www.padea.ch Open in urlscan Pro
2001:1600:4:13:1a66:daff:feaf:fceb Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://padea.ch/
Effective URL:
https://www.padea.ch/
Submission: On November 24 via api (November 24th 2024, 2:08:00 am UTC) from CH — Scanned from CH

Summary HTTP 41 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 10 domains to perform 41 HTTP transactions. The main IP is 2001:1600:4:13:1a66:daff:feaf:fceb, located in Switzerland and belongs to Infomaniak-AS Infomaniak Network SA, CH. The main domain is www.padea.ch.
TLS certificate: Issued by R10 on November 12th 2024. Valid for: 3 months.

This is the only time www.padea.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	2001:1600:4:1... 2001:1600:4:13:1a66:daff:feaf:fceb	29222 (Infomania...) (Infomaniak-AS Infomaniak Network SA)
2	2606:4700:10:... 2606:4700:10::6816:455f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:d0ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
3	172.67.22.83 172.67.22.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
41	15

16 2001:1600:4:13:1a66:daff:feaf:fceb (Switzerland) 1 redirects

ASN29222 (Infomaniak-AS Infomaniak Network SA, CH)

padea.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.padea.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:455f (United States)

ASN13335 (CLOUDFLARENET, US)

static.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d0ad (United States)

ASN13335 (CLOUDFLARENET, US)

hello.myfonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.22.83 (United States)

ASN13335 (CLOUDFLARENET, US)

core.service.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
storage.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	padea.ch 1 redirects padea.ch www.padea.ch	222 KB
5	elfsight.com static.elfsight.com — Cisco Umbrella Rank: 14225 core.service.elfsight.com — Cisco Umbrella Rank: 15036 storage.elfsight.com — Cisco Umbrella Rank: 15458	502 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	3 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	87 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	229 KB
2	google.ch www.google.ch — Cisco Umbrella Rank: 31394	562 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	212 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	74 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 96
1	myfonts.net hello.myfonts.net — Cisco Umbrella Rank: 10851	352 B
41	10

	Domain	Requested by
15	www.padea.ch	www.padea.ch
3	www.googletagmanager.com	www.padea.ch www.googletagmanager.com
2	storage.elfsight.com	static.elfsight.com
2	www.google.ch	www.padea.ch
2	td.doubleclick.net	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.facebook.com	www.padea.ch
2	www.google.com	1 redirects www.padea.ch
2	connect.facebook.net	www.padea.ch connect.facebook.net
2	static.elfsight.com	www.padea.ch static.elfsight.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.googleadservices.com	www.padea.ch
1	core.service.elfsight.com	static.elfsight.com
1	hello.myfonts.net	www.padea.ch
1	padea.ch	1 redirects
41	16

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.facebook.com
instagram.com

Subject Issuer	Validity	Valid
padea.ch R10	`2024-11-12` - `2025-02-10`	3 months	crt.sh
static.elfsight.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
*.myfonts.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-09` - `2025-09-09`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-02` - `2024-12-01`	3 months	crt.sh
elfsight.com WE1	`2024-10-05` - `2025-01-04`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.ch WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.padea.ch/
Frame ID: 0C46C1C4E95F681774F75FC205F70F47
Requests: 37 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.padea.ch
Frame ID: 7F763B0EB72693BADBA2BD5141DA380A
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-DKJFS6KPCX&gacid=1977373130.1732414072&gtm=45je4bk0v9109255370z8830646281za200zb830646281&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=150129618
Frame ID: 48A2634D21E64E7175B58697FCA80FE7
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11138707571?random=1732414072597&cv=11&fst=1732414072597&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4bk0v9109255370z8830646281za200zb830646281&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.padea.ch%2F&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Accueil&npa=0&pscdl=noapi&auid=2075760402.1732414072&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: A73008548511A14F4C7F675160D99927
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Accueil

Page URL History Show full URLs

https://padea.ch/ HTTP 301
https://www.padea.ch/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

41
Requests

90 %
HTTPS

57 %
IPv6

10
Domains

16
Subdomains

15
IPs

4
Countries

1031 kB
Transfer

12980 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkedin.com/company/padea-solutions-financi%C3%A8res/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/padea.ch/

Search URL Search Domain Scan URL

URL: https://instagram.com/padea.sa

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://padea.ch/ HTTP 301
https://www.padea.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://www.google.com/ccm/collect?en=page_view&dr=www.google.com&dl=https%3A%2F%2Fwww.padea.ch%2F&scrsrc=www.googletagmanager.com&frm=0&lps=1&rnd=1683731593.1732414072&auid=2075760402.1732414072&npa=0&gtm=45He4bk0v830646281za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732414072140&tfd=977&apve=1 HTTP 302
https://www.googleadservices.com/pagead/set_partitioned_cookie?auid=2075760402.1732414072&url=https%3A%2F%2Fwww.padea.ch%2F&ref=www.google.com&tfd=977&tft=1732414072140&frm=0&gtm=45He4bk0v830646281za200&tag_exp=101925629~102067555~102067808~102077855~102081485&apve=1&gcd=13l3l3l3l1l1&dma=0&npa=0

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.padea.ch/
Redirect Chain

https://padea.ch/
https://www.padea.ch/

12 KB
4 KB

308ms
263ms

Document
text/html

2001:1600:4:13:1a66:daff:feaf:fceb
Infomaniak-AS Inf...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:1a66:daff:feaf:fceb , Switzerland, ASN29222 (Infomaniak-AS Infomaniak Network SA, CH),

Reverse DNS

Software

Apache /

Resource Hash

6806be4ca85779dc8840188489904563ab0c8b989e43e7180366f210bf4a47af

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sun, 24 Nov 2024 02:07:51 GMT
server: Apache
strict-transport-security: max-age=16000000
vary: Accept-Encoding
x-flow-powered: Flow/7.3 Neos/7.3

Redirect headers

cache-control: max-age=0
content-length: 229
content-type: text/html; charset=iso-8859-1
date: Sun, 24 Nov 2024 02:07:51 GMT
expires: Sun, 24 Nov 2024 02:07:51 GMT
location: https://www.padea.ch/
server: Apache
strict-transport-security: max-age=16000000

GET
H2 200 Main.css
www.padea.ch/_Resources/Static/Packages/TC.Padea/Styles/ 252 KB
36 KB 45ms
45ms Stylesheet
text/css 2001:1600:4:13:1a66:daff:feaf:fceb
Infomaniak-AS Inf...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.padea.ch/_Resources/Static/Packages/TC.Padea/Styles/Main.css?bust=afd308ba?1731936216

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:1a66:daff:feaf:fceb , Switzerland, ASN29222 (Infomaniak-AS Infomaniak Network SA, CH),

Reverse DNS

Software

Apache /

Resource Hash

54c75cb37e055958aca166a5b2e970a03cbb806a5f3ae3b0cf2a8d242f023c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

strict-transport-security: max-age=16000000
cache-control: max-age=31536000
content-encoding: gzip
etag: "3f065-600e5c19938ac-gzip"
expires: Mon, 24 Nov 2025 02:07:51 GMT
accept-ranges: bytes
content-length: 36294
date: Sun, 24 Nov 2024 02:07:51 GMT
last-modified: Thu, 20 Jul 2023 07:04:15 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

GET
H2 200 jquery.reject.css
www.padea.ch/_Resources/Static/Packages/TC.Padea/Libraries/jReject/ 2 KB
1 KB 25ms
25ms Stylesheet
text/css 2001:1600:4:13:1a66:daff:feaf:fceb
Infomaniak-AS Inf...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.padea.ch/_Resources/Static/Packages/TC.Padea/Libraries/jReject/jquery.reject.css?bust=9adb47c2?1731936216

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:1a66:daff:feaf:fceb , Switzerland, ASN29222 (Infomaniak-AS Infomaniak Network SA, CH),

Reverse DNS

Software

Apache /

Resource Hash

22ced0aa47b8ffc3869274b56e2d3c2edd778d3b7b8de15358a7c645f32b0b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

strict-transport-security: max-age=16000000
cache-control: max-age=31536000
content-encoding: gzip
etag: "830-594ee1688849d-gzip"
expires: Mon, 24 Nov 2025 02:07:51 GMT
accept-ranges: bytes
content-length: 813
date: Sun, 24 Nov 2024 02:07:51 GMT
last-modified: Tue, 15 Oct 2019 07:39:44 GMT
vary: Accept-Encoding
server: Apache
content-type: text/css

GET
H2 200 PADEA_logo_2021.png
www.padea.ch/_Resources/Static/Packages/TC.Padea/Images/ 4 KB
4 KB 22ms
22ms Image
image/png 2001:1600:4:13:1a66:daff:feaf:fceb
Infomaniak-AS Inf...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.padea.ch/_Resources/Static/Packages/TC.Padea/Images/PADEA_logo_2021.png?bust=feb86d01

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:1a66:daff:feaf:fceb , Switzerland, ASN29222 (Infomaniak-AS Infomaniak Network SA, CH),

Reverse DNS

Software

Apache /

Resource Hash

f13a089736588e7252c6cfceab7827c9a9ae05185106c24c4d7aafa431111b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

strict-transport-security: max-age=16000000
cache-control: max-age=2592000
etag: "f2a-5bed002c650de"
expires: Tue, 24 Dec 2024 02:07:51 GMT
accept-ranges: bytes
content-length: 3882
date: Sun, 24 Nov 2024 02:07:51 GMT
last-modified: Wed, 31 Mar 2021 07:24:52 GMT
content-type: image/png
server: Apache

GET
H2 200 PADEA_logo_2021_rouge.png
www.padea.ch/_Resources/Static/Packages/TC.Padea/Images/ 2 KB
2 KB 23ms
23ms Image
image/png 2001:1600:4:13:1a66:daff:feaf:fceb
Infomaniak-AS Inf...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.padea.ch/_Resources/Static/Packages/TC.Padea/Images/PADEA_logo_2021_rouge.png?bust=e16818c2

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:1a66:daff:feaf:fceb , Switzerland, ASN29222 (Infomaniak-AS Infomaniak Network SA, CH),

Reverse DNS

Software

Apache /

Resource Hash

e03e45ec91d4be23952b1f7778f763e11ce8fcc86be34e38afa45d7bce4fa380

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

strict-transport-security: max-age=16000000
cache-control: max-age=2592000
etag: "911-5c4f0516eabbc"
expires: Tue, 24 Dec 2024 02:07:51 GMT
accept-ranges: bytes
content-length: 2321
date: Sun, 24 Nov 2024 02:07:51 GMT
last-modified: Thu, 17 Jun 2021 06:28:40 GMT
content-type: image/png
server: Apache

GET
H2 200 linkedin.svg
www.padea.ch/_Resources/Static/Packages/TC.Padea/Images/Icons/ 619 B
831 B 23ms
23ms Image
image/svg+xml 2001:1600:4:13:1a66:daff:feaf:fceb
Infomaniak-AS Inf...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.padea.ch/_Resources/Static/Packages/TC.Padea/Images/Icons/linkedin.svg?bust=c874d165

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:1a66:daff:feaf:fceb , Switzerland, ASN29222 (Infomaniak-AS Infomaniak Network SA, CH),

Reverse DNS

Software

Apache /

Resource Hash

8c2044d0e6bb14006f8b692ec5885970e1a3f1312a77106bce516ccf69ddb407

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

strict-transport-security: max-age=16000000
cache-control: max-age=2592000
etag: "26b-5cd72f636fafb"
expires: Tue, 24 Dec 2024 02:07:51 GMT
accept-ranges: bytes
content-length: 619
date: Sun, 24 Nov 2024 02:07:51 GMT
last-modified: Sun, 03 Oct 2021 13:42:04 GMT
content-type: image/svg+xml
server: Apache

GET
H2 200 facebook.svg
www.padea.ch/_Resources/Static/Packages/TC.Padea/Images/Icons/ 534 B
746 B 22ms
21ms Image
image/svg+xml 2001:1600:4:13:1a66:daff:feaf:fceb
Infomaniak-AS Inf...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.padea.ch/_Resources/Static/Packages/TC.Padea/Images/Icons/facebook.svg?bust=b83d4377

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:1a66:daff:feaf:fceb , Switzerland, ASN29222 (Infomaniak-AS Infomaniak Network SA, CH),

Reverse DNS

Software

Apache /

Resource Hash

1622361ff9bc0f20a5407d4e39f267a7b09ad189b626c8d8636e01fec2e6f83b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

strict-transport-security: max-age=16000000
cache-control: max-age=2592000
etag: "216-5cd72f636fafb"
expires: Tue, 24 Dec 2024 02:07:51 GMT
accept-ranges: bytes
content-length: 534
date: Sun, 24 Nov 2024 02:07:51 GMT
last-modified: Sun, 03 Oct 2021 13:42:04 GMT
content-type: image/svg+xml
server: Apache

GET
H2 200 instagram.svg
www.padea.ch/_Resources/Static/Packages/TC.Padea/Images/Icons/ 790 B
1002 B 21ms
21ms Image
image/svg+xml 2001:1600:4:13:1a66:daff:feaf:fceb
Infomaniak-AS Inf...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.padea.ch/_Resources/Static/Packages/TC.Padea/Images/Icons/instagram.svg?bust=519a8f40

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:1a66:daff:feaf:fceb , Switzerland, ASN29222 (Infomaniak-AS Infomaniak Network SA, CH),

Reverse DNS

Software

Apache /

Resource Hash

5472235e7b8bebe78db7a675043001adaceb19d537242e597e4598d15d4e6ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

strict-transport-security: max-age=16000000
cache-control: max-age=2592000
etag: "316-5cd72f636fafb"
expires: Tue, 24 Dec 2024 02:07:51 GMT
accept-ranges: bytes
content-length: 790
date: Sun, 24 Nov 2024 02:07:51 GMT
last-modified: Sun, 03 Oct 2021 13:42:04 GMT
content-type: image/svg+xml
server: Apache

GET
H2 200 platform.js Show response
static.elfsight.com/platform/ 48 KB
17 KB 110ms
35ms Script
application/javascript 2606:4700:10::6816:455f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/platform/platform.js

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:455f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cec24a06e2e9c6dbe79ac537c1c0906c2896eb331ebe94fc3077075d78dc5a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

x-envoy-upstream-healthchecked-cluster
content-encoding: gzip
cf-cache-status: HIT
etag: W/"9cb6cdfa853ae05f7abcff41c1cfd0af"
age: 3385
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 02:07:51 GMT
x-rgw-object-type: Normal
content-type: application/javascript
last-modified: Tue, 11 Jun 2024 05:32:12 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: e32c40dc-02c3-4408-a6ec-51bfedff6dd9
strict-transport-security: max-age=0
cache-control: max-age=3600
speculation-rules: "/cdn-cgi/speculation"
x-amz-request-id: tx000009816f5853648b0a3-006698eb70-5ac52b6e-sfo2a
cf-ray: 8e75d90d2f269177-FRA
server: cloudflare

GET
H2 200 Libraries.min.js Show response
www.padea.ch/_Resources/Static/Packages/TC.Padea/JavaScript/ 305 KB
93 KB 33ms
33ms Script
application/javascript 2001:1600:4:13:1a66:daff:feaf:fceb
Infomaniak-AS Inf...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.padea.ch/_Resources/Static/Packages/TC.Padea/JavaScript/Libraries.min.js?bust=74250ef6?1731936217

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:1a66:daff:feaf:fceb , Switzerland, ASN29222 (Infomaniak-AS Infomaniak Network SA, CH),

Reverse DNS

Software

Apache /

Resource Hash

e408f6305c3c9230d420dcea146a70be0a9d0b2317931878a4c20f355f70e593

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

strict-transport-security: max-age=16000000
cache-control: max-age=31536000
content-encoding: gzip
etag: "4c3f4-594ee1688461d-gzip"
expires: Mon, 24 Nov 2025 02:07:51 GMT
accept-ranges: bytes
date: Sun, 24 Nov 2024 02:07:51 GMT
last-modified: Tue, 15 Oct 2019 07:39:44 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 Application.min.js Show response
www.padea.ch/_Resources/Static/Packages/TC.Padea/JavaScript/ 7 KB
3 KB 29ms
29ms Script
application/javascript 2001:1600:4:13:1a66:daff:feaf:fceb
Infomaniak-AS Inf...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.padea.ch/_Resources/Static/Packages/TC.Padea/JavaScript/Application.min.js?bust=33af9423?1731936217

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:1a66:daff:feaf:fceb , Switzerland, ASN29222 (Infomaniak-AS Infomaniak Network SA, CH),

Reverse DNS

Software

Apache /

Resource Hash

8908c8ac5493e362023e97f44f7627a065159614d27cef0966802e171a6d3b94

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

strict-transport-security: max-age=16000000
cache-control: max-age=31536000
content-encoding: gzip
etag: "1c36-600e5c199290c-gzip"
expires: Mon, 24 Nov 2025 02:07:51 GMT
accept-ranges: bytes
content-length: 2607
date: Sun, 24 Nov 2024 02:07:51 GMT
last-modified: Thu, 20 Jul 2023 07:04:15 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 nwt.mailobfuscation.min.js Show response
www.padea.ch/_Resources/Static/Packages/Networkteam.Neos.MailObfuscator/Scripts/ 354 B
520 B 25ms
24ms Script
application/javascript 2001:1600:4:13:1a66:daff:feaf:fceb
Infomaniak-AS Inf...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.padea.ch/_Resources/Static/Packages/Networkteam.Neos.MailObfuscator/Scripts/nwt.mailobfuscation.min.js?bust=a8608126

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:1a66:daff:feaf:fceb , Switzerland, ASN29222 (Infomaniak-AS Infomaniak Network SA, CH),

Reverse DNS

Software

Apache /

Resource Hash

53cccc7933b0f3c9ba40ba8fbd00919e3df434cd6236f7d562df6a385cf52b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

strict-transport-security: max-age=16000000
cache-control: max-age=31536000
content-encoding: gzip
etag: "162-59e72c7463071-gzip"
expires: Mon, 24 Nov 2025 02:07:51 GMT
accept-ranges: bytes
content-length: 270
date: Sun, 24 Nov 2024 02:07:51 GMT
last-modified: Thu, 13 Feb 2020 10:44:50 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 LastVisitedNode.js Show response
www.padea.ch/_Resources/Static/Packages/Neos.Neos/JavaScript/ 183 B
405 B 28ms
27ms Script
application/javascript 2001:1600:4:13:1a66:daff:feaf:fceb
Infomaniak-AS Inf...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.padea.ch/_Resources/Static/Packages/Neos.Neos/JavaScript/LastVisitedNode.js?bust=775acd7b

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:1a66:daff:feaf:fceb , Switzerland, ASN29222 (Infomaniak-AS Infomaniak Network SA, CH),

Reverse DNS

Software

Apache /

Resource Hash

cb8010bf1845f14dddfaa3410a46ccdac45c474fad3988e51072acf21649e2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

strict-transport-security: max-age=16000000
cache-control: max-age=31536000
content-encoding: gzip
etag: "b7-605646dd7ed80-gzip"
expires: Mon, 24 Nov 2025 02:07:51 GMT
accept-ranges: bytes
content-length: 156
date: Sun, 24 Nov 2024 02:07:51 GMT
last-modified: Fri, 15 Sep 2023 11:52:38 GMT
vary: Accept-Encoding
server: Apache
content-type: application/javascript

GET
H2 200 3db03a
hello.myfonts.net/count/ 0
352 B 90ms
27ms Stylesheet
text/css 2606:4700::6812:d0ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hello.myfonts.net/count/3db03a
Requested by: Host: www.padea.ch
URL: https://www.padea.ch/_Resources/Static/Packages/TC.Padea/Styles/Main.css?bust=afd308ba?1731936216
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:d0ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

cache-control: max-age=604800
age: 1
expect-ct: null
cf-ray: 8e75d90c89ae23af-ZRH
expires: Mon, 24 Nov 2025 02:07:51 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
date: Sun, 24 Nov 2024 02:07:51 GMT
content-type: text/css
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 275 KB
97 KB 109ms
42ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NT3QNSS

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b96756acc7560fecb145f552378c32958178bb7e8c4e0596b2c9b84aa0d8d9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 24 Nov 2024 02:07:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 02:07:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 24 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98932
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 60ms
24ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-6Mp3libA' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 02:07:51 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-6Mp3libA' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4420, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: yCEwWjAYYYZZkQIUS6ddTPL5Nih3iMIsXO3txLayuyW2nG6Prd+UA60HOqnQP0S7acvDocToQvIB4MMWgJYVzQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 font.woff2
www.padea.ch/_Resources/Static/Packages/TC.Padea/Fonts/strokeWeight060/ 38 KB
39 KB 23ms
22ms Font
font/woff2 2001:1600:4:13:1a66:daff:feaf:fceb
Infomaniak-AS Inf...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.padea.ch/_Resources/Static/Packages/TC.Padea/Fonts/strokeWeight060/font.woff2

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/_Resources/Static/Packages/TC.Padea/Styles/Main.css?bust=afd308ba?1731936216

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:1a66:daff:feaf:fceb , Switzerland, ASN29222 (Infomaniak-AS Infomaniak Network SA, CH),

Reverse DNS

Software

Apache /

Resource Hash

4abad531ec10ae3beabe5575eb49a706b4b858a7b9db6b6743ab0059fd7a8933

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.padea.ch
Referer: https://www.padea.ch/_Resources/Static/Packages/TC.Padea/Styles/Main.css?bust=afd308ba?1731936216

Response headers

strict-transport-security: max-age=16000000
cache-control: max-age=2592000
etag: "99a0-5c4f0516dd0fc"
expires: Tue, 24 Dec 2024 02:07:51 GMT
accept-ranges: bytes
content-length: 39328
date: Sun, 24 Nov 2024 02:07:51 GMT
last-modified: Thu, 17 Jun 2021 06:28:40 GMT
content-type: font/woff2
server: Apache

GET
H2 206 PADEA_Shooting%2023_Edit01.mp4
www.padea.ch/_Resources/Persistent/4/b/c/3/4bc301e88445ba62feae604c74f79f1fbbbb8c49/ 9 MB
0 23ms
22ms Media
video/mp4 2001:1600:4:13:1a66:daff:feaf:fceb
Infomaniak-AS Inf...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.padea.ch/_Resources/Persistent/4/b/c/3/4bc301e88445ba62feae604c74f79f1fbbbb8c49/PADEA_Shooting%2023_Edit01.mp4

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:1a66:daff:feaf:fceb , Switzerland, ASN29222 (Infomaniak-AS Infomaniak Network SA, CH),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

Referer: https://www.padea.ch/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

strict-transport-security: max-age=16000000
cache-control: max-age=2592000
etag: "35176de-5feb6f1bee05d"
Content-Range: bytes 0-55670493/55670494
expires: Tue, 24 Dec 2024 02:07:51 GMT
accept-ranges: bytes
Content-Length: 55670494
date: Sun, 24 Nov 2024 02:07:51 GMT
last-modified: Thu, 22 Jun 2023 12:22:56 GMT
content-type: video/mp4
server: Apache

GET
H3 200 256293356813173 Show response
connect.facebook.net/signals/config/ 68 KB
13 KB 199ms
199ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/256293356813173?v=2.9.176&r=stable&domain=www.padea.ch&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

d498559019fb9a21565f08d28d267da9e1120db01e4078dec3dccf8968e7b5cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-rFN59d5P' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 02:07:52 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-rFN59d5P' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=76, mss=1232, tbw=70274, tp=66, tpl=0, uplat=148, ullat=0
pragma: public
x-fb-debug: DO7kbXvV4wyOet66nKfIcJnK9WWwMerNzT3XItTH6nFWMpx9+KvGEkI4BZAYpL+tK72ixJvGjR/xbhN5Xm9Gmg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 font.woff2
www.padea.ch/_Resources/Static/Packages/TC.Padea/Fonts/strokeWeight100/ 37 KB
37 KB 1068ms
1068ms Font
font/woff2 2001:1600:4:13:1a66:daff:feaf:fceb
Infomaniak-AS Inf...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.padea.ch/_Resources/Static/Packages/TC.Padea/Fonts/strokeWeight100/font.woff2

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/_Resources/Static/Packages/TC.Padea/Styles/Main.css?bust=afd308ba?1731936216

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:1600:4:13:1a66:daff:feaf:fceb , Switzerland, ASN29222 (Infomaniak-AS Infomaniak Network SA, CH),

Reverse DNS

Software

Apache /

Resource Hash

e10b4258d896328e38c0c240c17fbc0fbf79187935590546485281b5cd9bbf3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.padea.ch
Referer: https://www.padea.ch/_Resources/Static/Packages/TC.Padea/Styles/Main.css?bust=afd308ba?1731936216

Response headers

strict-transport-security: max-age=16000000
cache-control: max-age=2592000
etag: "92c4-5c4f0516dffdc"
expires: Tue, 24 Dec 2024 02:07:51 GMT
accept-ranges: bytes
content-length: 37572
date: Sun, 24 Nov 2024 02:07:51 GMT
last-modified: Thu, 17 Jun 2021 06:28:40 GMT
content-type: font/woff2
server: Apache

GET
H3 200 / Show response
core.service.elfsight.com/p/boot/ 5 KB
3 KB 289ms
218ms XHR
application/json 172.67.22.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://core.service.elfsight.com/p/boot/?page=https%3A%2F%2Fwww.padea.ch%2F&w=e1ed2a23-fe6c-44c2-9659-18be18ca3c20

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/platform/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.22.83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df6d76045a7ea05a3b1118ecefae7e52751972763f85b2ee9c0b705108b27703

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0, 1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"12af-XOWnyhXxMdQNjOanU8eezT4wayo"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 02:07:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
x-dns-prefetch-control: on
cross-origin-opener-policy: unsafe-none
speculation-rules: "/cdn-cgi/speculation"
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
referrer-policy: no-referrer
x-download-options: noopen
cf-ray: 8e75d90e3cb2d355-FRA
access-control-allow-origin: https://www.padea.ch
x-xss-protection: 0, 1; mode=block
origin-agent-cluster: ?1
cf-apo-via: origin,host
server: cloudflare

GET
H3

200

set_partitioned_cookie
www.googleadservices.com/pagead/
Redirect Chain

https://www.google.com/ccm/collect?en=page_view&dr=www.google.com&dl=https%3A%2F%2Fwww.padea.ch%2F&scrsrc=www.googletagmanager.com&frm=0&lps=1&rnd=1683731593.1732414072&auid=2075760402.1732414072&n...
https://www.googleadservices.com/pagead/set_partitioned_cookie?auid=2075760402.1732414072&url=https%3A%2F%2Fwww.padea.ch%2F&ref=www.google.com&tfd=977&tft=1732414072140&frm=0&gtm=45He4bk0v830646281...

0
0

91ms
43ms

Ping
text/html

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googleadservices.com/pagead/set_partitioned_cookie?auid=2075760402.1732414072&url=https%3A%2F%2Fwww.padea.ch%2F&ref=www.google.com&tfd=977&tft=1732414072140&frm=0&gtm=45He4bk0v830646281za200&tag_exp=101925629~102067555~102067808~102077855~102081485&apve=1&gcd=13l3l3l3l1l1&dma=0&npa=0
Requested by: Host: www.padea.ch
URL: https://www.padea.ch/
Protocol: H3
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://www.googleadservices.com/pagead/set_partitioned_cookie?auid=2075760402.1732414072&url=https%3A%2F%2Fwww.padea.ch%2F&ref=www.google.com&tfd=977&tft=1732414072140&frm=0&gtm=45He4bk0v830646281za200&tag_exp=101925629~102067555~102067808~102077855~102081485&apve=1&gcd=13l3l3l3l1l1&dma=0&npa=0
access-control-expose-headers: date,location,vary,vary,vary,server,content-length
pragma: no-cache
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.padea.ch
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 24 Nov 2024 02:07:52 GMT
x-xss-protection: 0
content-type: text/plain
vary: Origin, X-Origin, Referer
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 409 KB
132 KB 47ms
45ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DKJFS6KPCX&l=dataLayer&cx=c&gtm=45He4bk0v830646281za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NT3QNSS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7368945ac33f17963d907fce2e97cc17ca0eb5d942ae23eef7a09808ace61d91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 24 Nov 2024 02:07:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 02:07:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 134746
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 7F76 0
0 84ms
31ms Document
text/html 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.padea.ch

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NT3QNSS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 02:07:52 GMT
expires: Mon, 24 Nov 2025 02:07:52 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 91ms
22ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=256293356813173&ev=PageView&dl=https%3A%2F%2Fwww.padea.ch%2F&rl=https%3A%2F%2Fwww.google.com%2F&if=false&ts=1732414072251&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732414072248.51682062950893231&ler=other&cdl=API_unavailable&it=1732414071901&coo=false&rqm=GET

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=23, mss=1232, tbw=4468, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 24 Nov 2024 02:07:52 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 488ms
420ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=256293356813173&ev=PageView&dl=https%3A%2F%2Fwww.padea.ch%2F&rl=https%3A%2F%2Fwww.google.com%2F&if=false&ts=1732414072251&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732414072248.51682062950893231&ler=other&cdl=API_unavailable&it=1732414071901&coo=false&rqm=FGET

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440661783378042431"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 02:07:52 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: pZHx72VGpA2mzZfKmq3DgPDv55idf+AIfs+CHMo8AGf5skgmzGeLE/6Mvd9liGDPrI4z7vE1fr4tshIbbEivnQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440661783378042431", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=23, mss=1232, tbw=4836, tp=13, tpl=0, uplat=286, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 instashow.js Show response
static.elfsight.com/apps/instashow/stable/271741c25b6fa04fd7645e51db6a092878605305/app/ 2 MB
482 KB 37ms
34ms Script
application/javascript 2606:4700:10::6816:455f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/instashow/stable/271741c25b6fa04fd7645e51db6a092878605305/app/instashow.js

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/platform/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:455f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

058c380dcbabf28b6e43a0522f89e2d2093460059ee097a75c46b1f5bf9e17ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

x-envoy-upstream-healthchecked-cluster
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5d95e5ab0132d74383caa84c176df5b4"
age: 3374
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 02:07:52 GMT
x-rgw-object-type: Normal
content-type: application/javascript; charset=utf-8
last-modified: Tue, 19 Nov 2024 11:43:46 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid: e32c40dc-02c3-4408-a6ec-51bfedff6dd9
strict-transport-security: max-age=0
cache-control: max-age=3600
speculation-rules: "/cdn-cgi/speculation"
x-amz-request-id: tx0000059fcbb2dd6d80832-00673c7a24-6afcfcb8-sfo2a
cf-ray: 8e75d90fe8169177-FRA
server: cloudflare

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 266ms
129ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DKJFS6KPCX&gtm=45je4bk0v9109255370z8830646281za200zb830646281&_p=1732414071780&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1977373130.1732414072&ul=de-ch&sr=1600x1200&lps=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1732414072&sct=1&seg=0&dl=https%3A%2F%2Fwww.padea.ch%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=Accueil&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1289
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKJFS6KPCX&l=dataLayer&cx=c&gtm=45He4bk0v830646281za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.padea.ch
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 02:07:52 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
552 B 389ms
28ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DKJFS6KPCX&cid=1977373130.1732414072&gtm=45je4bk0v9109255370z8830646281za200zb830646281&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKJFS6KPCX&l=dataLayer&cx=c&gtm=45He4bk0v830646281za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.padea.ch
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 02:07:52 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 48A2 0
0 202ms
32ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-DKJFS6KPCX&gacid=1977373130.1732414072&gtm=45je4bk0v9109255370z8830646281za200zb830646281&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=150129618

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKJFS6KPCX&l=dataLayer&cx=c&gtm=45He4bk0v830646281za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.padea.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 02:07:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11138707571/ 5 KB
2 KB 151ms
36ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11138707571/?random=1732414072597&cv=11&fst=1732414072597&bg=ffffff&guid=ON&async=1&gtm=45je4bk0v9109255370z8830646281za200zb830646281&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.padea.ch%2F&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Accueil&npa=0&pscdl=noapi&auid=2075760402.1732414072&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKJFS6KPCX&l=dataLayer&cx=c&gtm=45He4bk0v830646281za200

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

d2e8b2f7eebfef95721cacd20c5a1940b1554e230008271203a164c0a894d6b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2333
date: Sun, 24 Nov 2024 02:07:52 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 11138707571
td.doubleclick.net/td/rul/ Frame A730 0
0 150ms
50ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11138707571?random=1732414072597&cv=11&fst=1732414072597&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je4bk0v9109255370z8830646281za200zb830646281&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.padea.ch%2F&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Accueil&npa=0&pscdl=noapi&auid=2075760402.1732414072&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKJFS6KPCX&l=dataLayer&cx=c&gtm=45He4bk0v830646281za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.padea.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Nov 2024 02:07:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
408 B 132ms
32ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DKJFS6KPCX&cid=1977373130.1732414072&gtm=45je4bk0v9109255370z8830646281za200zb830646281&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=342139515

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 24 Nov 2024 02:07:52 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/11138707571/ 42 B
64 B 34ms
33ms Image
image/gif 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11138707571/?random=1732414072597&cv=11&fst=1732413600000&bg=ffffff&guid=ON&async=1&gtm=45je4bk0v9109255370z8830646281za200zb830646281&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.padea.ch%2F&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Accueil&npa=0&pscdl=noapi&auid=2075760402.1732414072&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dx7BBtXrGdIcUHqOqFp5wSeedIuuGmg&random=2103755269&rmt_tld=0&ipr=y

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 24 Nov 2024 02:07:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 /
www.google.ch/pagead/1p-user-list/11138707571/ 42 B
154 B 35ms
34ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/11138707571/?random=1732414072597&cv=11&fst=1732413600000&bg=ffffff&guid=ON&async=1&gtm=45je4bk0v9109255370z8830646281za200zb830646281&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.padea.ch%2F&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Accueil&npa=0&pscdl=noapi&auid=2075760402.1732414072&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dx7BBtXrGdIcUHqOqFp5wSeedIuuGmg&random=2103755269&rmt_tld=1&ipr=y

Requested by

Host: www.padea.ch
URL: https://www.padea.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 24 Nov 2024 02:07:53 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET favicon-32x32.png
www.padea.ch/_Resources/Static/Packages/TC.Padea/Images/Favicons/ 0
0

GET
H3 200 instagram Show response
storage.elfsight.com/api/ 196 B
469 B 781ms
781ms Fetch
application/json 172.67.22.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://storage.elfsight.com/api/instagram?q=me%2Fmedia%3Ffields%3Dcaption%252Cmedia_type%252Cmedia_url%252Cpermalink%252Cthumbnail_url%252Ctimestamp%252Cusername%252Cchildren%257Bmedia_type%252Cmedia_url%252Cthumbnail_url%257D&user_id=619a4bc7-f751-466e-a54b-cc1360e3ba44

Requested by

Host: static.elfsight.com
URL: https://static.elfsight.com/apps/instashow/stable/271741c25b6fa04fd7645e51db6a092878605305/app/instashow.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.22.83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fa5e8ab420b5f265723ffdc53976e8c9914b25a32dd2b1f01d1cc1fc8964937

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-widget-token: eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0eXBlIjoiUFVCTElDIiwid2lkZ2V0UGlkIjoiZTFlZDJhMjMtZmU2Yy00NGMyLTk2NTktMThiZTE4Y2EzYzIwIiwid2lkZ2V0UmV2aXNpb25QaWQiOiI3MTE1M2Q3ZC00MzRiLTQ0NTItYmM5ZS04NzQ4YzQ4MjI1NmEiLCJhcHAiOiJpbnN0YWdyYW0tZmVlZCIsImFjY291bnRQaWQiOiI5OTIxNmM4OS0wZjg0LTRkN2EtYWExNi1hYTliNDExNGM3NDUiLCJzdWIiOiJlMWVkMmEyMy1mZTZjLTQ0YzItOTY1OS0xOGJlMThjYTNjMjAiLCJ2ZXIiOiI3MTE1M2Q3ZC00MzRiLTQ0NTItYmM5ZS04NzQ4YzQ4MjI1NmEiLCJpYXQiOjE3MzI0MTQwNzIsImV4cCI6MTczMjU4Njg3Mn0.BLDe2WLAJggn6y-FDtdHWdAwDAceg-YHTQMDohya6PqBQdfvOw8tbMPRZ1f7EOHXTyM29ny-B1iQRuc_M1c5BdaQyoLC6FpEpdGOxrBzrJKCQywCrQLKc_LpcfVxKoRmgDXSB_9oX8ZliH5OeULkzgvgPHnF-lcUxoWw0Q4L50ew-hV2V_ufN5RJadFmJDPfYwhYFom22-fNjP8EscSGqJs_ghp0HjCIm1R3hkV9VtYTqS4zMZHsgA8GYE4WPIJbGjNsQ2coI3j2ZNxnyIiK8n7unABTaZqGbbzWjhHBv2rlAXWrSqRzP8I80-z8-a1U-0gkjAib34fdeD82NzmQIvsS_DVP6v2Ne2zPata-BTJ13n9AK-NCxpgFFSwg3w_Veg0cF8wkRiI7pRP1sN6Z1XOvxZ9Tm0Fz70HB-WVByCgDyfyoyIzJ1WhmUCx_pDarnj3MuAbmj5qSx4YXOAmtzm4QHaoSVev5vKEiouIivkzGVVkgOJ8xnrbzm4jMK0zGVPe4Rv54sY1ZFRc5OBqmxL9GdWGEM6UeCD_sMJHoa9GgtaVU0Ere3Aafl1_V_nG4QQrjJqISHCjnKZJz8QmMxiSCEGxPLRfUrI3QSJT3TbzchJF-153eQzK5Wk4eix3ED34BBu7UU--xfKjA-3LkSWcQhD2fx9AVjFhoE0btLEs
Referer: https://www.padea.ch/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
access-control-allow-methods: GET,POST,OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Sun, 24 Nov 2024 02:07:54 GMT
content-type: application/json
last-modified: Sun, 24 Nov 2024 02:07:54 GMT
vary: Accept-Encoding
access-control-allow-headers: Authorization,Content-Type,Set-Cookie,x-csrf-token,X-Widget-Token
strict-transport-security: max-age=0
cache-control: private, no-store
speculation-rules: "/cdn-cgi/speculation"
access-control-allow-credentials: 1
cf-ray: 8e75d9184d51dbea-FRA
access-control-allow-origin: https://www.padea.ch
x-xss-protection: 1; mode=block
cf-apo-via: origin,host
server: cloudflare

OPTIONS
H3 204 instagram
storage.elfsight.com/api/ Frame 0
0 234ms
190ms Preflight 172.67.22.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.22.83 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-token
Access-Control-Request-Method: GET
Origin: https://www.padea.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: 1
access-control-allow-headers: Authorization,Content-Type,Set-Cookie,x-csrf-token,X-Widget-Token
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.padea.ch
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8e75d9170bd7dbea-FRA
date: Sun, 24 Nov 2024 02:07:53 GMT
server: cloudflare
strict-transport-security: max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 39ms
37ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DKJFS6KPCX&gtm=45je4bk0v9109255370za200zb830646281&_p=1732414071780&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1977373130.1732414072&ul=de-ch&sr=1600x1200&lps=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732414072&sct=1&seg=0&dl=https%3A%2F%2Fwww.padea.ch%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=Accueil&en=scroll&epn.percent_scrolled=90&_et=282&tfd=6571
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKJFS6KPCX&l=dataLayer&cx=c&gtm=45He4bk0v830646281za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.padea.ch/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.padea.ch
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 24 Nov 2024 02:07:57 GMT
content-type: text/plain
server: Golfe2

GET favicon-16x16.png
www.padea.ch/_Resources/Static/Packages/TC.Padea/Images/Favicons/ 0
0

GET PADEA_Shooting%2023_Edit01.mp4
www.padea.ch/_Resources/Persistent/4/b/c/3/4bc301e88445ba62feae604c74f79f1fbbbb8c49/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.padea.ch
URL: https://www.padea.ch/_Resources/Static/Packages/TC.Padea/Images/Favicons/favicon-32x32.png?bust=556ea3d0

Domain: www.padea.ch
URL: https://www.padea.ch/_Resources/Static/Packages/TC.Padea/Images/Favicons/favicon-16x16.png?bust=b254dc08

Domain: www.padea.ch
URL: https://www.padea.ch/_Resources/Persistent/4/b/c/3/4bc301e88445ba62feae604c74f79f1fbbbb8c49/PADEA_Shooting%2023_Edit01.mp4

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.myfonts.net/	1970-01-21 01:13:35	Name: __cf_bm Value: ZEw.665lIejWDotQ01rYge3XNJk1lYUY2dsl_R6Qi.o-1732414071-1.0.1.1-Dqtn7Njkg3.ennlAfAt_SgEjBnSYiHhxeR4rzIAV_IE9Hqn1iewDddaoPP5aiEbKXjTNF20hrwlLQrvLKgfs8Q
.padea.ch/	1970-01-21 03:23:10	Name: _gcl_au Value: 1.1.2075760402.1732414072
core.service.elfsight.com/	1970-01-21 01:13:34	Name: elfsight_viewed_recently Value: 1
.padea.ch/	1970-01-21 03:23:10	Name: _fbp Value: fb.1.1732414072248.51682062950893231
.padea.ch/	1970-01-21 10:49:34	Name: _ga Value: GA1.1.1977373130.1732414072
.padea.ch/	1970-01-21 10:49:34	Name: _ga_DKJFS6KPCX Value: GS1.1.1732414072.1.0.1732414072.60.0.0
.doubleclick.net/	1970-01-21 01:13:34	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16000000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
core.service.elfsight.com
googleads.g.doubleclick.net
hello.myfonts.net
padea.ch
region1.analytics.google.com
static.elfsight.com
stats.g.doubleclick.net
storage.elfsight.com
td.doubleclick.net
www.facebook.com
www.google.ch
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.padea.ch
www.padea.ch
142.250.181.226
142.250.186.68
157.240.0.35
157.240.0.6
172.217.16.194
172.67.22.83
2001:1600:4:13:1a66:daff:feaf:fceb
2001:4860:4802:34::36
2606:4700:10::6816:455f
2606:4700::6812:d0ad
2a00:1450:4001:806::2003
2a00:1450:4001:811::2002
2a00:1450:4001:829::2008
2a00:1450:400c:c0c::9a
058c380dcbabf28b6e43a0522f89e2d2093460059ee097a75c46b1f5bf9e17ef
1622361ff9bc0f20a5407d4e39f267a7b09ad189b626c8d8636e01fec2e6f83b
22ced0aa47b8ffc3869274b56e2d3c2edd778d3b7b8de15358a7c645f32b0b37
4abad531ec10ae3beabe5575eb49a706b4b858a7b9db6b6743ab0059fd7a8933
4fa5e8ab420b5f265723ffdc53976e8c9914b25a32dd2b1f01d1cc1fc8964937
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
53cccc7933b0f3c9ba40ba8fbd00919e3df434cd6236f7d562df6a385cf52b72
5472235e7b8bebe78db7a675043001adaceb19d537242e597e4598d15d4e6ac9
54c75cb37e055958aca166a5b2e970a03cbb806a5f3ae3b0cf2a8d242f023c95
6806be4ca85779dc8840188489904563ab0c8b989e43e7180366f210bf4a47af
7368945ac33f17963d907fce2e97cc17ca0eb5d942ae23eef7a09808ace61d91
8908c8ac5493e362023e97f44f7627a065159614d27cef0966802e171a6d3b94
8c2044d0e6bb14006f8b692ec5885970e1a3f1312a77106bce516ccf69ddb407
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b96756acc7560fecb145f552378c32958178bb7e8c4e0596b2c9b84aa0d8d9e5
cb8010bf1845f14dddfaa3410a46ccdac45c474fad3988e51072acf21649e2d6
cec24a06e2e9c6dbe79ac537c1c0906c2896eb331ebe94fc3077075d78dc5a6f
d2e8b2f7eebfef95721cacd20c5a1940b1554e230008271203a164c0a894d6b2
d498559019fb9a21565f08d28d267da9e1120db01e4078dec3dccf8968e7b5cc
df6d76045a7ea05a3b1118ecefae7e52751972763f85b2ee9c0b705108b27703
e03e45ec91d4be23952b1f7778f763e11ce8fcc86be34e38afa45d7bce4fa380
e10b4258d896328e38c0c240c17fbc0fbf79187935590546485281b5cd9bbf3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e408f6305c3c9230d420dcea146a70be0a9d0b2317931878a4c20f355f70e593
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13a089736588e7252c6cfceab7827c9a9ae05185106c24c4d7aafa431111b0b

www.padea.ch Open in urlscan Pro 2001:1600:4:13:1a66:daff:feaf:fceb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

90 %HTTPS

57 %IPv6

10 Domains

16 Subdomains

15 IPs

4 Countries

1031 kBTransfer

12980 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.padea.ch Open in urlscan Pro
2001:1600:4:13:1a66:daff:feaf:fceb Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

90 %
HTTPS

57 %
IPv6

10
Domains

16
Subdomains

15
IPs

4
Countries

1031 kB
Transfer

12980 kB
Size

7
Cookies

41 HTTP transactions
0 data transactions