jpeg
cache-control
max-age=1209600
content-length
22783
expires
Mon, 09 Aug 2021 18:04:59 GMT
menuebild-167.jpg
www.gonser.ch/images/gallery/gonser-2015/menuebilder/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/images/gallery/gonser-2015/menuebilder/menuebild-167.jpg
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/gonserdt/css/main-base.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bafa38e691539928bf93936e48240e22e36c288496ec7bcda16a8b090095bb57

Request headers

:path
/images/gallery/gonser-2015/menuebilder/menuebild-167.jpg
pragma
no-cache
cookie
_gcl_au=1.1.1204730289.1627322699
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gonser.ch
referer
https://cdn10.plentymarkets.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://cdn10.plentymarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
last-modified
Tue, 20 Jan 2015 09:20:08 GMT
server
nginx
x-nginx-image
Resized
etag
"54be1dc8-7d4f"
content-type
image/jpeg
cache-control
max-age=1209600
content-length
32079
expires
Mon, 09 Aug 2021 18:04:59 GMT
menuebild-223.jpg
www.gonser.ch/images/gallery/gonser-2015/menuebilder/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/images/gallery/gonser-2015/menuebilder/menuebild-223.jpg
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/gonserdt/css/main-base.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
57809464d54046b0288d0dd158529b275867d4bb425cf385696241bc955bff0b

Request headers

:path
/images/gallery/gonser-2015/menuebilder/menuebild-223.jpg
pragma
no-cache
cookie
_gcl_au=1.1.1204730289.1627322699
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gonser.ch
referer
https://cdn10.plentymarkets.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://cdn10.plentymarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
last-modified
Thu, 13 Oct 2016 09:56:06 GMT
server
nginx
x-nginx-image
Resized
etag
"57ff5a36-6159"
content-type
image/jpeg
cache-control
max-age=1209600
content-length
24921
expires
Mon, 09 Aug 2021 18:04:59 GMT
menuebild-99-2.jpg
www.gonser.ch/images/gallery/gonser-2015/menuebilder/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/images/gallery/gonser-2015/menuebilder/menuebild-99-2.jpg
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/gonserdt/css/main-base.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
028ebb9e7486ff4dfe159a084de6239ad17b4e9a21ed2816a4a84b73a84d5794

Request headers

:path
/images/gallery/gonser-2015/menuebilder/menuebild-99-2.jpg
pragma
no-cache
cookie
_gcl_au=1.1.1204730289.1627322699
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gonser.ch
referer
https://cdn10.plentymarkets.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://cdn10.plentymarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
last-modified
Thu, 24 May 2018 12:48:58 GMT
server
nginx
x-nginx-image
Resized
etag
"5b06b4ba-6329"
content-type
image/jpeg
cache-control
max-age=1209600
content-length
25385
expires
Mon, 09 Aug 2021 18:04:59 GMT
menuebild-82.jpg
www.gonser.ch/images/gallery/gonser-2015/menuebilder/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/images/gallery/gonser-2015/menuebilder/menuebild-82.jpg
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/gonserdt/css/main-base.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0ca889ef77939a842e23efde134019e4bc994afe490d495e3ae775acb8dd41e4

Request headers

:path
/images/gallery/gonser-2015/menuebilder/menuebild-82.jpg
pragma
no-cache
cookie
_gcl_au=1.1.1204730289.1627322699
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gonser.ch
referer
https://cdn10.plentymarkets.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://cdn10.plentymarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
last-modified
Tue, 20 Jan 2015 10:56:19 GMT
server
nginx
x-nginx-image
Resized
etag
W/"54be3453-487b"
content-type
image/jpeg
cache-control
max-age=1209600
content-length
9932
expires
Mon, 09 Aug 2021 18:04:59 GMT
menuebild-91.jpg
www.gonser.ch/images/gallery/gonser-2015/menuebilder/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/images/gallery/gonser-2015/menuebilder/menuebild-91.jpg
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/gonserdt/css/main-base.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
010cef1e54b072ce90408423f0994e332cccdfbdeb2422e363587896fdda487c

Request headers

:path
/images/gallery/gonser-2015/menuebilder/menuebild-91.jpg
pragma
no-cache
cookie
_gcl_au=1.1.1204730289.1627322699
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gonser.ch
referer
https://cdn10.plentymarkets.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://cdn10.plentymarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
last-modified
Tue, 20 Jan 2015 11:23:08 GMT
server
nginx
x-nginx-image
Resized
etag
W/"54be3a9c-38e3"
content-type
image/jpeg
cache-control
max-age=1209600
content-length
7905
expires
Mon, 09 Aug 2021 18:04:59 GMT
menuebild-403.jpg
www.gonser.ch/images/gallery/gonser-2015/menuebilder/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gonser.ch/images/gallery/gonser-2015/menuebilder/menuebild-403.jpg
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/gonserdt/css/main-base.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.120.64.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-64-70.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2194a482d5318ea04b18c274ec9bfe99a8c71bb9897e802063e7e849557e8d23

Request headers

:path
/images/gallery/gonser-2015/menuebilder/menuebild-403.jpg
pragma
no-cache
cookie
_gcl_au=1.1.1204730289.1627322699
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.gonser.ch
referer
https://cdn10.plentymarkets.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://cdn10.plentymarkets.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
last-modified
Wed, 16 Sep 2015 13:06:20 GMT
server
nginx
x-nginx-image
Resized
etag
"55f9694c-7194"
content-type
image/jpeg
cache-control
max-age=1209600
content-length
29076
expires
Mon, 09 Aug 2021 18:04:59 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
logo.svg
cdn02.plentymarkets.com/mrt54q44tptl/frontend/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/mrt54q44tptl/frontend/logo.svg
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-53.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ee5517ab0e70d747f3cf7de5ce07bab4e9553eac8b8b51a1315c743791af92d

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 11:19:13 GMT
content-encoding
gzip
last-modified
Fri, 08 Mar 2019 15:27:11 GMT
server
AmazonS3
age
24347
etag
W/"b671cd5b08711865c8e600cdbc514587"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
tJuzNDFQgsecnPl77RFKwKBJEuw8g8h_
via
1.1 d5cf9e2604452e6d04db24c2381f245d.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
content-type
image/svg+xml
x-amz-cf-id
NFxchKPbPMDdUKI-scBKbbMBWaRc9mNXxV5VxVZinFSp4azBIMlWXQ==
shopping-cart.png
cdn02.plentymarkets.com/mrt54q44tptl/frontend/ 		417 B
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn02.plentymarkets.com/mrt54q44tptl/frontend/shopping-cart.png
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-53.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3322d34e84d3827dc942b20698f825e460f2cb09a03f2b9e4c3f26342240ad1

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 06:11:35 GMT
via
1.1 d5cf9e2604452e6d04db24c2381f245d.cloudfront.net (CloudFront)
age
129205
x-amz-meta-width
20
x-cache
Hit from cloudfront
x-amz-meta-height
16
content-length
417
last-modified
Mon, 07 Jan 2019 11:22:01 GMT
server
AmazonS3
etag
"99da1241726135979217c06609326dc0"
x-amz-version-id
NJIP47K1teolJk11YcyWRyF8wEu4K.dS
cache-control
max-age=172800
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
hw_fqLn7W2p8S_oKQHBo9qKe67ty8YtAJeboP0OaTPlrLUp_iirFGg==
expires
Wed, 09 Jan 2019 11:22:00 GMT
formload.php
gonser-services.ch/toner/ 		625 B
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gonser-services.ch/toner/formload.php?callback=jQuery3510003433481240123104_1627322699357&fn_load=start&lang=de&_=1627322699358
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/ceres-client.min.js?v=5ea76d5abc97827a6f375d05590434287fd54c14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:ab20:0:203::52 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
Software
/
Resource Hash
311207503f25950d9a29e5c41598611f3b873bba2c758e377a46d19f685e37f2

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-type
access-control-allow-methods: get
js
www.google-analytics.com/gtm/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-WJQNM97&t=gtm14&cid=2104288832.1627322700&aip=true
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2af505d99554bee3bbfe9ebf71be261d559ec6bf2bbbae45627d4319d3885a4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38708
x-xss-protection
0
expires
Mon, 26 Jul 2021 18:04:59 GMT
1844237665864323
connect.facebook.net/signals/config/ 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1844237665864323?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83468bb226c56ef89a563ae2f82aa6a1fda6df138f29f6b75d96b625314449bc
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75633
x-xss-protection
0
pragma
public
x-fb-debug
OaeHaEpSeSSP755pBVuIBKdfvxLug20IZV3cw0xYtvMe7PlmOPSHN5lieUy8p4a8X9EowBacL+lxvqxXitlCNw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 26 Jul 2021 18:04:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
5475401.js
bat.bing.com/p/action/ 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5475401.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Jul 2021 18:04:59 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: 8CB7A5A74C804B75AD6471A19D6BAA32 Ref B: FRAEDGE1407 Ref C: 2021-07-26T18:04:59Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5475401&tm=gtm001&Ver=2&mid=21a64fe2-4393-4a78-87d7-4f5137b9393a&sid=fe0687d0ee3b11eb931531ea3f3d1cf1&vid=fe06c250ee3b11eb8bef533427b36760&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Online%20Shop%20Gonser%20-%20Sicher%20%26%20G%C3%BCnstig%20einkaufen&p=https%3A%2F%2Fwww.gonser.ch%2F&r=&lt=737&evt=pageLoad&msclkid=N&sv=1&rn=385674
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 26 Jul 2021 18:04:59 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 91C71CE7B0324C178AE0A154FE56F192 Ref B: FRAEDGE1407 Ref C: 2021-07-26T18:04:59Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.89cd5bf4.js
s.pinimg.com/ct/lib/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28f::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-encoding
gzip
x-cdn
akamai
etag
"6deee3ea7ecc4a5d9687c1bd57018c16"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
x-fallback
26bbb66b-2.16.186.126
accept-ranges
bytes
content-length
17418
access-control-expose-headers
X-CDN
ceres-client-13.min.js
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/chunks/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/chunks/ceres-client-13.min.js
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/ceres-client.min.js?v=5ea76d5abc97827a6f375d05590434287fd54c14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e73650214d93916d52f4bf2bcff3459dcd9970aa3509f594e7a5c7f88d22728e

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 01:20:01 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 07:07:51 GMT
server
AmazonS3
age
60299
etag
W/"825110d1d140539ed222287eb881470e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
PwaZryOqLojDFLQxG_1Bjy3LBEe32O2o
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
w8bnvKLWRmO6xFaBYvPBrfyNiWeXPkLxGzECcr63_-M9tynH8f_AcQ==
expires
Fri, 23 Jul 2021 07:07:50 GMT
ceres-client-17.min.js
cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/chunks/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/chunks/ceres-client-17.min.js
Requested by
Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/80/ceres/js/dist/ceres-client.min.js?v=5ea76d5abc97827a6f375d05590434287fd54c14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff36b2633a5ce23554fd118695792abdd092fa80b1b6099e72685af263f8c2e9

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 21:20:26 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 07:07:51 GMT
server
AmazonS3
age
74674
etag
W/"564af2d62f1bd1edcdc8a6cbfa92dbae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
jRBOUFTnwHeot8IbogAsq8EIjpXsBRd1
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50-C1
content-type
text/javascript
x-amz-cf-id
yCMn7Hw7UVJf2Cf2nPZE48_3A7S5563rq-shhCBlWc5Z_q_myXLXbg==
expires
Fri, 23 Jul 2021 07:07:50 GMT
main.js
cdn.findologic.com/static/7E9A9379AE7E32EF16125378F75D8CFF/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.findologic.com/static/7E9A9379AE7E32EF16125378F75D8CFF/main.js?usergrouphash=
Requested by
Host: cdn.findologic.com
URL: https://cdn.findologic.com/static/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2f4d50f618f6f5032092dd26b657cf38ed1319a37ebea8d4bd89670ab144f891

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 26 Jul 2021 18:05:00 GMT
content-encoding
br
x-77-nzt-ray
R45LE6mDNPc=
x-77-cache
HIT
x-cache
REVALIDATED
x-age
30
x-77-nzt
Abk73BCwLgrOHgAAAA==
x-accel-expires
@1627322701
last-modified
Mon, 26 Jul 2021 07:25:04 GMT
server
CDN77-Turbo
etag
W/"60fe6350-46e2"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1
expires
Mon, 26 Jul 2021 07:48:24 GMT
Teaserbox_Klimaanlagen_07-21.jpg
cdn10.plentymarkets.com/mrt54q44tptl/frontend/startseite/teaser/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/frontend/startseite/teaser/Teaserbox_Klimaanlagen_07-21.jpg
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1175e1d344211f15df50d1392fe3fb77fe0c1f1c7918c0b562351246285bd09

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 23:42:14 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
age
152566
x-amz-meta-width
600
x-cache
Hit from cloudfront
x-amz-meta-height
454
content-length
86365
last-modified
Mon, 12 Jul 2021 13:53:08 GMT
server
AmazonS3
etag
"51f149dadbb64f16d02a1d67e4fe898f"
x-amz-version-id
sb8mh286TYsuglEBIe0dGB_gmwCj_jvU
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
WqZuPrF7mskXpOr-Y55cPKJn5IXThJCgzXiCHvX3jCk4vk_9xLnNoA==
expires
Wed, 14 Jul 2021 13:53:07 GMT
Teaserbox_SUP_07-21_neu.jpg
cdn10.plentymarkets.com/mrt54q44tptl/frontend/startseite/teaser/ 		139 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/frontend/startseite/teaser/Teaserbox_SUP_07-21_neu.jpg
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0847df41f07f2cc3992577c0fa76baa5cc0be7316d6540aced66bbf63b7b3e0a

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 19:38:31 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
age
167189
x-amz-meta-width
600
x-cache
Hit from cloudfront
x-amz-meta-height
454
content-length
142755
last-modified
Fri, 16 Jul 2021 15:19:05 GMT
server
AmazonS3
etag
"65ef42c49c9aa3f0cc26178e7b8ce6d0"
x-amz-version-id
nNID77E9zNbHAcy37ebkSJlkiaHm8hXH
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
-zHmlmfcUMjMry40HPDYHIHNxW1NrvPVHseuhFz17cEYbPckhIUYXw==
expires
Sun, 18 Jul 2021 15:19:04 GMT
Teaserbox_Motorradhelme_07-21.jpg
cdn10.plentymarkets.com/mrt54q44tptl/frontend/startseite/teaser/ 		143 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/frontend/startseite/teaser/Teaserbox_Motorradhelme_07-21.jpg
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d734b64f83e6cc934b1a59d783cdded2734963880cebfbd9f510bae7bb33ebb

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 16:33:28 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
age
91892
x-amz-meta-width
600
x-cache
Hit from cloudfront
x-amz-meta-height
454
content-length
146729
last-modified
Fri, 09 Jul 2021 08:39:26 GMT
server
AmazonS3
etag
"5a7734ee25ea5357b60c5486ba08cade"
x-amz-version-id
5NyDcWzggspgMIXf4XR3jeoH6djD1nKy
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
hlSAm3H_NsEDbLJypfNdcpVhNYnpcgryecGMsvZFohkU7Qbml2bw7A==
expires
Sun, 11 Jul 2021 08:39:25 GMT
Startseite_Pools_07-21_DE_Web.jpg
cdn10.plentymarkets.com/mrt54q44tptl/frontend/startseite/slideshow_2020/ 		717 KB
719 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/frontend/startseite/slideshow_2020/Startseite_Pools_07-21_DE_Web.jpg
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8c8b71831ef653a26b9d653c14cadd189914d0bf74f880b2ab478261b8ed8d1

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 08:17:26 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
age
35254
x-amz-meta-width
1170
x-cache
Hit from cloudfront
x-amz-meta-height
454
content-length
734675
last-modified
Fri, 09 Jul 2021 08:46:51 GMT
server
AmazonS3
etag
"0a8615f52eb11bc36a19620db9e03b2a"
x-amz-version-id
wcxoI3LJoZRs7Tvbvh1JPoRLBe7EgHz2
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
qJCxj9n3j3fR6rE5XfGZ_09dNnSn4s9D1GuIkRbNxshcDtdhc2md1Q==
expires
Sun, 11 Jul 2021 08:46:50 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1844237665864323&ev=PageView&dl=https%3A%2F%2Fwww.gonser.ch%2F&rl=&if=false&ts=1627322699939&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1627322699938.152204535&it=1627322699721&coo=false&rqm=GET
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:04:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 26 Jul 2021 18:04:59 GMT
/
ct.pinterest.com/user/ 		316 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2614380707681&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1627322699952
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d48338735df35a1809a90ce6b18aa24ec4aed6b06ed9632a42ce7fd662910334

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
content-encoding
gzip
referrer-policy
origin
x-cdn
fastly
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.gonser.ch
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
pin-unauth
dWlkPU5XTTFZbVl6TVRVdFkyRmtZeTAwTkRjMkxUaGlZV010TXpGalpURTNNVEptTmpsbQ
x-pinterest-rid
1377685148892322
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
content-length
296
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2614380707681&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.gonser.ch%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2289cd5bf4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1627322699953
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
x-pinterest-rid
8208150098964247
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_category%22%3A%22%22%7D%5D%7D&tid=2614380707681&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.gonser.ch%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2289cd5bf4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1627322699954
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
7
x-pinterest-rid
1212884421987990
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 17:37:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1627
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Mon, 26 Jul 2021 18:37:52 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-39673853-1&cid=2104288832.1627322700&jid=1953815819&gjid=391978196&_gid=494128201.1627322700&_u=aGDAgEALQAAAAE~&z=1496911987
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 26 Jul 2021 18:05:00 GMT
content-type
text/plain
access-control-allow-origin
https://www.gonser.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&aip=1&a=1135557447&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gonser.ch%2F&ul=en-us&de=UTF-8&dt=Online%20Shop%20Gonser%20-%20Sicher%20%26%20G%C3%BCnstig%20einkaufen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEALQ~&jid=1953815819&gjid=391978196&cid=2104288832.1627322700&tid=UA-39673853-1&_gid=494128201.1627322700&gtm=2wg7l1TP425ZH&z=1905089381
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 06:12:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
42733
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-39673853-1&cid=2104288832.1627322700&jid=1953815819&_u=aGDAgEALQAAAAE~&z=1421001525
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-39673853-1&cid=2104288832.1627322700&jid=1953815819&_u=aGDAgEALQAAAAE~&z=1421001525
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/md/ 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/md/
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.80.84 Marseille, France, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
referrer-policy
origin
x-cdn
fastly
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
0
x-pinterest-rid
6380629721679038
expires
Sat, 01 Jan 2000 00:00:00 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.gonser.ch
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 22:08:26 GMT
x-content-type-options
nosniff
age
590194
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:26 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 22:08:26 GMT
utils.js
static.newsletter2go.com/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.newsletter2go.com/utils.js
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.243.111.209 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
bouncer.newsletter2go.com
Software
nginx /
Resource Hash
f6bc8489b1db408b87e08d302f51c012dc6dca9e28b8fc7cb3403409eb446baf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Jul 2021 18:05:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding, Accept-Encoding
X-Fpm
default
Content-Type
application/javascript
X-Upstream
195.201.106.121:8207
Cache-Control
no-cache
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
X-XSS-Protection
1
lila.php
www.lacmp.net/ 		17 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.lacmp.net/lila.php?id=86MBShZOurqCGUFLLv5I&url=https%3A%2F%2Fwww.gonser.ch%2F&frameit=1&module=Profiling&event=PageView
Requested by
Host: tc.connects.ch
URL: https://tc.connects.ch/lila.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),
Reverse DNS
Software
nginx /
Resource Hash
543c163590faac5decdcea589bdce5c1c2b55162b91a3059ab0f9a4e802381ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Jul 2021 18:05:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
Velo-Mountainbike-MTB-fully-V-MTB-22-27--5-.jpg
cdn10.plentymarkets.com/mrt54q44tptl/item/images/12976/middle/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/item/images/12976/middle/Velo-Mountainbike-MTB-fully-V-MTB-22-27--5-.jpg
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
477b418ec8b0fc02ae467be4407df9ddd550e9e627eb8d2f6b64fad5872e7401

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 May 2021 13:17:28 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
age
5201252
x-amz-meta-width
450
x-cache
Hit from cloudfront
x-amz-meta-height
257
x-amz-meta-size
24075
content-length
24075
last-modified
Tue, 20 Apr 2021 01:35:25 GMT
server
AmazonS3
x-amz-meta-dirversion
4e8cfbb32f5e1eaea369902661c1ca1d1f0d3601
etag
"e626845efe6d895e48deda0c2f4edcc6"
x-amz-version-id
t5k3tLJduVQzff_ZNmtk9ROfRe0EjqyQ
cache-control
max-age=10368000
x-amz-cf-pop
FRA50-C1
content-type
image/jpeg
x-amz-meta-md5hash
e626845efe6d895e48deda0c2f4edcc6
x-amz-cf-id
JAk6Hn9cgvebQS6fndl6snxNirZozJmeq2hvmycX1uN3ezic0CIjxg==
Stand-Up-Paddle-SUP-Board-AQUA-320-cm--2--opt.jpg
cdn10.plentymarkets.com/mrt54q44tptl/item/images/12363/middle/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/item/images/12363/middle/Stand-Up-Paddle-SUP-Board-AQUA-320-cm--2--opt.jpg
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02434bfc0c6d0d266fe499523bc9d46415d75c9df3eb5c9787c1bb36e82105a4

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 00:47:44 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
age
8443037
x-amz-meta-width
326
x-cache
Hit from cloudfront
x-amz-meta-height
370
x-amz-meta-size
18792
content-length
18792
last-modified
Tue, 20 Apr 2021 00:19:30 GMT
server
AmazonS3
x-amz-meta-dirversion
4e8cfbb32f5e1eaea369902661c1ca1d1f0d3601
etag
"96aa054a2b783f9ff2fdb46a86154cf8"
x-amz-version-id
oo4lFE.u4Utbi52zC69vguHnjaS9MoLg
cache-control
max-age=10368000
x-amz-cf-pop
FRA50-C1
content-type
image/jpeg
x-amz-meta-md5hash
96aa054a2b783f9ff2fdb46a86154cf8
x-amz-cf-id
ypfjVK2yIBqa5O7AZvfJYmQ8ohK0QdxhOigOqdY6INRCaLUjZOKhLQ==
Gasgrill-BBQ-Grill-SIRIUS-4-1-Brenner--1-.jpg
cdn10.plentymarkets.com/mrt54q44tptl/item/images/11908/middle/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/item/images/11908/middle/Gasgrill-BBQ-Grill-SIRIUS-4-1-Brenner--1-.jpg
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37df6293d01948cb2fa1bc1de541ade389840163193b10e8c4393d71471a382c

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 00:33:31 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
age
8443890
x-amz-meta-width
392
x-cache
Hit from cloudfront
x-amz-meta-height
370
x-amz-meta-size
12405
content-length
12405
last-modified
Tue, 20 Apr 2021 00:19:21 GMT
server
AmazonS3
x-amz-meta-dirversion
4e8cfbb32f5e1eaea369902661c1ca1d1f0d3601
etag
"6132df44445cc16a0355771ab95b8289"
x-amz-version-id
flJUgmiXIwcDzxfPWp1z3tmHPC9NiOpH
cache-control
max-age=10368000
x-amz-cf-pop
FRA50-C1
content-type
image/jpeg
x-amz-meta-md5hash
6132df44445cc16a0355771ab95b8289
x-amz-cf-id
G1I-iz4wRy5Meza_qyKoRKrOwqudXOZlvxdGiyesxy0YjJ3FPKVweA==
Lounge-LILIANA-beige--9-.jpg
cdn10.plentymarkets.com/mrt54q44tptl/item/images/8881/middle/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/item/images/8881/middle/Lounge-LILIANA-beige--9-.jpg
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c05af5c304e7ce0aa3bc69d6371b73980cbf7877bfc416043eddbe97b08834f1

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Jun 2021 10:07:24 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
age
3398257
x-amz-meta-width
450
x-cache
Hit from cloudfront
x-amz-meta-height
295
x-amz-meta-size
24428
content-length
24428
last-modified
Thu, 17 Jun 2021 09:56:34 GMT
server
AmazonS3
x-amz-meta-dirversion
4e8cfbb32f5e1eaea369902661c1ca1d1f0d3601
etag
"d4a3303f7efe4aac707acabff210e154"
x-amz-version-id
HTcIVRClRT2lTEDgMKWdMublaXjB3BME
cache-control
max-age=10368000
x-amz-cf-pop
FRA50-C1
content-type
image/jpeg
x-amz-meta-md5hash
d4a3303f7efe4aac707acabff210e154
x-amz-cf-id
vyslUJjozCQz4hur3j0jS5MKsqzXIdi53SocQ2PVn25NE9N3mKbxqQ==
Palettenkissen-Moebel-Polster-Paletten-schwarz-opt--3-.jpg
cdn10.plentymarkets.com/mrt54q44tptl/item/images/8857/middle/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/item/images/8857/middle/Palettenkissen-Moebel-Polster-Paletten-schwarz-opt--3-.jpg
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
862edeac488ac7152f749e851bb3f33249fbd01eb8d35a1994eb0a6cad069a33

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 00:15:53 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
age
8444948
x-amz-meta-width
450
x-cache
Hit from cloudfront
x-amz-meta-height
300
x-amz-meta-size
24641
content-length
24641
last-modified
Tue, 20 Apr 2021 00:15:24 GMT
server
AmazonS3
x-amz-meta-dirversion
4e8cfbb32f5e1eaea369902661c1ca1d1f0d3601
etag
"7144cf3509c76607a0d00bb3182e59f7"
x-amz-version-id
8ZN4dzBli.C.buGgVVRyrN5HzC1yYOrx
cache-control
max-age=10368000
x-amz-cf-pop
FRA50-C1
content-type
image/jpeg
x-amz-meta-md5hash
7144cf3509c76607a0d00bb3182e59f7
x-amz-cf-id
ZyTdoSJZ6OEzVGH_t8EhbMNW7Gkyp4ues9WWVZgDnby5rLT_WZn4ew==
1032-PB262797.png
cdn10.plentymarkets.com/mrt54q44tptl/item/images/1032/middle/ 		148 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn10.plentymarkets.com/mrt54q44tptl/item/images/1032/middle/1032-PB262797.png
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-113.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2333f1fd0ef8f2624ec4419ec61a683829eb3cabc10782ae6e9212716c96ca3d

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 29 Apr 2021 13:40:08 GMT
via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
age
7619093
x-amz-meta-width
450
x-cache
Hit from cloudfront
x-amz-meta-height
310
x-amz-meta-size
151639
content-length
151639
last-modified
Tue, 20 Apr 2021 00:21:39 GMT
server
AmazonS3
x-amz-meta-dirversion
4e8cfbb32f5e1eaea369902661c1ca1d1f0d3601
etag
"7897eb34916536e50bfd2521e37126e3"
x-amz-version-id
KUr6kIvIm1P6XrAIe3Urqmt8eaILQAu5
cache-control
max-age=10368000
x-amz-cf-pop
FRA50-C1
content-type
image/png
x-amz-meta-md5hash
7897eb34916536e50bfd2521e37126e3
x-amz-cf-id
A6uwokw44eyws0sLkVIt7F6Kp_LsuORp1heXrEkjF3BylsHPfrG0TQ==
Cookie set retarget
ad.ad-srv.net/ Frame E08C
Redirect Chain
  • https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=
  • https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1
Requested by
Host: rcapitalone.com
URL: http://rcapitalone.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
9c5e1753a099d9ab1b517faa69d4e8aa6d6d35dee6bcb952aa7101b45ef3ae0b

Request headers

Host
ad.ad-srv.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gonser.ch/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
kdb0xdq3ls8m_uid=238b97f0ffe7ddf7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gonser.ch/

Response headers

Date
Mon, 26 Jul 2021 18:05:00 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie
kdb0xdq3ls8m_uid=238b97f0ffe7ddf7; expires=Sun, 24-Oct-2021 18:05:00 GMT; Max-Age=7776000; path=/; domain=.ad-srv.net; secure; SameSite=None
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
559
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 26 Jul 2021 18:05:00 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie
kdb0xdq3ls8m_uid=238b97f0ffe7ddf7; expires=Sun, 24-Oct-2021 18:05:00 GMT; Max-Age=7776000; path=/; domain=.ad-srv.net; secure; SameSite=None
Location
?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
trackpoint-async.js
s2.adform.net/banners/scripts/st/ Frame EA6C
Redirect Chain
  • https://track.adform.net/serving/scripts/trackpoint/async/
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5addb050e7fe474684bcb62d5bc8717ab681735dce2d2539631a08d570cf81a5

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:05:00 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 07:34:37 GMT
server
nginx
etag
W/"60a21c8d-13e2b"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

location
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date
Mon, 26 Jul 2021 18:05:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
Cookie set retarget
hal9000.redintelligence.net/ Frame A1D0
Redirect Chain
  • https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=
  • https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1
Requested by
Host: rcapitalone.com
URL: http://rcapitalone.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
48a9635c90c2e857397074cc488f2ed173ea7b0084a32f827c3cabee958b8e88

Request headers

Host
hal9000.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.gonser.ch/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=a76a1c3549303838
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gonser.ch/

Response headers

Date
Mon, 26 Jul 2021 18:05:00 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie
8lcfmzhxc8d6_uid=a76a1c3549303838; expires=Sun, 24-Oct-2021 18:05:00 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
761
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 26 Jul 2021 18:05:00 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie
8lcfmzhxc8d6_uid=a76a1c3549303838; expires=Sun, 24-Oct-2021 18:05:00 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location
?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
xuxyim2w.js
ad4m.at/ Frame EA6C 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/xuxyim2w.js
Requested by
Host: rcapitalone.com
URL: http://rcapitalone.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6dabeb68d970ecdbe351596ba602370f72def0eed40e9c51dd6a37b38369954

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=m6N41w==, md5=D/q5q0YjJSWkKdrJCtN7+A==
date
Mon, 26 Jul 2021 18:05:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
21125
x-guploader-uploadid
ABg5-UykmB_5jvW5uwdROyjsbSCSzkixpoNcCPiduF3Pr5_MBwYEBdIBd2HvyjCE3FtaLlh31hIiQdd8O5IQW4fXiL8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 14 Jun 2021 12:09:41 GMT
server
cloudflare
etag
W/"0ffab9ab46232525a429dac90ad37bf8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFITHhybIJ4bTTYvN1nA9%2BQ0rT%2BCs2si%2FqPPYEHKKUqx1XcYb51yGIyCOTV12M45ByqaqOfQDgax7rFRKUOwrHTNVFC3K%2F4gf88yJnmRWi00nx97dmxCUZ3OiCa5kwNZc%2F3bXrc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623672581538669
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
12586
cf-ray
674f8dbc7e1a4e67-FRA
expires
Mon, 26 Jul 2021 12:12:55 GMT
pixie.js
acdn.adnxs.com/dmp/up/ Frame EA6C 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 18:05:00 GMT
Content-Encoding
gzip
Age
48376
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga13621-LGA, cache-fra19120-FRA
Access-Control-Allow-Origin
*
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.13.10
X-Timer
S1627322700.376086,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 10 Jun 2021 04:37:09 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 10544
frame.html
ad4m.at/ Frame 659A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/xuxyim2w.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.gonser.ch/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.gonser.ch/

Response headers

date
Mon, 26 Jul 2021 18:05:00 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Mon, 26 Jul 2021 19:05:00 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
162542
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5yeo%2F5HUmISUb8ehOyk6gTWwg36RKXIrjJcD%2FB%2FhkULCmu47cJfBkeYDBlCT%2BDSWREiujlVQRjCB%2FOMfRf1tEuCRXbn8%2Fh4mFtTXlcdJqKBHK0auDywMdK4XHc03C6GscNIQ54s%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
674f8dbd0fec4e67-FRA
content-encoding
br
/
adservice.google.de/ddm/fls/p/gdpr=0;dc_pre=CMzu-bupgfICFZaLsgodAmQGHw;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1;~oref=https://www.gonser.ch/ Frame EA6C
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1?
  • https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CMzu-bupgfICFZaLsgodAmQGHw;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1?
  • https://adservice.google.com/ddm/fls/p/gdpr=0;dc_pre=CMzu-bupgfICFZaLsgodAmQGHw;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1;~oref=https://www.gonser.ch/
  • https://adservice.google.de/ddm/fls/p/gdpr=0;dc_pre=CMzu-bupgfICFZaLsgodAmQGHw;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1;~oref=https://www.gonser.ch/
42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.de/ddm/fls/p/gdpr=0;dc_pre=CMzu-bupgfICFZaLsgodAmQGHw;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1;~oref=https://www.gonser.ch/
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://adservice.google.de/ddm/fls/p/gdpr=0;dc_pre=CMzu-bupgfICFZaLsgodAmQGHw;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1;~oref=https://www.gonser.ch/
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adservice.google.de/ddm/fls/p/gdpr=0;dc_pre=CKX0-bupgfICFRD_sgodVlQPLg;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=h... Frame EA6C
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
  • https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CKX0-bupgfICFRD_sgodVlQPLg;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
  • https://adservice.google.com/ddm/fls/p/gdpr=0;dc_pre=CKX0-bupgfICFRD_sgodVlQPLg;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=...
  • https://adservice.google.de/ddm/fls/p/gdpr=0;dc_pre=CKX0-bupgfICFRD_sgodVlQPLg;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1...
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.de/ddm/fls/p/gdpr=0;dc_pre=CKX0-bupgfICFRD_sgodVlQPLg;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.gonser.ch/
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://adservice.google.de/ddm/fls/p/gdpr=0;dc_pre=CKX0-bupgfICFRD_sgodVlQPLg;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.gonser.ch/
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adservice.google.de/ddm/fls/p/gdpr=0;dc_pre=CMXz-bupgfICFY2LsgodjfENNQ;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=h... Frame EA6C
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
  • https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CMXz-bupgfICFY2LsgodjfENNQ;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
  • https://adservice.google.com/ddm/fls/p/gdpr=0;dc_pre=CMXz-bupgfICFY2LsgodjfENNQ;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=...
  • https://adservice.google.de/ddm/fls/p/gdpr=0;dc_pre=CMXz-bupgfICFY2LsgodjfENNQ;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1...
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.de/ddm/fls/p/gdpr=0;dc_pre=CMXz-bupgfICFY2LsgodjfENNQ;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.gonser.ch/
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://adservice.google.de/ddm/fls/p/gdpr=0;dc_pre=CMXz-bupgfICFY2LsgodjfENNQ;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.gonser.ch/
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
secure.adnxs.com/ Frame EA6C
Redirect Chain
  • https://r.adserver01.de/rt/perf_ch.php?gdpr=0&gdpr_consent=
  • https://secure.adnxs.com/seg?add=19751009&t=2
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19751009%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19751009%26t%3D2
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Jul 2021 18:05:00 GMT
X-Proxy-Origin
195.216.219.110; 195.216.219.110; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d96038de-d850-41a2-8b11-dc03d53a581a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Jul 2021 18:05:00 GMT
X-Proxy-Origin
195.216.219.110; 195.216.219.110; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
971b0313-f59e-443c-bda0-c5b9195c6a69
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D19751009%26t%3D2
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1x1.gif
imagesrv.adition.com/ Frame EA6C
Redirect Chain
  • https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_RetargetingPixel]=ASRET2
  • https://imagesrv.adition.com/1x1.gif
68 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagesrv.adition.com/1x1.gif
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
imagesrv.adition.com
Software
/
Resource Hash
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 26 Jul 2021 18:05:00 GMT
last-modified
Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges
bytes
etag
"3122740758"
content-length
68
content-type
image/gif

Redirect headers

location
https://imagesrv.adition.com/1x1.gif
date
Mon, 26 Jul 2021 20:05:00 +0200
server
ADITIONSERVER v1.0
access-control-allow-origin
*
content-type
text/plain
p3p
policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
bh.gif
saxp.zedo.com/img/ Frame EA6C
Redirect Chain
  • https://secure.converto.com/img/bh.gif?n=3365&g=20&a=443&s=1&l=1&t=i&f=1
  • https://saxp.zedo.com/img/bh.gif?n=3365&g=20&a=443&s=1&l=1&t=i&f=1
43 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://saxp.zedo.com/img/bh.gif?n=3365&g=20&a=443&s=1&l=1&t=i&f=1
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.151.126.25 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-151-126-25.us-west-1.compute.amazonaws.com
Software
Zedo4G /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 18:05:01 GMT
Server
Zedo4G
Vary
Accept-Encoding
P3P
CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
transfer-encoding
chunked
Connection
keep-alive
Content-Type
image/gif
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://saxp.zedo.com/img/bh.gif?n=3365&g=20&a=443&s=1&l=1&t=i&f=1
Date
Mon, 26 Jul 2021 18:05:30 GMT
Server
Apache
Connection
keep-alive
Content-Length
274
Content-Type
text/html; charset=iso-8859-1
pixie
ib.adnxs.com/ Frame EA6C 		42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=LandingPage&pi=723d7929-7096-474f-8687-5dbfeca03f13&it=1627322700388&v=0.0.20&u=https%3A%2F%2Fwww.gonser.ch%2F&st=1627322700387&et=1627322700388&if=1
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 18:05:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.17.9
Connection
keep-alive
X-Proxy-Origin
195.216.219.110; 195.216.219.110; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
Content-Length
42
Content-Type
image/gif
js
pixel.mathtag.com/event/ Frame A1D0 		597 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1472281&mt_adid=236480&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3810 5cb7d7e master zrh-pixel-x31 /
Resource Hash
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer
https://hal9000.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 18:05:00 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
597
Expires
Mon, 26 Jul 2021 18:04:59 GMT
trackpoint-async.js
s2.adform.net/banners/scripts/st/ Frame A1D0
Redirect Chain
  • https://track.adform.net/serving/scripts/trackpoint/async/
  • https://s2.adform.net/banners/scripts/st/trackpoint-async.js
80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5addb050e7fe474684bcb62d5bc8717ab681735dce2d2539631a08d570cf81a5

Request headers

Referer
https://hal9000.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:05:00 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 07:34:37 GMT
server
nginx
etag
W/"60a21c8d-13e2b"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript

Redirect headers

location
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date
Mon, 26 Jul 2021 18:05:00 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/html
activityi;dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023
5994599.fls.doubleclick.net/ Frame F050
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023?
503 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023?
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
c5f61b484643b50b49f299442c1a65a384f2e584dd6818c25340a1ababfd65f4
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5994599.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hal9000.redintelligence.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://hal9000.redintelligence.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 26 Jul 2021 18:05:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
387
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 26-Jul-2021 18:20:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 26 Jul 2021 18:05:00 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
insight.adsrvr.org/track/pxl/ Frame E08C 		70 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=4m1sxse&ct=0:neqwpmy&fmt=4&gdpr=0&gdpr_consent=
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.127.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-127-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
bounce
secure.adnxs.com/ Frame E08C
Redirect Chain
  • https://secure.adnxs.com/seg?add=24823586&t=2&gdpr=0&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24823586%26t%3D2%26gdpr%3D0%26gdpr_consent%3D
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24823586%26t%3D2%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Jul 2021 18:05:00 GMT
X-Proxy-Origin
195.216.219.110; 195.216.219.110; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a95c2f4f-61e1-4b59-b2eb-a6e00d2a1e8f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Jul 2021 18:05:00 GMT
X-Proxy-Origin
195.216.219.110; 195.216.219.110; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
27fdff45-2cc5-40c8-8348-188122f0b715
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24823586%26t%3D2%26gdpr%3D0%26gdpr_consent%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rt.php
www.usemax.de/ Frame E08C 		232 B
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.usemax.de/rt.php?campaign_id=49594&place=&product_id=&category_id=&tp=1&gdpr=0&gdpr_consent=
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.48.120.130 Lübeck, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Resource Hash
67ae1d33ad18ced3dfe2a12dce0e5a8b176196832c1b3462f803e00219547de4

Request headers

Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 18:05:00 GMT
Content-Encoding
gzip
Server
Apache/2.4.25 (Debian)
X-Powered-By
PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Vary
Accept-Encoding
P3P
CP="NOI DEVa TAIa OUR BUS UNI"
Connection
Keep-Alive
Content-Type
application/javascript
Keep-Alive
timeout=3, max=70
Content-Length
197
activityi;dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209217099.041
4780959.fls.doubleclick.net/ Frame A7A6
Redirect Chain
  • https://4780959.fls.doubleclick.net/activityi;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209217099.041?
  • https://4780959.fls.doubleclick.net/activityi;dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_cons...
521 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4780959.fls.doubleclick.net/activityi;dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209217099.041?
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
cafe /
Resource Hash
16cc49f81df79c07e6363e69994df3e0890339961e46cba5bdb560debf0805da
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4780959.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209217099.041?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad.ad-srv.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad.ad-srv.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 26 Jul 2021 18:05:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
399
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 26-Jul-2021 18:20:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 26 Jul 2021 18:05:00 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://4780959.fls.doubleclick.net/activityi;dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209217099.041?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1844237665864323&ev=Microdata&dl=https%3A%2F%2Fwww.gonser.ch%2F&rl=&if=false&ts=1627322700442&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Online%20Shop%20Gonser%20-%20Sicher%20%26%20G%C3%BCnstig%20einkaufen%22%2C%22meta%3Adescription%22%3A%22Grosse%20Auswahl%20an%20Velos%2C%20Haushaltsbedarf%20%26amp%3B%20vieles%20mehr.%20%C3%9Cber%20500%26%23039%3B000%20zufriedene%20Kunden.%20Gratis%20Versand%20%26amp%3B%20Tiefstpreisgarantie.%20Jetzt%20vorbeischauen!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Online%20Shop%20Gonser%20-%20Sicher%20%26%20G%C3%BCnstig%20einkaufen%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.gonser.ch%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn10.plentymarkets.com%2Fmrt54q44tptl%2Fplugin%2F80%2Fceres%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwww.gonser.ch%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.gonser.ch%2Fsearch%2F%3Fquery%3D%7Bsearch_term%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1627322699938.152204535&it=1627322699721&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Jul 2021 18:05:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Mon, 26 Jul 2021 18:05:00 GMT
img
pixel.mathtag.com/misc/ Frame A1D0 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3810 5cb7d7e master zrh-pixel-x25 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://hal9000.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 18:05:00 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 2021 18:04:59 GMT
/
track.adform.net/Serving/TrackPoint/ Frame EA6C
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=1966228&ADFPageName=Home&ADFdivider=%7C&ord=779282954390&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.gonser.ch%2F
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1966228&ADFPageName=Home&ADFdivider=%7C&ord=779282954390&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.gonser.ch%2F
104 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1966228&ADFPageName=Home&ADFdivider=%7C&ord=779282954390&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.gonser.ch%2F
Requested by
Host: www.gonser.ch
URL: https://www.gonser.ch/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fc1228b3caba9cc6d5a2169399a3d14838abc607f24b3d07f5ed080b60a62ac4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.gonser.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
179
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
server
nginx
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1966228&ADFPageName=Home&ADFdivider=%7C&ord=779282954390&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.gonser.ch%2F
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
/
track.adform.net/Serving/TrackPoint/ Frame A1D0
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=157940794073&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.gonser.ch%2F&ADFtpmode...
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=157940794073&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.gonser.ch%2F&ADFt...
111 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=157940794073&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.gonser.ch%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D11571%26version%3D1%26gdpr%3D0%26gdpr_consent%3D%26redirected%3D1
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal9000.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
186
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
server
nginx
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=157940794073&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.gonser.ch%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D11571%26version%3D1%26gdpr%3D0%26gdpr_consent%3D%26redirected%3D1
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
Cookie set rt.php
www.usemaxserver.de/ Frame 5ADE 		0
564 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.usemaxserver.de/rt.php?ext_i=1861786487&ext_domain=1
Requested by
Host: www.usemax.de
URL: https://www.usemax.de/rt.php?campaign_id=49594&place=&product_id=&category_id=&tp=1&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.48.120.130 Lübeck, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS
Software
Apache/2.4.25 (Debian) / PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
www.usemaxserver.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ad.ad-srv.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad.ad-srv.net/

Response headers

Date
Mon, 26 Jul 2021 18:05:00 GMT
Server
Apache/2.4.25 (Debian)
X-Powered-By
PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
P3P
CP="NOI DEVa TAIa OUR BUS UNI"
Set-Cookie
um_rt=1861786487; expires=Tue, 26-Jul-2022 18:05:00 GMT; Max-Age=31536000; path=/; SameSite=None; domain=usemaxserver.de; secure ident_v=1; expires=Tue, 26-Jul-2022 18:05:00 GMT; Max-Age=31536000; path=/; SameSite=None; domain=usemaxserver.de; secure
Content-Length
0
Keep-Alive
timeout=3, max=70
Connection
Keep-Alive
Content-Type
text/html
src=9949552;dc_pre=CIaBgLypgfICFY2lsgodaxYDWg;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1143524561857.703
adservice.google.com/ddm/fls/z/ Frame E08C
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=9949552;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1143524561857.703?
  • https://ad.doubleclick.net/ddm/activity/src=9949552;dc_pre=CIaBgLypgfICFY2lsgodaxYDWg;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord...
  • https://adservice.google.com/ddm/fls/z/src=9949552;dc_pre=CIaBgLypgfICFY2lsgodaxYDWg;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=9949552;dc_pre=CIaBgLypgfICFY2lsgodaxYDWg;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1143524561857.703
Requested by
Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Jul 2021 18:05:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://adservice.google.com/ddm/fls/z/src=9949552;dc_pre=CIaBgLypgfICFY2lsgodaxYDWg;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1143524561857.703
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
adservice.google.com/ddm/fls/i/dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=673120... Frame BA85 		520 B
887 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209217099.041;~oref=https://ad.ad-srv.net/
Requested by
Host: 4780959.fls.doubleclick.net
URL: https://4780959.fls.doubleclick.net/activityi;dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209217099.041?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf23fa4d62bf65b155d983935c6373ce328a3d6da784bd983bbac97e5559dd2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209217099.041;~oref=https://ad.ad-srv.net/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4780959.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4780959.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 26 Jul 2021 18:05:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
397
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
adservice.google.com/ddm/fls/i/dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023;~oref=https://hal900... Frame F9EF 		502 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023;~oref=https://hal9000.redintelligence.net/
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7327a3c74583b825c8e96f5b106cf649721fc52f22c7e7da14586309ccdf36e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023;~oref=https://hal9000.redintelligence.net/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://5994599.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://5994599.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 26 Jul 2021 18:05:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
387
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
adservice.google.de/ddm/fls/i/dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209... Frame 5624 		194 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209217099.041;~oref=https://ad.ad-srv.net/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209217099.041;~oref=https://ad.ad-srv.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.de
:scheme
https
:path
/ddm/fls/i/dc_pre=CJX1-bupgfICFYom0wodlQYLTg;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=6731209217099.041;~oref=https://ad.ad-srv.net/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 26 Jul 2021 18:05:00 GMT
expires
Mon, 26 Jul 2021 18:05:00 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
/
adservice.google.de/ddm/fls/i/dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023;~oref=https://hal9000... Frame A5B4 		194 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023;~oref=https://hal9000.redintelligence.net/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023;~oref=https://hal9000.redintelligence.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.de
:scheme
https
:path
/ddm/fls/i/dc_pre=CMiG_bupgfICFY3UUQodQvoO8Q;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4908029149926.023;~oref=https://hal9000.redintelligence.net/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 26 Jul 2021 18:05:00 GMT
expires
Mon, 26 Jul 2021 18:05:00 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
img
pixel.mathtag.com/misc/ Frame A1D0 		43 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3810 5cb7d7e master cdg-pixel-x5 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://hal9000.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Jul 2021 18:05:10 GMT
Server
MT3 3810 5cb7d7e master cdg-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 2021 18:08:04 GMT

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| ConsentManager function| loadCSS object| dataLayer object| __INITIAL_STATE__ object| App object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _lea object| uetq function| pintrk function| fbq function| _fbq object| webpackJsonp function| setImmediate function| clearImmediate function| jQuery function| $ object| CeresMain object| CeresNotification function| createApp function| Vue object| Vuex object| NotificationService function| ceresTranslate object| vueEventHub object| ceresStore string| feedbackPublicPath object| webpackChunkplentymarkets_feedback object| noUiSlider function| handleSmartSuggestClick function| handleSearchQuery function| flSearchSubmitEventHandler function| flRevealContainers function| SVGInjector string| pslang undefined| onloadCallback undefined| verified function| changeItemAlert function| remain function| addImage function| changetxt function| searchFilter object| vueApp object| gaplugins object| gaGlobal object| gaData function| UET function| UET_init function| UET_push function| ready object| lea object| flRequireObject function| flRequire function| flDefine object| _this object| AWIN object| google_optimize string| Newsletter2GoTrackingObject function| n2g string| lea_param_name string| lea_cookie_name string| lea_cookie_name_pv object| lea_ca string| lea_res number| lea_type string| c undefined| expiresIn undefined| expiresInPv number| setSameSiteAttr object| browsers string| userbrowser string| useragent number| setcookie object| raw number| version object| lea_regex object| lea_results string| lea_sid undefined| secure_tracking undefined| yyyy1 undefined| mm1 undefined| dd1 undefined| hh1 undefined| ss1 undefined| msms1 undefined| clickId undefined| cookie_set_date undefined| res_klickzeit undefined| split undefined| existing_cookie_date undefined| yyyy undefined| mm undefined| dd undefined| hh undefined| ss undefined| msms undefined| actual_date undefined| lea_d undefined| runtime undefined| cookie_expires_date undefined| cookie_expires_date_instance string| lea_test undefined| tcstring function| determineAdroxAssignedParameter function| playoutPixels number| random object| leaDeleteArray object| utilToUse

10 Cookies

Domain/Path Name / Value
.gonser.ch/ Name: _pin_unauth
Value: dWlkPU5XTTFZbVl6TVRVdFkyRmtZeTAwTkRjMkxUaGlZV010TXpGalpURTNNVEptTmpsbQ
.gonser.ch/ Name: _dc_gtm_UA-39673853-1
Value: 1
.gonser.ch/ Name: _fbp
Value: fb.1.1627322699938.152204535
.gonser.ch/ Name: _uetvid
Value: fe06c250ee3b11eb8bef533427b36760
.gonser.ch/ Name: _uetsid
Value: fe0687d0ee3b11eb931531ea3f3d1cf1
.gonser.ch/ Name: plentyID
Value: eyJpdiI6Ino3YlBoejFUR0tTb0RmaURnWU9UcEE9PSIsInZhbHVlIjoiUytZYkg4aUpnTXV1dzFINGhlYWozUis5RWp0c1dFYitQNVFUVUNrUlczWnJ1SEtjZzBoWnBITHRYY1hnR0tJayIsIm1hYyI6Ijc4OGQ1OTdhYWE3MTRlNDdkN2Q3YmRhMGU0MzI2ZDU4ZDIzYzBiZWYwOWZhZThjY2E3YWExNzEzNjZkYjkzM2YifQ%3D%3D
.gonser.ch/ Name: _ga
Value: GA1.2.2104288832.1627322700
.gonser.ch/ Name: _gid
Value: GA1.2.494128201.1627322700
www.gonser.ch/ Name: showChat
Value: true
.gonser.ch/ Name: _gcl_au
Value: 1.1.1204730289.1627322699

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4780959.fls.doubleclick.net
5994599.fls.doubleclick.net
acdn.adnxs.com
ad.ad-srv.net
ad.doubleclick.net
ad11.adfarm1.adition.com
ad4m.at
adservice.google.com
adservice.google.de
bat.bing.com
cdn.findologic.com
cdn.jsdelivr.net
cdn02.plentymarkets.com
cdn10.plentymarkets.com
cdnjs.cloudflare.com
connect.facebook.net
ct.pinterest.com
fonts.googleapis.com
fonts.gstatic.com
gonser-services.ch
hal9000.redintelligence.net
ib.adnxs.com
imagesrv.adition.com
insight.adsrvr.org
pixel.mathtag.com
r.adserver01.de
rcapitalone.com
s.pinimg.com
s2.adform.net
s3-eu-west-1.amazonaws.com
saxp.zedo.com
secure.adnxs.com
secure.converto.com
static.newsletter2go.com
stats.g.doubleclick.net
tc.connects.ch
track.adform.net
v4.s.arclk.net
vipaffnetwork.com
www.dwin1.com
www.facebook.com
www.gonser.ch
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.lacmp.net
www.usemax.de
www.usemaxserver.de
13.224.111.53
136.243.111.209
142.250.186.70
143.204.98.113
144.76.104.53
151.101.13.108
18.193.33.191
184.30.20.207
185.33.220.242
199.232.80.84
212.48.120.130
212.83.50.108
216.58.212.166
217.79.188.11
23.82.12.29
2600:9000:20c8:8a00:f:8ce2:fb80:93a1
2606:4700:20::681a:ad1
2606:4700::6810:125e
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:801::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9c
2a01:ab20:0:203::52
2a02:26f0:6c00:28f::1931
2a02:6ea0:c700::10
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:3::485
3.120.64.70
3.125.239.17
34.254.127.126
37.157.2.248
37.157.4.23
52.218.96.90
52.45.37.82
54.151.126.25
78.46.90.238
84.200.5.215
85.114.159.112
010cef1e54b072ce90408423f0994e332cccdfbdeb2422e363587896fdda487c
02434bfc0c6d0d266fe499523bc9d46415d75c9df3eb5c9787c1bb36e82105a4
028ebb9e7486ff4dfe159a084de6239ad17b4e9a21ed2816a4a84b73a84d5794
02b759110fa13dd2202678b58470ada3e1b7d7f147fbab290e77efb75574ca1b
02f7d7fb801e94b815c14e6a1d8fa55f86833936973908427a55da5264314233
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0847df41f07f2cc3992577c0fa76baa5cc0be7316d6540aced66bbf63b7b3e0a
0a306526fc6a2c25361cccc5ba74de9592c51c225daa00e81e2fea18959d4499
0ca889ef77939a842e23efde134019e4bc994afe490d495e3ae775acb8dd41e4
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1309ba224b27bc03db61a1f96b80571423a4241e03a98502d0f67d05ab440845
16cc49f81df79c07e6363e69994df3e0890339961e46cba5bdb560debf0805da
17d47be4f32ff31db9a41ed7da11997f7e0d935ca1f47d9efec061400c10e191
1d734b64f83e6cc934b1a59d783cdded2734963880cebfbd9f510bae7bb33ebb
2194a482d5318ea04b18c274ec9bfe99a8c71bb9897e802063e7e849557e8d23
2333f1fd0ef8f2624ec4419ec61a683829eb3cabc10782ae6e9212716c96ca3d
263d71d257e8ffa6aeed6dcc1a9b6fe88b61d38c13181eb00115ced54d4a918a
2a5715197eb96bb39f8f4efe44343adb47b1fdaab45e7da970d1afa38448ea50
2af505d99554bee3bbfe9ebf71be261d559ec6bf2bbbae45627d4319d3885a4f
2bbd412bfc6e2aefaee5cf0648ad34e5ae55f21b7baec795169ad9d1a5361883
2f4d50f618f6f5032092dd26b657cf38ed1319a37ebea8d4bd89670ab144f891
3081b46bc8f9e2c48b646c68161d43b34b0b43ccb69b1213f8c83770db4b498a
311207503f25950d9a29e5c41598611f3b873bba2c758e377a46d19f685e37f2
337dbd90c2e418ac7fafe28d235369f22405c35e33caf0a04b769375bf34e030
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
35a394e3e8588a37b93cb0c4f06d5c7b18d288059dc30f57cba2785f18d85d20
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37df6293d01948cb2fa1bc1de541ade389840163193b10e8c4393d71471a382c
3a20d7d126f2764f575487ba49d6a3446cafb5225520bb36cd8d463dd33fdf3a
3a831b2949d080b9ab402c2c968b99590a24b0bc2177c3de548bb318bd96689d
3b7ba2dc023b6c418c8738942790dba9929b6833e3eab86c544520c586af2bf9
3e0d5acb2b973bf4242ceb722e72fd779885a881181de770e969e2b6e81bc617
3f27849fbcb7ec27f0e71094e146f71be03c431f73a8c9c021a4462a39df5a22
477b418ec8b0fc02ae467be4407df9ddd550e9e627eb8d2f6b64fad5872e7401
483f498432e2432f9878924f6103c26d3ecf1a71a973ced38d9bec843cfe0297
48a9635c90c2e857397074cc488f2ed173ea7b0084a32f827c3cabee958b8e88
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e254b61797b75a22053a73bfd30fc984d0e883be81edac8e58fae3b60862a62
543c163590faac5decdcea589bdce5c1c2b55162b91a3059ab0f9a4e802381ee
57809464d54046b0288d0dd158529b275867d4bb425cf385696241bc955bff0b
5addb050e7fe474684bcb62d5bc8717ab681735dce2d2539631a08d570cf81a5
5ede3c4f041fb4473fc7952139f0297291d6b3bbeecbe45d2872b8f404bdf2ad
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
63238449f8169563732e486bbd85aa432a13e68d06be671475d9c33b83f0dd79
6778fd369b4a1b47e6c5562fda6bc22caf95b51797f3979821189bbcd391bcc0
67ae1d33ad18ced3dfe2a12dce0e5a8b176196832c1b3462f803e00219547de4
6824695692a6ccb50cd16bfce8cbcc2a1c6e6e1adf3578ce9e6b423106414157
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
6bad27d578e5780e745238f567a9e6722581165379fe9247ac1c72dfa5f6fd38
6c119d5fc36ce5d1e12c4c3a0320e697b58c055d29b0dc47aba89051fdc37e03
6e9e8d16e703a71a0020912bb5435e8af2e5b41bbd4661905471f84dfb52e1d3
7327a3c74583b825c8e96f5b106cf649721fc52f22c7e7da14586309ccdf36e1
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7fe28f84ad581c157ae81e5c7fecdf43b432125346a62d1934f0e8aeac3c8988
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83468bb226c56ef89a563ae2f82aa6a1fda6df138f29f6b75d96b625314449bc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85baa67b6e630a446f4bd1fcd8db03e23268c2f7af7171b3c011a0107b4e5765
862edeac488ac7152f749e851bb3f33249fbd01eb8d35a1994eb0a6cad069a33
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87a2f8365c65b08bc824cecca8cefe071bbb0312957d3842b0557b3dbaed3fff
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dde7642317527d6dd668d57927c31dff526df704ca50c385fe3a1247a8954db
8ee5517ab0e70d747f3cf7de5ce07bab4e9553eac8b8b51a1315c743791af92d
947951174878bc8d9920a398fe46eb50b5a0a3d813a74a78dd5e1a630452bec6
9c17f7641c292d904bc694ca5582287de651a98b873434862099959d0d912ef5
9c5e1753a099d9ab1b517faa69d4e8aa6d6d35dee6bcb952aa7101b45ef3ae0b
a050aed6f8e71c085e46e39ebe7f7ed33e1b0e3f53475e4c638b2940180791d4
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a63b3df48e6193080845e91dd87d70089a450c7328f33c069c9188a0e7b088b6
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
aef742e31e88844b1b8b60d1aa18e1582d38cb6a538326c39058c658177967a7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1974d0b9dc67edf874db9385bb98dc9f1509cf047f188a624eeaf3616541647
bafa38e691539928bf93936e48240e22e36c288496ec7bcda16a8b090095bb57
bbb9aec1d8e82301b7ad4ebc4ffce0b3a638d73f0f612383713b24e15bdc10df
bc7beb73e08550fcbfc6f0db5425506d50d927b8165192e4a962bf18a7db13c1
bf8a064b8c8a3aef03577d6da7abea971ed35c2bbfc32a62d3b5ffcf55488058
c05af5c304e7ce0aa3bc69d6371b73980cbf7877bfc416043eddbe97b08834f1
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c5f61b484643b50b49f299442c1a65a384f2e584dd6818c25340a1ababfd65f4
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4
cf23fa4d62bf65b155d983935c6373ce328a3d6da784bd983bbac97e5559dd2b
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d3322d34e84d3827dc942b20698f825e460f2cb09a03f2b9e4c3f26342240ad1
d48338735df35a1809a90ce6b18aa24ec4aed6b06ed9632a42ce7fd662910334
da368b7786e3efee5e45bc696c9ba59ef0b48cb3ef8e1857ce0ab00a82a16703
df0dcb80ddf134111f08bb1baf4bd246e3f0375ed929e8693959d42e0abd6e8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6dabeb68d970ecdbe351596ba602370f72def0eed40e9c51dd6a37b38369954
e73650214d93916d52f4bf2bcff3459dcd9970aa3509f594e7a5c7f88d22728e
e8c8b71831ef653a26b9d653c14cadd189914d0bf74f880b2ab478261b8ed8d1
eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f1175e1d344211f15df50d1392fe3fb77fe0c1f1c7918c0b562351246285bd09
f58ace84e88735de6302205e795e8e425f9ba4ced96a12a5867148a5c964acfb
f6bc8489b1db408b87e08d302f51c012dc6dca9e28b8fc7cb3403409eb446baf
fc1228b3caba9cc6d5a2169399a3d14838abc607f24b3d07f5ed080b60a62ac4
ff36b2633a5ce23554fd118695792abdd092fa80b1b6099e72685af263f8c2e9