www.belogo.ch Open in urlscan Pro
213.239.197.61 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://belogo.ch/
Effective URL:
https://www.belogo.ch/
Submission: On October 04 via api (October 4th 2023, 9:29:48 am UTC) from CH — Scanned from CH

Summary HTTP 184 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 7 countries across 30 domains to perform 184 HTTP transactions. The main IP is 213.239.197.61, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.belogo.ch.
TLS certificate: Issued by R3 on August 8th 2023. Valid for: 3 months.

This is the only time www.belogo.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	213.239.197.61 213.239.197.61	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
4 15	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
56	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
8	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	3.123.242.198 3.123.242.198	16509 (AMAZON-02) (AMAZON-02)
4 21	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3 3	37.157.6.232 37.157.6.232	198622 (ADFORM) (ADFORM)
1 1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
3 5	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	23.53.41.88 23.53.41.88	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	18.213.189.173 18.213.189.173	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	23.212.211.126 23.212.211.126	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1 2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1 1	185.196.197.130 185.196.197.130	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
184	24

19 213.239.197.61 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: ic5.nnx.ch

belogo.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.belogo.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.242.198 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-242-198.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.217.18.2 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.232 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::90 (Ulyanovsk, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.53.41.88 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-41-88.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.213.189.173 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-189-173.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.212.211.126 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-126.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.196.197.130 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
77	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 tpc.googlesyndication.com — Cisco Umbrella Rank: 169	865 KB
37	doubleclick.net 8 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	279 KB
19	belogo.ch 1 redirects belogo.ch www.belogo.ch	478 KB
18	gstatic.com fonts.gstatic.com www.gstatic.com	314 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368 www.googleadservices.com — Cisco Umbrella Rank: 178	602 B
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	7 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	411 KB
5	yandex.ru 3 redirects an.yandex.ru — Cisco Umbrella Rank: 4716	1 KB
5	google.com www.google.com — Cisco Umbrella Rank: 11	967 B
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 954	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 906	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1432 r.turn.com — Cisco Umbrella Rank: 6191	869 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 2022	604 B
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 1153	677 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 3511	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 614	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 410	8 KB
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10895	295 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1260	464 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 11243	550 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 8734	612 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 830	776 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1332	716 B
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2902	989 B
1	e-volution.ai rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 12235	233 B
1	bluevoox.com 1 redirects im.bluevoox.com — Cisco Umbrella Rank: 16820	521 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2803	173 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 408	24 KB
1	google.ch www.google.ch — Cisco Umbrella Rank: 18208	408 B
184	30

	Domain	Requested by
56	tpc.googlesyndication.com	googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.belogo.ch pagead2.googlesyndication.com
21	cm.g.doubleclick.net	4 redirects www.belogo.ch googleads.g.doubleclick.net
21	pagead2.googlesyndication.com	www.belogo.ch pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
18	www.belogo.ch	www.belogo.ch
15	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com www.belogo.ch googleads.g.doubleclick.net
12	www.gstatic.com	googleads.g.doubleclick.net
8	www.googleadservices.com	www.belogo.ch googleads.g.doubleclick.net
8	fonts.googleapis.com	www.belogo.ch googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.gstatic.com	fonts.googleapis.com
5	an.yandex.ru	3 redirects
5	www.google.com	www.belogo.ch googleads.g.doubleclick.net tpc.googlesyndication.com
3	c1.adform.net	3 redirects
2	b1sync.zemanta.com	2 redirects
2	sync.teads.tv	1 redirects www.belogo.ch
2	onetag-sys.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	x.bidswitch.net	2 redirects
2	www.google-analytics.com	www.belogo.ch www.google-analytics.com
2	cdnjs.cloudflare.com	www.belogo.ch
1	s.uuidksinc.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	fksnk.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	um.simpli.fi	1 redirects
1	analytics.pangle-ads.com	1 redirects
1	rtb2-useast.e-volution.ai	googleads.g.doubleclick.net
1	im.bluevoox.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	s0.2mdn.net	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.ch	www.belogo.ch
1	stats.g.doubleclick.net	www.google-analytics.com
1	belogo.ch	1 redirects
184	37

This site contains links to these domains. Also see Links.

Domain
plus.google.com
twitter.com

Subject Issuer	Validity	Valid
belogo.ch R3	`2023-08-08` - `2023-11-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-29` - `2023-10-30`	a year	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://www.belogo.ch/
Frame ID: F283BC9B205F85A3A272D222E81C5B64
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20190131/zrt_lookup.html
Frame ID: ECA5BE8F3AD337C1A5977036B6D6A974
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&adk=1812271804&adf=3025194257&lmt=1696404584&plat=2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l&format=0x0&url=https%3A%2F%2Fwww.belogo.ch%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411784042&bpp=22&bdt=582&idt=262&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7558065167283&frm=20&pv=2&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=293
Frame ID: AD621DC749773F68629B375C4FDFE29F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404584&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411784064&bpp=1&bdt=603&idt=274&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KpEeANxoCq&p=https%3A//www.belogo.ch&dtd=277
Frame ID: FE680E85C336845E9194C9203C6E0AA2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2099&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280&nras=3&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=6H6RzbEt6i&p=https%3A//www.belogo.ch&dtd=8
Frame ID: 0DF39162601F9568A5465A9A5CD85806
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=910339894&adf=2484202531&pi=t.aa~a.1977219284~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2098&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=j8DsPvmoS9&p=https%3A//www.belogo.ch&dtd=13
Frame ID: B88E70F31B98F1B0DA798142A091363E
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=40496009&adf=3551923085&pi=t.aa~a.3476897752~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2098&idt=1&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3069&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=MedDQtk9NA&p=https%3A//www.belogo.ch&dtd=17
Frame ID: 58ECF1B94DEF4D3771895EEBFDBE8122
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1D8F9DA92042E045A11A1143925310C8
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1
Frame ID: FCF2F427966885F6BFF733428F37FFB8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1
Frame ID: F9A3B7C0AAF8D0CE210828150F1A7583
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 0439FF7B3494EF854D3AB26301729584
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Frame ID: 8B68F5F122A0C2BC623E3F1A017A3390
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/index.html
Frame ID: 4BC6AE28FBECAFEC9FB23D27FCB7E07E
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Frame ID: E313982C7D50764D3293DFFE53662DDF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Frame ID: A58CBAE6E630AC53A92274F12D9E898D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EA962EEE683645ECBB5FFB385A339106
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Frame ID: D179D9B54C724E9C892E0F6AF9469313
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CC3220CEC26E3F9291941DDDF0F217C3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Frame ID: C7AAA0DA57A912785017766EE525A08A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CEA5C3B0A1977F2063BF71915259B983
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Frame ID: 1866C477EFFB856B98E649B30B5BA6FD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js
Frame ID: 3DD11B10225612C3CEF9F10FD136CDDA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A3042D3AEE64B5914D40FDB2F5D4D4D9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 68A29296E1EC4A78574E1F98CE0C7189
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Beratung-Coaching – bei Kündigung und Sozialhilfe

Page URL History Show full URLs

https://belogo.ch/ HTTP 301
https://www.belogo.ch/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

184
Requests

88 %
HTTPS

51 %
IPv6

30
Domains

37
Subdomains

24
IPs

7
Countries

2410 kB
Transfer

5325 kB
Size

39
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://plus.google.com/b/103748554411321736160/103748554411321736160?pageId=103748554411321736160
Title: G+

Search URL Search Domain Scan URL

URL: https://twitter.com/belogo4you
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://belogo.ch/ HTTP 301
https://www.belogo.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

https://googleads.g.doubleclick.net/pagead/adview?ai=ClPHdiDAdZbKyFradjuwP8tyUkA_chrPLcr7e4KCHEd7H7fG4AhABIO_OsVBg9ZXOgeAEoAGajNXTAsgBCagDAcgDywSqBP8BT9BrsfFKMWvKaKXKPXSjoYodhTinoBgQEh25Ok1ckvRKkQWTwamJaw6Tdh1ENmh-AKgVY0UQbTX8VW-WkkBVB5vQ6H4bhLHyGUgQUXdSQLP6zWGzjMUBw1SbEzvBi-cidpt1q1LGlIQ7tDRmtPRqRkOTgzq9lK2YxjVOgdWyTU-3LaNPiQ-cNkpKdRNVlaBC-p6Q_sbD47J_gjN9yXFz1D2z9MENwkQtvcJIW995aCW9quLvrfrEB8SbC4OkfPNoh-ThYWPot7fjcMaQHfn1J5FAxNugjT5OcdKFgquOnVlF5Ufe3EgVFkm95qYsOJqFN4fb2kjT1TDZnKvT9jcFwATl5Yy8nQSIBb_cwINJkgUECAQYAZIFBAgFGASgBi6AB87zqqwBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQr4ge0ggUCIBhEAEYHzICigI6AoBASL39wTqaCVVodHRwczovL25hbm9zcGFya2xlc2hvcC5jb20vYXV0by9jbGVhbmNhci1jaC5waHA_YWZmSWQ9N0VDOUEzMDImYzE9Y2gmYzI9MTIxNTIwMjFfcm9ugAoByAsB2gwQCgoQkP74j539uM84EgIBA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi04ODY0Mzg4NDkwMjQ5MDMyGAA&sigh=DHJDh2X9J1Q&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaN_soRVeDBRsz2EW8BUqLF2EFYUh5AqyEW50rchzP6IGqVX7lC9J0rewRC1DH-1_mnnBEU-HU9O154z0G9cw0AXsT_4OdxuRgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf0c7fd75a350abc60000000000000000%22,%222%22:%220x9f816f2679d938ba0000000000000000%22,%223%22:%220x53489a85791f0f330000000000000000%22,%224%22:%220xa08c4044bf7deae40000000000000000%22,%225%22:%220xcc6c65951a31d8b00000000000000000%22},%22debug_key%22:%222694653693655961104%22,%22debug_reporting%22:true,%22destination%22:%22https://nanosparkleshop.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22712328730%22],%224%22:[%2210-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222246691392356288993%22}&andc=true

Request Chain 116

https://googleads.g.doubleclick.net/pagead/adview?ai=ChYFmiTAdZcrEJKHI3gPayamACaea_Phy4KeSmtsR3Yynva0CEAEg786xUGD1lc6B4ASgAbLjtKEDyAEJqQJR6kGdDTGyPqgDAcgDywSqBIMCT9AI3bdpvsMNWQi4gwmNO2ELQqd6hash9XMRT2gJ1EauyXPbtyxM8qQmQi3u3aT7cer7BcSc3d7ioXg0kW1KG_7Nw9jG5dtBcVGEZxwf-P4nb-ZQoWvMjeK5KWhe7IjG9jDv7XtMveWK0xjpECbfw9UrXEYIxyafu_-K3tJi8eutFP-hPFiYYFTyMmECdV0mrTWcIjFN2D1bsQzoh-F8bvbDuUXGmHTFVHwiUeGtC9yw-Wm-q_vDHEd4zpsRtTiI8tIrL1gemQqjLNLbjf8QLQrX2gzpYPd7HT9LAvTnOs73NfKlnxDEd9WOZuOSgWdVFwBJQeiYD1RUjFgdVHda-bSyiMAExIbwgc8EiAXN0-TBTJIFBAgEGAGSBQQIBRgEoAYugAe2nMteqAeQrLECqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ4YZ80ggUCIBhEAEYHzICigI6AoBASL39wTqaCR5odHRwczovL2syYmlzdHJvLmNoL2syLXBvcC11cC-ACgHICwHaDBEKCxDQ1-rFicPZuo8BEgIBA9gTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04ODY0Mzg4NDkwMjQ5MDMyGAA&sigh=cBQ5k-_mUSg&uach_m=[UACH]&ase=2&cid=CAQSOwDICaaNdP1xu8JaZaGmAGakhM3PNQyBEvsmABbwHwpeR81Vu-jqVAitVbzVwxoLo0mfMvt-Wl0S9QyZGAE&template_id=5000&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcfc44c98fbf267370000000000000000%22,%222%22:%220x2e5eeaf910cc89870000000000000000%22,%223%22:%220xc624bafb0785b7f80000000000000000%22,%224%22:%220x34f27cb9d048b1cd0000000000000000%22,%225%22:%220x802a7038ca3408c90000000000000000%22},%22debug_key%22:%2211551604343259840443%22,%22debug_reporting%22:true,%22destination%22:%22https://k2bistro.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22875377074%22],%224%22:[%2210-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210958392217573535969%22}&andc=true

Request Chain 131

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ_JpGGD_SML1b5GrR07H5g&google_cver=1&google_push=AXcoOmR-vzX96Zuwuyr7otwEim8H9vRlZXjdVGlmwgmpzMMleaoV92nFL1Mrk9YQPQXFw9DEQJFquviYPZooWI1F3ePa3XLwMRQWlU_F HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJ_JpGGD_SML1b5GrR07H5g&google_cver=1&google_push=AXcoOmR-vzX96Zuwuyr7otwEim8H9vRlZXjdVGlmwgmpzMMleaoV92nFL1Mrk9YQPQXFw9DEQJFquviYPZooWI1F3ePa3XLwMRQWlU_F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR-vzX96Zuwuyr7otwEim8H9vRlZXjdVGlmwgmpzMMleaoV92nFL1Mrk9YQPQXFw9DEQJFquviYPZooWI1F3ePa3XLwMRQWlU_F&google_hm=mcPDSfRdQtibe4hOzILWVA==

Request Chain 132

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBPuVPKpeCSep5-okcOQH3o&google_cver=1&google_push=AXcoOmRgXtE64yJfURkab2Bzth_gzLZX6_w8D9gO5NlSlN8gvWB4GXkVlqhpr5G1fWEC3yWPnzp8c3Z8MuyKzjNK5BonXPPK3nLZHh4u HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBPuVPKpeCSep5-okcOQH3o&google_cver=1&google_push=AXcoOmRgXtE64yJfURkab2Bzth_gzLZX6_w8D9gO5NlSlN8gvWB4GXkVlqhpr5G1fWEC3yWPnzp8c3Z8MuyKzjNK5BonXPPK3nLZHh4u HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgyMDMwODg2NTg1MjkxODMz&google_push=AXcoOmRgXtE64yJfURkab2Bzth_gzLZX6_w8D9gO5NlSlN8gvWB4GXkVlqhpr5G1fWEC3yWPnzp8c3Z8MuyKzjNK5BonXPPK3nLZHh4u

Request Chain 133

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEMDLVRNOAciw0TgfGy4i3zk&google_cver=1&google_push=AXcoOmQb7_yooC-Tw8EcwPUPTEbRlEkDXcuyD6GxPs6T8Dl6xHeMPGUnbc68vko5C_E5Qx9czWwNbTvmHdAYUtLFxyfr7laYVt_vqANK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQb7_yooC-Tw8EcwPUPTEbRlEkDXcuyD6GxPs6T8Dl6xHeMPGUnbc68vko5C_E5Qx9czWwNbTvmHdAYUtLFxyfr7laYVt_vqANK&google_hm=QlMuOTI2Mi0zZGU3LTRmNWYtYmQ5OQ==

Request Chain 135

https://an.yandex.ru/mapuid/google/CAESED9mAd9KxzDk2Ywjf3XiwIA?ext-param=AXcoOmS_DAopTPRSZZKgQn5HoT-p0ym6fYnoWqedP5c0MHNxFz-xkom2Ep-rEy3xxQvXXZ7ad_ppc8BexthSXUDIfsp9hFtzavPU3uy2Zw&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESED9mAd9KxzDk2Ywjf3XiwIA?redir-setuniq=1&ext-param=AXcoOmS_DAopTPRSZZKgQn5HoT-p0ym6fYnoWqedP5c0MHNxFz-xkom2Ep-rEy3xxQvXXZ7ad_ppc8BexthSXUDIfsp9hFtzavPU3uy2Zw&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESED9mAd9KxzDk2Ywjf3XiwIA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 136

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAyZMz2CPPds9qhaIKTc7Ew&google_cver=1&google_push=AXcoOmR-ctwlBRtKTkJ9u3s5At5AHOFvLtJSqu5FJlDAZGcrq-sgg123uLvVIOdjuEiSCEAPFTJ-QiZ7KKCntPdwNKcsVm5o_QHZHW6gnQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR-ctwlBRtKTkJ9u3s5At5AHOFvLtJSqu5FJlDAZGcrq-sgg123uLvVIOdjuEiSCEAPFTJ-QiZ7KKCntPdwNKcsVm5o_QHZHW6gnQ

Request Chain 147

https://um.simpli.fi/gp_match?google_gid=CAESEDNk_x2EoH4g10MijRiMheM&google_cver=1&google_push=AXcoOmRD8w9rmxxM4AzIGh08z5RONOMZVcvI7oBY5IqXDW7TQ4BdZCFUXKJY56KIJEo0BPbHLzI9yPd4AsxZkaL2EsYGw8s4QJRFJg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4353F35E52924D5C82FCB497561B6210&google_push=AXcoOmRD8w9rmxxM4AzIGh08z5RONOMZVcvI7oBY5IqXDW7TQ4BdZCFUXKJY56KIJEo0BPbHLzI9yPd4AsxZkaL2EsYGw8s4QJRFJg

Request Chain 148

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESECwCHnNovmB6eqcB4vp1JCU&google_cver=1&google_push=AXcoOmQxrVNb1nUSQhAn6YbMDZgkFmn9Yg0aJxo-b6rnYKqMCKoxWfH7c0vou4o_--aEgIZsuTMjbJwGyTswx9hVUIwP086FspxRAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQxrVNb1nUSQhAn6YbMDZgkFmn9Yg0aJxo-b6rnYKqMCKoxWfH7c0vou4o_--aEgIZsuTMjbJwGyTswx9hVUIwP086FspxRAA

Request Chain 149

https://fksnk.com/cs/google?google_gid=CAESELTj76lNG4cHc14yidZwTiA&google_cver=1&google_push=AXcoOmQCLa37rr5E_a-b9mkux4-6Nny7J_5bVln2qYpCzgjWeJ-4bbk9UpiJ4lsHyUJIPLcB9k66jQMBwoaXSSFboLOe9oUTUazv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=REIwRTc0ODY5NjZCNzYxRA==

Request Chain 150

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGK0QoZl3erRM9YQKBCVkGo&google_cver=1&google_push=AXcoOmSpq2CAWrK3T2z9h6tDjtKcGQwFWleKkb_QVBYHiie1UqZhob0mfnl1y7I7cK6jfOg9Ghj8M24ctPN52iOB27ZfUXvpfsTACg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=I2BaSS-SQzUgcM2bsI8liw&google_push=AXcoOmSpq2CAWrK3T2z9h6tDjtKcGQwFWleKkb_QVBYHiie1UqZhob0mfnl1y7I7cK6jfOg9Ghj8M24ctPN52iOB27ZfUXvpfsTACg

Request Chain 151

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQnHLbogNQnOEsxXKpFuawFqRbYeKg3y_X71oaKQ1H71lk05gveMsejHw0ok0XSMK7Z2VMSmEdHU0ufPWZI1KUYyVLg4-HWAg&google_gid=CAESEP_crS2ANKXoovSQg_RZvOk&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQnHLbogNQnOEsxXKpFuawFqRbYeKg3y_X71oaKQ1H71lk05gveMsejHw0ok0XSMK7Z2VMSmEdHU0ufPWZI1KUYyVLg4-HWAg&google_gid=CAESEP_crS2ANKXoovSQg_RZvOk&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEwMDQwOTI5NDcwMDAxMzQzODY5NzY1MQ%3D%3D&google_push=AXcoOmQnHLbogNQnOEsxXKpFuawFqRbYeKg3y_X71oaKQ1H71lk05gveMsejHw0ok0XSMK7Z2VMSmEdHU0ufPWZI1KUYyVLg4-HWAg

Request Chain 152

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIH3w6Ho0mi9y8RuYk5DhjY&google_cver=1&google_push=AXcoOmSE_GIeaflhvyRzy1VlLRYJj93Hsl0qji-AcpjgSuSLpmtqPxYrv1JIUfqR-7EsHPD_nE_Z4uS_8VaR6UDGIOjW83LAbSXDAg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSE_GIeaflhvyRzy1VlLRYJj93Hsl0qji-AcpjgSuSLpmtqPxYrv1JIUfqR-7EsHPD_nE_Z4uS_8VaR6UDGIOjW83LAbSXDAg

Request Chain 153

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEO8ADIaJn9vdpz8Gh-ONlnE&google_cver=1&google_push=AXcoOmT4V_HomqA87yERsN9roQq-wN6RSqLOZujB6gT5pK3YbT6jAQXpR8N1YXoHH9mwSaASPxFfmcAQZ9tdzovIdWvmCuuShOoLtA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NDg1OTgxMzYtOWM0Ni00NzkzLTkyNWUtNjAxNThiYWI0ZTI5&google_push=AXcoOmT4V_HomqA87yERsN9roQq-wN6RSqLOZujB6gT5pK3YbT6jAQXpR8N1YXoHH9mwSaASPxFfmcAQZ9tdzovIdWvmCuuShOoLtA HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 155

https://googleads.g.doubleclick.net/pagead/adview?ai=CWU52iTAdZfTdJP2GjuwPs8qq6Ae5mbujc4mC6-ueEtvZHhABIO_OsVBg9ZXOgeAEoAH48_XOKcgBCakCKJVSx_xNjj6oAwHIA8sEqgSOAk_QJUSfdAK7PuXAVkm4Kh_1TEqUrR7tuvF9LN99XagugZ3JWaTk3OJ4Xlc_EClxXwtVlm9RKrTnwZe353orY8CbmjfWPIFfi-A6GWwTgu85YoWMuprCyWkwyALXDP3eOxOuvyuKAJXE_drcN1CRP34jZoCBcNglyPyHixqn5yMcWb1n2oGviDug3C0dbNmqZ2FIJOpOXxemJ7G3hMhxsLgJx94d3weX4ezyv7GtEAruv-0SunyRMjV0boJP0_tPOAAgzCFFHWoYlD6ymzKf_HdUAYCFY_jZ1Q6mrte3fqIGtbL6akWUtGpC2lzyY501jFNvyyEcA9g6HmIJtg3gimJlDBMI-7-QbR_1DrK1C8AE_7G31sUEiAWjlIGbTJIFBAgEGAGSBQQIBRgEoAYugAf4q8auBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPutItIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgleaHR0cHM6Ly9kcmhhdXNtZWlzdGVyLmNvbS9kaWUtaW4tYXBwLXNtYXJ0LWhvbWUtc3RldWVydW5nLXZvbi1hbGV4YS13dXJkZS1nZXJhZGUtdWJlcmFyYmVpdGV0L4AKAcgLAdoMEQoLEJChz76SyKOW_AESAgEDuBPkA9gTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi04ODY0Mzg4NDkwMjQ5MDMyGAA&sigh=w1fNaF7IqBg&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNWTr1WZgQwQtuOzO51YczURc1Cinm80u-VdEHO01OLD1CeCrxBZ65gsaMEQOyyzBeZv59Plt9GAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf0fe59c91a7ed19a0000000000000000%22,%222%22:%220x2214dfa036f9439e0000000000000000%22,%223%22:%220xeec056669cf4b3d80000000000000000%22,%224%22:%220x6ea7d609048f31260000000000000000%22,%225%22:%220x5b1461af9634db90000000000000000%22},%22debug_key%22:%2217645384148658273458%22,%22debug_reporting%22:true,%22destination%22:%22https://drhausmeister.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211171363320%22],%224%22:[%2210-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218225023473762066145%22}&andc=true

Request Chain 165

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKCqMjNjdnF0IHmKNEMnoqc&google_cver=1&google_push=AXcoOmRVxZaVktRplkiwULRQn1QU_k2T7vXCh_xg8t3pMsYFpcauauj71JiRv64eRrKsQUkHDQ3ofrxv1-QPtPOlha3-FqZaZ0RlOH8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzU0NzY5MTkwMjQ2MzI2MjAwMA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKCqMjNjdnF0IHmKNEMnoqc&google_cver=1

Request Chain 167

https://s.uuidksinc.net/match/47/?remote_uid=CAESEDPVlbvQdZl5611fctDAZJk&c_param1=AXcoOmQESYYBmyXMxPnClf_LGzXVYGLwxfQEvyVTEbQfT5MCrZ8X8kYxarqwD4WrQcQRDQJAuo554gjzw2VzHUqUXrPAsuNjFZiTRTdK&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQESYYBmyXMxPnClf_LGzXVYGLwxfQEvyVTEbQfT5MCrZ8X8kYxarqwD4WrQcQRDQJAuo554gjzw2VzHUqUXrPAsuNjFZiTRTdK

Request Chain 168

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB9D-UPQU_FbU4TCIIip7c0&google_cver=1&google_push=AXcoOmTt6U6DN_CGtiAF_j_NJrIH5TjLpEBKy9LmZmY6zz8ieKw2xWAoxauDu3UWwmbthSB4CVRArF05JYZc8UrzgXzS2XwvcCQtmnQW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgyMDMwODg2NTg1MjkxODMz&google_push=AXcoOmTt6U6DN_CGtiAF_j_NJrIH5TjLpEBKy9LmZmY6zz8ieKw2xWAoxauDu3UWwmbthSB4CVRArF05JYZc8UrzgXzS2XwvcCQtmnQW

Request Chain 169

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENNKryAX0PlF_CMGMo6TJuA&google_cver=1&google_push=AXcoOmSMMoLNlHivutAywhgIx9iNO5GDIz-lVsjozM6ZmrvQtFx-u_SQn-2ah3VKpgkR7pDLZjuwIGbgvXNpKlLgnNUGSFrKhIUswyMA HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENNKryAX0PlF_CMGMo6TJuA&google_push=AXcoOmSMMoLNlHivutAywhgIx9iNO5GDIz-lVsjozM6ZmrvQtFx-u_SQn-2ah3VKpgkR7pDLZjuwIGbgvXNpKlLgnNUGSFrKhIUswyMA&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSMMoLNlHivutAywhgIx9iNO5GDIz-lVsjozM6ZmrvQtFx-u_SQn-2ah3VKpgkR7pDLZjuwIGbgvXNpKlLgnNUGSFrKhIUswyMA&google_hm=Wk55Z2k2R3h2UnhwdFp5NzFpcDc=

Request Chain 170

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELFOF-D0WSVP_LcdNEZ0Huc&google_cver=1&google_push=AXcoOmTBkIE7cuSEala_GrNQJSj4cSt_fwz_oEzfc67E139QNG9umnz9Z9YSQo1VIb7hBtFXMDDUw-sHpVgntFN-YIBJCsZnRf6ZFSqG HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTBkIE7cuSEala_GrNQJSj4cSt_fwz_oEzfc67E139QNG9umnz9Z9YSQo1VIb7hBtFXMDDUw-sHpVgntFN-YIBJCsZnRf6ZFSqG

Request Chain 171

https://an.yandex.ru/mapuid/google/CAESEBbog6nunttfRPFPGGDwSdk?ext-param=AXcoOmQH_wSIOr59yOxOBo4RpZ4y0BFQPIgKgBio6390HRkom8VJGjah_y6D03aio6z_8dw6BA31-sgFYxsREqIEE0IiZeMoxWTe5pxrYQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEBbog6nunttfRPFPGGDwSdk&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 173

https://googleads.g.doubleclick.net/pagead/adview?ai=Cj8mwiTAdZZ7oJOOzjuwP2tibkArmlbq5bMXduOG1EGQQASDvzrFQYPWVzoHgBKABytq36gLIAQmpAp-bbFKUM7I-qAMByAPLBKoE_QFP0H1FXoQTU7xxTRWcWFyEhdrljeFPDp5nVgg3eZhk8UGjSuUeIrkwqDza2Uwz8HRrJ41FkjWLIINukvLbDLizKbn4nukE_u51opArZSwuLnghzbK3J1o7fr-n8Zu0XCCdaPUwx2WNV137MIS5EHCDVqwx8zf745ik8afE9nBG5HJdgEOFkbx8DYfWOwl2zTyR6EE1trdAWTHF80W0AhGY4lNLVstsNMi6EL8zJtU31DyGqD1kWKLKhKVCluXrewEesLhO99vmXVZ5DgSTnFZ1I_Aq-V9C0cIkSmrMf7iuO2HE7OVIzKKgeesYIGjrwVBvv2M3KKIMoTTjETxJwASO-_7ZlQSIBc3xva5EkgUECAQYAZIFBAgFGASgBi6AB56lyJUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQtscW0ggUCIBhEAEYHzICigI6AoBASL39wTqaCSxodHRwczovL3d3dy50ZWxlcHNraS10cmV1aGFuZC5jaC9hbWF6b24tZmJhL4AKAcgLAdoMEQoLEPCuoP-wyf_r9wESAgED2BMNiBQD0BUBgBcBshccChoIABIUcHViLTg4NjQzODg0OTAyNDkwMzIYAA&sigh=vh1Kas9IfUw&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNahIWYp_A66gsaFnirZxoSUQh22JrI9Ztwpicc_4tFi-QiNhe8w8Yjcny5iUCjgIokXXXbJ6TGAE&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x95f04b04e1c066ce0000000000000000%22,%222%22:%220x8e12cc2ec76095190000000000000000%22,%223%22:%220xa7b2656f57dfb6900000000000000000%22,%224%22:%220xcde537942f6419a60000000000000000%22,%225%22:%220xaf7dc5c9465131300000000000000000%22},%22debug_key%22:%2217178879929736268608%22,%22debug_reporting%22:true,%22destination%22:%22https://telepski-treuhand.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22760081738%22],%224%22:[%2210-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223302909064296342225%22}&andc=true

184 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.belogo.ch/
Redirect Chain

https://belogo.ch/
https://www.belogo.ch/

13 KB
4 KB

66ms
32ms

Document
text/html

213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belogo.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: b9791dee785d0a53b0ebe862e242f1439c051196af0dbe1b165011507d0c717b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=604800
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 04 Oct 2023 09:29:43 GMT
expires: Wed, 11 Oct 2023 09:29:43 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

content-length: 178
content-type: text/html
date: Wed, 04 Oct 2023 09:29:43 GMT
location: https://www.belogo.ch/
server: nginx

GET
H2 200 main.css
www.belogo.ch/assets/css/ 55 KB
55 KB 55ms
54ms Stylesheet
text/css 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belogo.ch/assets/css/main.css
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: 6b12db406576f6b3434858ec7e3c313e22dbd51217941d8e07da64433ff78728

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:34 GMT
server: nginx
accept-ranges: bytes
etag: "6348671e-dac1"
content-length: 56001
content-type: text/css

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
2 KB 76ms
28ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7652602
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 975
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ft7GMrP0BWsGCVCbUDUTe2Fse8yiP01%2FmIGwU2p1A4oSA%2Fl%2Fs9rPg8ssHU%2BjwSjDgsCEVOpLT0EMJydRxLoyPPE%2BTBwSG2GP%2BzfK7bbASFfKdzuaoJnloAM86UGcaAuUPQFyNXScxFo268pM6nlkBhcj"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 810c66eefb9c3c87-CDG
expires: Mon, 23 Sep 2024 09:29:43 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
6 KB 82ms
34ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2362029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5979
last-modified: Thu, 22 Jun 2023 10:57:54 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942932-175b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBd%2BXqV7yhJ2olX7AEz0TqfNDhavm5nusXPDU%2Bq8mhC6jhlBDAABKrK4lRkShOgZDIEkn%2BtIX9FhiSX3gbp6yVUFUEpx%2FrOSPkxGX%2FJDLGjzG0i0wDonH2Ql%2FHmfbA%2BgbFGpQ%2Bs2ngpuvNzM52XQUCrK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 810c66ef0b9f3c87-CDG
expires: Mon, 23 Sep 2024 09:29:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 131ms
80ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58cdf374bc131964b32b809c22ab1a3ef67603adc79b77ec994da92964267d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50816
x-xss-protection: 0
server: cafe
etag: 15932573060674431423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 09:29:43 GMT

GET
H2 200 logo.png
www.belogo.ch/images/ 474 B
595 B 29ms
28ms Image
image/png 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belogo.ch/images/logo.png
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: 15dc3ec728059bc225377d6ba898e86c7875f13b6607abfaef87b89eeed62533

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:41 GMT
server: nginx
accept-ranges: bytes
etag: "63486725-1da"
content-length: 474
content-type: image/png

GET
H2 200 Logo-weiss.png
www.belogo.ch/images/ 4 KB
4 KB 30ms
29ms Image
image/png 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belogo.ch/images/Logo-weiss.png
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: 596723006f79d2f6b92d260593594771b3f2bdda67605e11b9f804bc3fa68e76

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:41 GMT
server: nginx
accept-ranges: bytes
etag: "63486725-e17"
content-length: 3607
content-type: image/png

GET
H2 200 startup.jpg
www.belogo.ch/images/ 11 KB
11 KB 30ms
29ms Image
image/jpeg 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belogo.ch/images/startup.jpg
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: 3d6e57ecf184d9aba744af4de5a99f0804348b87085fb6355fc4ca35e2982641

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:43 GMT
server: nginx
accept-ranges: bytes
etag: "63486727-2b05"
content-length: 11013
content-type: image/jpeg

GET
H2 200 team-k.jpg
www.belogo.ch/images/ 55 KB
55 KB 35ms
35ms Image
image/jpeg 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belogo.ch/images/team-k.jpg
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: a1478f32148ae7e7c5ead563a2d2b4576728e3e34ac0093bdf142723611a6f5b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:43 GMT
server: nginx
accept-ranges: bytes
etag: "63486727-dc79"
content-length: 56441
content-type: image/jpeg

GET
H2 200 jquery.min.js Show response
www.belogo.ch/assets/js/ 94 KB
94 KB 28ms
28ms Script
application/javascript 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belogo.ch/assets/js/jquery.min.js
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:35 GMT
server: nginx
accept-ranges: bytes
etag: "6348671f-176d5"
content-length: 95957
content-type: application/javascript

GET
H2 200 jquery.scrollex.min.js Show response
www.belogo.ch/assets/js/ 2 KB
2 KB 27ms
27ms Script
application/javascript 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belogo.ch/assets/js/jquery.scrollex.min.js
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: acc48ffb07316007622f24af9f0bb81ad3cfcabe3531e3bcc7bbc6a6ce9c8096

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:35 GMT
server: nginx
accept-ranges: bytes
etag: "6348671f-8d0"
content-length: 2256
content-type: application/javascript

GET
H2 200 jquery.scrolly.min.js Show response
www.belogo.ch/assets/js/ 830 B
960 B 27ms
27ms Script
application/javascript 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belogo.ch/assets/js/jquery.scrolly.min.js
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: 08d27f460466e4b36d9eb2cfef27e442ca206f87d6cbb157f98c16704c999a2a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:35 GMT
server: nginx
accept-ranges: bytes
etag: "6348671f-33e"
content-length: 830
content-type: application/javascript

GET
H2 200 skel.min.js Show response
www.belogo.ch/assets/js/ 9 KB
9 KB 29ms
27ms Script
application/javascript 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belogo.ch/assets/js/skel.min.js
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: afa9ae8eec6cb530d00256d71c700f9f0d72d298bd50f3af7f4450aa9aed2c98

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:35 GMT
server: nginx
accept-ranges: bytes
etag: "6348671f-237c"
content-length: 9084
content-type: application/javascript

GET
H2 200 util.js Show response
www.belogo.ch/assets/js/ 6 KB
6 KB 29ms
28ms Script
application/javascript 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belogo.ch/assets/js/util.js
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: a6c7a302569d54495823de9410cb5262a1d989fcd3478114213fdbd46ced17b6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:36 GMT
server: nginx
accept-ranges: bytes
etag: "63486720-1940"
content-length: 6464
content-type: application/javascript

GET
H2 200 main.js Show response
www.belogo.ch/assets/js/ 1 KB
1 KB 29ms
28ms Script
application/javascript 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belogo.ch/assets/js/main.js
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: 8afe4aa2b118972a42265fb5f142d3de524e9ca057c290b89ccd11c69d1417ae

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:35 GMT
server: nginx
accept-ranges: bytes
etag: "6348671f-568"
content-length: 1384
content-type: application/javascript

GET
H2 200 font-awesome.min.css
www.belogo.ch/assets/css/ 28 KB
29 KB 28ms
27ms Stylesheet
text/css 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belogo.ch/assets/css/font-awesome.min.css
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/assets/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:33 GMT
server: nginx
accept-ranges: bytes
etag: "6348671d-7187"
content-length: 29063
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 75ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,800,800italic

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/assets/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5031c96da1493f299e17a2b8ae0ee2bec99ceac01036a14748e602ec669d903b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 09:29:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 09:19:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 09:29:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 67ms
19ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 07:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6322
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 04 Oct 2023 09:44:21 GMT

GET
H2 200 handshake.jpg
www.belogo.ch/images/ 133 KB
133 KB 31ms
31ms Image
image/jpeg 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belogo.ch/images/handshake.jpg
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/assets/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: ce87d49c5ebcfd5021d28b24ef1aff53b39586ffcfc19e90a4e5df37c990484d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:41 GMT
server: nginx
accept-ranges: bytes
etag: "63486725-214d3"
content-length: 136403
content-type: image/jpeg

GET
H2 200 bars.svg
www.belogo.ch/assets/css/images/ 396 B
520 B 41ms
41ms Image
image/svg+xml 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belogo.ch/assets/css/images/bars.svg
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/assets/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: 13d2265891cb867ce6cf28a52d35903dc2ec32fc0c397cd549019c968c699338

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:37 GMT
server: nginx
accept-ranges: bytes
etag: "63486721-18c"
content-length: 396
content-type: image/svg+xml

GET
H2 200 arrow.svg
www.belogo.ch/assets/css/images/ 401 B
525 B 42ms
41ms Image
image/svg+xml 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belogo.ch/assets/css/images/arrow.svg
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/assets/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: c00d6a20e82456c029bfb39e97da8b5857d9d70d1dab2d89ebea1d5c7f0afd08

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:37 GMT
server: nginx
accept-ranges: bytes
etag: "63486721-191"
content-length: 401
content-type: image/svg+xml

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 68ms
19ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,600italic,800,800italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.belogo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 486804
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Sep 2024 18:16:19 GMT

GET
H2 200 fontawesome-webfont.woff2
www.belogo.ch/assets/fonts/ 70 KB
70 KB 27ms
27ms Font
application/octet-stream 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.belogo.ch/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/assets/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://www.belogo.ch/assets/css/font-awesome.min.css
Origin: https://www.belogo.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:35 GMT
server: nginx
accept-ranges: bytes
etag: "6348671f-118d8"
content-length: 71896
content-type: application/octet-stream

GET
H2 200 close.svg
www.belogo.ch/assets/css/images/ 357 B
482 B 28ms
27ms Image
image/svg+xml 213.239.197.61
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.belogo.ch/assets/css/images/close.svg
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/assets/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.239.197.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ic5.nnx.ch
Software: nginx /
Resource Hash: 519f4557b31789e9d9a8891d01b2c00d7a4b029b58aa31e464dfbb7e9000ebed

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/assets/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:43 GMT
last-modified: Thu, 13 Oct 2022 19:29:37 GMT
server: nginx
accept-ranges: bytes
etag: "63486721-165"
content-length: 357
content-type: image/svg+xml

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 26ms
26ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=309146355&t=pageview&_s=1&dl=https%3A%2F%2Fwww.belogo.ch%2F&ul=en-us&de=UTF-8&dt=Beratung-Coaching%C2%A0%E2%80%93%20bei%20K%C3%BCndigung%20und%20Sozialhilfe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1570301060&gjid=572947675&cid=1718403013.1696411784&tid=UA-88371956-1&_gid=225635729.1696411784&_r=1&_slc=1&z=1517259599

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.belogo.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.belogo.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 317ms
31ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-88371956-1&cid=1718403013.1696411784&jid=1570301060&gjid=572947675&_gid=225635729.1696411784&_u=IEBAAEAAAAAAACAAI~&z=1274406248

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.belogo.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 04 Oct 2023 09:29:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.belogo.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/ 379 KB
129 KB 110ms
109ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/show_ads_impl_fy2021.js?bust=31078421

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efb1ad68e78e61552f46a04c90a2eed8cc18f2683d03143590105642c988ac88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131631
x-xss-protection: 0
server: cafe
etag: 13184362479263647926
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 09:29:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231002/r20190131/ Frame ECA5 10 KB
5 KB 70ms
22ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231002/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.belogo.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 51468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 Oct 2023 19:11:56 GMT
etag: 2603938475786422795
expires: Tue, 17 Oct 2023 19:11:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 81ms
30ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-88371956-1&cid=1718403013.1696411784&jid=1570301060&_u=IEBAAEAAAAAAACAAI~&z=1208347715

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
408 B 82ms
31ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-88371956-1&cid=1718403013.1696411784&jid=1570301060&_u=IEBAAEAAAAAAACAAI~&z=1208347715

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
602 B 79ms
27ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.belogo.ch&callback=_gfp_s_&client=ca-pub-8864388490249032

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/show_ads_impl_fy2021.js?bust=31078421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f3e7e4687148d9b184dedbd7f244139334a700568fdfd952e54c8a465e3acd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AD62 504 KB
94 KB 1125ms
1124ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&adk=1812271804&adf=3025194257&lmt=1696404584&plat=2%3A16777216%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x945_l&format=0x0&url=https%3A%2F%2Fwww.belogo.ch%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411784042&bpp=22&bdt=582&idt=262&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7558065167283&frm=20&pv=2&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=293

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/show_ads_impl_fy2021.js?bust=31078421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0aac8c089d16d95d70093cae3086b56dda9c9acbadbb8e178982b72c58f73a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.belogo.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 95792
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 09:29:45 GMT
expires: Wed, 04 Oct 2023 09:29:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=header&cls=alt&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE68 124 KB
42 KB 1230ms
1229ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404584&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411784064&bpp=1&bdt=603&idt=274&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KpEeANxoCq&p=https%3A//www.belogo.ch&dtd=277

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/show_ads_impl_fy2021.js?bust=31078421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f69e4d9cc1af1097299a101658f148802312d8729e62e692c3a4e6972d1d4ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.belogo.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 09:29:45 GMT
expires: Wed, 04 Oct 2023 09:29:45 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/ 154 KB
53 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/reactive_library_fy2021.js?bust=31078421

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/show_ads_impl_fy2021.js?bust=31078421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

184677597efe3e9cca3b6743119d49e675395131de577d056ab43c2961681073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53745
x-xss-protection: 0
server: cafe
etag: 17389890031572962627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 Oct 2023 09:29:45 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0DF3 113 KB
40 KB 853ms
853ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2099&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280&nras=3&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=6H6RzbEt6i&p=https%3A//www.belogo.ch&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/show_ads_impl_fy2021.js?bust=31078421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2856eb5f210716db027cd2f44fbaf05b50fa65df0330847e528f2cb4bf731991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.belogo.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40836
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 09:29:46 GMT
expires: Wed, 04 Oct 2023 09:29:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B88E 121 KB
40 KB 836ms
834ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=910339894&adf=2484202531&pi=t.aa~a.1977219284~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2098&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=j8DsPvmoS9&p=https%3A//www.belogo.ch&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/show_ads_impl_fy2021.js?bust=31078421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a8f548a36437ec684a0dab93a1a5f2c4d4fae8b5f8880629b20fe35bd718c55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.belogo.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41188
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 09:29:46 GMT
expires: Wed, 04 Oct 2023 09:29:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 58EC 126 KB
42 KB 1106ms
1104ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=40496009&adf=3551923085&pi=t.aa~a.3476897752~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2098&idt=1&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3069&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=MedDQtk9NA&p=https%3A//www.belogo.ch&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/show_ads_impl_fy2021.js?bust=31078421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04e482fe797af14d41a4a9782b64a26f1706b637cb1bf823031e60e62bc7cabb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.belogo.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43105
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 09:29:46 GMT
expires: Wed, 04 Oct 2023 09:29:46 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame FE68 14 KB
1 KB 35ms
33ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404584&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411784064&bpp=1&bdt=603&idt=274&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=KpEeANxoCq&p=https%3A//www.belogo.ch&dtd=277

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 09:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 07:38:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 09:29:45 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame FE68 2 KB
973 B 80ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:22:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:22:24 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/ Frame FE68 23 KB
9 KB 73ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:20:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:20:39 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame FE68 3 KB
1 KB 79ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:35:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 07:35:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame FE68 20 KB
9 KB 79ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:21:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE68 187 KB
59 KB 79ms
33ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 09:29:45 GMT

GET
H2 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame FE68 36 KB
15 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 20:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 20:38:48 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8779234885790862255/ Frame FE68 29 KB
30 KB 89ms
49ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8779234885790862255/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0d2622f2ba7aa4bd0c7459cd76fa0f86b0e8d1fc0c6510ab5a0b973b8811f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:09:03 GMT
x-content-type-options: nosniff
age: 76842
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30186
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 00:23:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Oct 2024 12:09:03 GMT

GET
DATA 200
OK truncated
/ Frame FE68 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FE68 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/ Frame 1D8F 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/show_ads_impl_fy2021.js?bust=31078421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.belogo.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 6623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 07:39:22 GMT
etag: 2603938475786422795
expires: Wed, 18 Oct 2023 07:39:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/ Frame FCF2 10 KB
4 KB 34ms
33ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/show_ads_impl_fy2021.js?bust=31078421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.belogo.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 6623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 07:39:22 GMT
etag: 2603938475786422795
expires: Wed, 18 Oct 2023 07:39:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/ Frame F9A3 10 KB
4 KB 33ms
33ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/show_ads_impl_fy2021.js?bust=31078421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.belogo.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 6623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 07:39:22 GMT
etag: 2603938475786422795
expires: Wed, 18 Oct 2023 07:39:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 1D8F 4 KB
671 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 09:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 07:39:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 09:29:45 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1D8F 205 B
520 B 26ms
23ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 21:19:32 GMT
x-content-type-options: nosniff
age: 216613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 30 Sep 2024 21:19:32 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1D8F 604 B
697 B 26ms
24ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:34:53 GMT
x-content-type-options: nosniff
age: 345292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 29 Sep 2024 09:34:53 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/elements/html/ Frame 1D8F 15 KB
7 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 04:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 6101707970674548951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 04:48:46 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/elements/html/ Frame 1D8F 20 KB
8 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:54:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 11420928434021954480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:54:50 GMT

GET
DATA 200
OK truncated
/ Frame FE68 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c851aa30c092c6e5c219edede0d8c8eb6b9a738c5055987a0081302bd8a41f0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame FCF2 6 KB
706 B 28ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 09:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 07:41:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 09:29:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame FCF2 2 KB
892 B 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:22:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:22:24 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/ Frame FCF2 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:20:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:20:39 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame FCF2 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:35:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 07:35:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame FCF2 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:21:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FCF2 187 KB
59 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 09:29:45 GMT

GET
H3 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame FCF2 37 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:58:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 14:58:47 GMT

GET
H3 200 88cf7d8f92971695aa333eeba8ca195d.js Show response
www.gstatic.com/mysidia/ Frame F9A3 9 KB
4 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/88cf7d8f92971695aa333eeba8ca195d.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:58:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3923
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 14:58:47 GMT

GET
H3 200 e68f8ec74926968a541734be8897a625.js Show response
www.gstatic.com/mysidia/ Frame F9A3 36 KB
14 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e68f8ec74926968a541734be8897a625.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4755a52910466d3bd7b706550f76af98eeb94b7092368df86e6e0c914eff2756

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 15:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14678
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 15:12:54 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame F9A3 2 KB
892 B 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:22:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:22:24 GMT

GET
H3 200 ef1f6d24bef59513d7c49e9cf5bba5ca.js Show response
www.gstatic.com/mysidia/ Frame F9A3 22 KB
9 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef1f6d24bef59513d7c49e9cf5bba5ca.js?tag=exit_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19aaa87c8184f65551d5c44d78d03aa8230d28c7c04d142f731f0fa129fd9cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 15:12:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9440
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 15:12:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/ Frame F9A3 23 KB
9 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:20:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:20:39 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame F9A3 3 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:35:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 07:35:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame F9A3 20 KB
8 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:21:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9A3 187 KB
59 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 09:29:45 GMT

GET
H3 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame F9A3 37 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:58:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 14:58:47 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame FE68 33 KB
33 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 87627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 09:09:18 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FE68
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=ClPHdiDAdZbKyFradjuwP8tyUkA_chrPLcr7e4KCHEd7H7fG4AhABIO_OsVBg9ZXOgeAEoAGajNXTAsgBCagDAcgDywSqBP8BT9BrsfFKMWvKaKXKPXSjoYodhTinoBgQEh25Ok1ckvRKkQW...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf0c7fd75a350abc60000000000000000%22,%222%22:%220x9f816f2679d938ba0000000000000000%22,%223%22:%220x53489a...

0
0

106ms
55ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf0c7fd75a350abc60000000000000000%22,%222%22:%220x9f816f2679d938ba0000000000000000%22,%223%22:%220x53489a85791f0f330000000000000000%22,%224%22:%220xa08c4044bf7deae40000000000000000%22,%225%22:%220xcc6c65951a31d8b00000000000000000%22},%22debug_key%22:%222694653693655961104%22,%22debug_reporting%22:true,%22destination%22:%22https://nanosparkleshop.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22712328730%22],%224%22:[%2210-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222246691392356288993%22}&andc=true

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:46 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xf0c7fd75a350abc60000000000000000","2":"0x9f816f2679d938ba0000000000000000","3":"0x53489a85791f0f330000000000000000","4":"0xa08c4044bf7deae40000000000000000","5":"0xcc6c65951a31d8b00000000000000000"},"debug_key":"2694653693655961104","debug_reporting":true,"destination":"https://nanosparkleshop.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["712328730"],"4":["10-04"],"6":["true"]},"priority":"500","source_event_id":"2246691392356288993"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Oct 2023 09:29:46 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 04 Oct 2023 09:29:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xf0c7fd75a350abc60000000000000000","2":"0x9f816f2679d938ba0000000000000000","3":"0x53489a85791f0f330000000000000000","4":"0xa08c4044bf7deae40000000000000000","5":"0xcc6c65951a31d8b00000000000000000"},"debug_key":"2694653693655961104","debug_reporting":true,"destination":"https://nanosparkleshop.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["712328730"],"4":["10-04"],"6":["true"]},"priority":"500","source_event_id":"2246691392356288993"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 0439 2 KB
480 B 31ms
31ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 09:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 08:04:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 09:29:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame 0439 2 KB
892 B 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:22:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:22:24 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/ Frame 0439 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:20:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:20:39 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame 0439 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:35:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6882
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 07:35:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame 0439 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:21:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0439 187 KB
59 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 09:29:45 GMT

GET
H3 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame 0439 37 KB
15 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 14:58:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 14:58:47 GMT

GET
H3 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B68 37 KB
14 KB 28ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 19:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 19:38:27 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/ Frame 4BC6 3 KB
1 KB 20ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/index.html

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/e68f8ec74926968a541734be8897a625.js?tag=html5_display_upload/html5_exit_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1faf126bdd114eab0a2c2cead06889c3c90cb5dcee17634cec3117a70f2bfd1c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 145223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1160
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 02 Oct 2023 17:09:23 GMT
expires: Tue, 01 Oct 2024 17:09:23 GMT
last-modified: Thu, 28 Sep 2023 12:48:31 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 109ms
55ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 Oct 2023 09:29:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F9A3 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c9009aa7edf81751484121ab06967ffdca211c00fbd155680b37c07f41c897c

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4BC6 6 KB
3 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 00:52:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31043
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Oct 2023 00:52:23 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4BC6 34 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 02:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 Oct 2023 02:28:43 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4BC6 60 KB
24 KB 104ms
53ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 09:29:46 GMT

GET
H3 200 script.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/js/ Frame 4BC6 2 KB
660 B 20ms
20ms Script
application/x-javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/js/script.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cc5214bca5857486b3af42c35393429875eb0c7e88f0b2ca62dd1fadf5f01dd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 02 Oct 2023 17:09:23 GMT
age: 145223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 12:48:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 17:09:23 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/9861204947373497576/ Frame FCF2 23 KB
23 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9861204947373497576/2076313506083323656

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d14be7cf095f2fef445955016fc12808fa8ea951d16c2190dedadfbaf607f11c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 14:45:26 GMT
x-content-type-options: nosniff
age: 413060
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23832
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 11:45:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Sep 2024 14:45:26 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/13975521445603965153/ Frame FCF2 6 KB
6 KB 29ms
26ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13975521445603965153/14763004658117789537?w=100&h=100

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5c83b5b2ae1d82b7f42d8ab691fce886653a4cb7347a5ce227da2cacc01ad6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 07:17:01 GMT
x-content-type-options: nosniff
age: 353565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6108
x-xss-protection: 0
last-modified: Thu, 06 Oct 2022 11:45:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 29 Sep 2024 07:17:01 GMT

GET
DATA 200
OK truncated
/ Frame FCF2 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FCF2 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df54bfc704486987eba99ff78e495b38c53d2810893d97486e09d0774736969c

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FCF2 0
19 B 69ms
68ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CoJPViDAdZajBGpr7n88Pr8iL-An0prqAc43WipKnEaSIhZ4LEAEg786xUGD1lc6B4ASgAavsr7YCyAEJqQL4V6qLPdOCPqgDAcgDy4SAgASqBPoBT9DrOTSOw-kjGUmc0iiaW8LvMCVjhrbao2-xu7yDcCQKbyFWseurVsJ8ta1Z3quC71s7PggF2zh6rGmx1ZX2LySZNfCiSRkfeBmdLWHMdgLAXDgDYTb6xoFV9RSYj3vvWZeQsLtdGADzP6nLTQnBfGZVzS_67QjjweBUrSBCJMel8fQZhGB_kkFFJcbjxF_jVxLn5Hl941DjKGOzGOs733brsN0ddYV4MaJxeGxmLugpWOc4XnX7epJ126_1f8BA9DhWdpTKweeq0825DVwrRVZuDAw6o7WJWx6NI8FbnbbmWFFGQgFA-h0o6U2BV_7j3MF1peSmmchw8cAElr3j4qgEiAX47cmpS5IFBAgEGAGSBQQIBRgEoAYugAe9k9DJAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJXEUdIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsBuBPkA9gTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi04ODY0Mzg4NDkwMjQ5MDMyGAA&sigh=CHmyuMCU7gg&uach_m=[UACH]&cid=CAQSSwDICaaNkZniD4B01Rlot9gJ27OZ6Xmx8Wu5maj15braaEaElw1GtHtSwPledML5Nn88qJoliAROG3V44aDswFcrd3oeb1UATm37OxgB&template_id=484&cbvp=2&vis=1

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 04 Oct 2023 09:29:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame E313 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 19:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 19:38:27 GMT

GET
H3 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame A58C 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 19:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 19:38:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F9A3 0
19 B 65ms
65ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CrkahiDAdZanBGpr7n88Pr8iL-AmCqZqwc-Sb7vDREb_oor3AARABIO_OsVBg9ZXOgeAEoAHHh_7PAcgBCakC15G1nWiMsT6oAwHIA0iqBP0BT9C3bhIqxvh9hUv_1a-vMvhwng5HEWFVndj6iHFCagMw0t06jKhtY5x3Qvbrx7fmEm7wYoaRr829u8GcG5EJZhSRKHbHXztvTZBrB1rh3FIAL56u2RM6Dlby2JcsIRBy02lG7_MSPKaF3-S6AlVAs6n9C78Y6JqBXhj_emKRNzcHZR4lhOtaR_fnqmXh55OiNLyJuTHtKJdrnv5Szgn0byXLgN3qlDDWCmjb9E4dJjr81vlCUk8PxKoR9c_nXw8RqBFZWN2GM_36FychwSlf5OIhROYUjThvJ2Njks1VvAzu_xAW_I6ep_HNkr8ws4coqa1Y34KrhHAe4Qgh0sAEmuPOkckEiAX2xN_eTJIFBAgEGAGSBQQIBRgEoAYugAfW67vUA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMCrN9IIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsB2BMCiBQB0BUBgBcBshccChoIABIUcHViLTg4NjQzODg0OTAyNDkwMzIYAA&sigh=aaDt_NkRU4s&uach_m=[UACH]&cid=CAQSSwDICaaNkZniD4B01Rlot9gJ27OZ6Xmx8Wu5maj15braaEaElw1GtHtSwPledML5Nn88qJoliAROG3V44aDswFcrd3oeb1UATm37OxgB&template_id=419&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 04 Oct 2023 09:29:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 txt1@2x.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/ Frame 4BC6 1 KB
1 KB 22ms
22ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/txt1@2x.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84b605eda61716151760cfe745f251319b4466c4931df4cd8e4e6b04e8583da3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 02 Oct 2023 17:09:23 GMT
x-content-type-options: nosniff
age: 145223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1108
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 12:48:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 17:09:23 GMT

GET
H3 200 bg1@2x.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/ Frame 4BC6 15 KB
15 KB 27ms
26ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/bg1@2x.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79034275d34268aa80c8004b2a8f7638d3755a6a1ca690f24a590d462af4ae21

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 02 Oct 2023 17:09:23 GMT
x-content-type-options: nosniff
age: 145223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 12:48:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 17:09:23 GMT

GET
H3 200 HyundaiSansText-Regular.woff2
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/ Frame 4BC6 37 KB
37 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/HyundaiSansText-Regular.woff2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d973932dc866346764642cb860ab9e9ac5dd0b6f96cf1eb9279a2fa6e9dffba

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/index.html
Origin: https://tpc.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 02 Oct 2023 17:09:23 GMT
x-content-type-options: nosniff
age: 145223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38284
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 12:48:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 17:09:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B88E 14 KB
1 KB 29ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=910339894&adf=2484202531&pi=t.aa~a.1977219284~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2098&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=j8DsPvmoS9&p=https%3A//www.belogo.ch&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 09:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 07:44:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 09:29:46 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame B88E 2 KB
897 B 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:22:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:22:24 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/ Frame B88E 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:20:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54547
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:20:39 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame B88E 3 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:35:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 07:35:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame B88E 20 KB
8 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:21:24 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B88E 0
0 28ms
26ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQCB2k1vEXH7HwNBIZarXk3bBs8WJy3dRwl_wV-YfpIdrEgXOfyzELK69rgict6DuYlz7kpRoF1mZM-HXu4tO5arzQXZQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=910339894&adf=2484202531&pi=t.aa~a.1977219284~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2098&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=j8DsPvmoS9&p=https%3A//www.belogo.ch&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B88E 187 KB
59 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 09:29:46 GMT

GET
H3 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame B88E 36 KB
15 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 20:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 20:38:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0DF3 4 KB
671 B 28ms
27ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2099&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280&nras=3&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=6H6RzbEt6i&p=https%3A//www.belogo.ch&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 09:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 07:47:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 09:29:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/ Frame 0DF3 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2099&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280&nras=3&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=6H6RzbEt6i&p=https%3A//www.belogo.ch&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:20:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54547
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:20:39 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame 0DF3 3 KB
1 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2099&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280&nras=3&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=6H6RzbEt6i&p=https%3A//www.belogo.ch&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:35:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 07:35:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame 0DF3 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2099&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280&nras=3&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=6H6RzbEt6i&p=https%3A//www.belogo.ch&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:21:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0DF3 0
0 30ms
29ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRU2xkzjT3t1hvwkDOdESIn6qQd5JfXJ-pHpUa7Q4f1Pd_zBRskNI5HBAjL8dD0cb8xKY1_-cc01H0ce4EklKAgZYIKww
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2099&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280&nras=3&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=6H6RzbEt6i&p=https%3A//www.belogo.ch&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0DF3 187 KB
59 KB 35ms
30ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2099&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280&nras=3&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=6H6RzbEt6i&p=https%3A//www.belogo.ch&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 09:29:46 GMT

GET
H3 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame 0DF3 36 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2099&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280&nras=3&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=6H6RzbEt6i&p=https%3A//www.belogo.ch&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 20:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 20:38:48 GMT

GET
H3 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame 4BC6 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 19:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 19:38:27 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B88E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=ChYFmiTAdZcrEJKHI3gPayamACaea_Phy4KeSmtsR3Yynva0CEAEg786xUGD1lc6B4ASgAbLjtKEDyAEJqQJR6kGdDTGyPqgDAcgDywSqBIMCT9AI3bdpvsMNWQi4gwmNO2ELQqd6hash9XM...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcfc44c98fbf267370000000000000000%22,%222%22:%220x2e5eeaf910cc89870000000000000000%22,%223%22:%220xc624ba...

0
0

57ms
56ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xcfc44c98fbf267370000000000000000%22,%222%22:%220x2e5eeaf910cc89870000000000000000%22,%223%22:%220xc624bafb0785b7f80000000000000000%22,%224%22:%220x34f27cb9d048b1cd0000000000000000%22,%225%22:%220x802a7038ca3408c90000000000000000%22},%22debug_key%22:%2211551604343259840443%22,%22debug_reporting%22:true,%22destination%22:%22https://k2bistro.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22875377074%22],%224%22:[%2210-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210958392217573535969%22}&andc=true

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:46 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xcfc44c98fbf267370000000000000000","2":"0x2e5eeaf910cc89870000000000000000","3":"0xc624bafb0785b7f80000000000000000","4":"0x34f27cb9d048b1cd0000000000000000","5":"0x802a7038ca3408c90000000000000000"},"debug_key":"11551604343259840443","debug_reporting":true,"destination":"https://k2bistro.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["875377074"],"4":["10-04"],"6":["true"]},"priority":"500","source_event_id":"10958392217573535969"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Oct 2023 09:29:46 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 04 Oct 2023 09:29:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xcfc44c98fbf267370000000000000000","2":"0x2e5eeaf910cc89870000000000000000","3":"0xc624bafb0785b7f80000000000000000","4":"0x34f27cb9d048b1cd0000000000000000","5":"0x802a7038ca3408c90000000000000000"},"debug_key":"11551604343259840443","debug_reporting":true,"destination":"https://k2bistro.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["875377074"],"4":["10-04"],"6":["true"]},"priority":"500","source_event_id":"10958392217573535969"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EA96 1 KB
643 B 26ms
25ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 5661
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 07:55:25 GMT
etag: 48472445140208031
expires: Thu, 05 Oct 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 8572588318216509527
tpc.googlesyndication.com/simgad/4493115582661000015/ Frame B88E 41 KB
41 KB 74ms
74ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4493115582661000015/8572588318216509527?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2875dfcf82a06a69899d774bba9f7303ce5caf91767703cf8d9cca7a695948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:46 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41822
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 10:18:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Oct 2024 09:29:46 GMT

GET
DATA 200
OK truncated
/ Frame B88E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B88E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame D179 37 KB
14 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231002/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 19:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 19:38:27 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CC32 1 KB
643 B 24ms
23ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2099&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280&nras=3&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=6H6RzbEt6i&p=https%3A//www.belogo.ch&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 5661
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 07:55:25 GMT
etag: 48472445140208031
expires: Thu, 05 Oct 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6728956782142503545/ Frame 0DF3 55 KB
55 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6728956782142503545/14763004658117789537

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2099&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280&nras=3&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=6H6RzbEt6i&p=https%3A//www.belogo.ch&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcf501df83d95d638a38936a42e0ff4db844bac5ef307e41d16ccc23a56d43c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:59:13 GMT
x-content-type-options: nosniff
age: 73833
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56682
x-xss-protection: 0
last-modified: Tue, 03 Oct 2023 12:30:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Oct 2024 12:59:13 GMT

GET
H3 200 17228829525800751257
tpc.googlesyndication.com/simgad/ Frame 0DF3 4 KB
4 KB 24ms
24ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17228829525800751257?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2099&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280&nras=3&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=6H6RzbEt6i&p=https%3A//www.belogo.ch&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4280e50a63f119c0a6357af6d881fb87c3ab8a89a22c2684cd72be6537fdd726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 07:30:16 GMT
x-content-type-options: nosniff
age: 179970
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3974
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 11:00:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 07:30:16 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0DF3 16 KB
16 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 57812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 17:26:14 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0DF3 15 KB
15 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 16:50:19 GMT
x-content-type-options: nosniff
age: 578367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Sep 2024 16:50:19 GMT

GET
DATA 200
OK truncated
/ Frame B88E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 433a5cb7b0a0ad42314acc6a198265549e1355a092ed15c175caf36d4070e0b4

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 56ms
56ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 Oct 2023 09:29:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0DF3 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05692ed05d33958c9e667f0b15a52e796d5b07307806296003272814c148b182

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame EA96 0
173 B 75ms
33ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEF6wJG1Tp3d60Ws-dKR35H0&google_cver=1&google_push=AXcoOmQSc4xVACjNXEYxeanFd0Yz2uOHLIdSEGHJP-Wv0N2tN9d8WZepaGcN6u0q6bjJtwYL6wCHh9ULpYKiioOhRNeKlTkdowQZyaYt
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=910339894&adf=2484202531&pi=t.aa~a.1977219284~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2098&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=j8DsPvmoS9&p=https%3A//www.belogo.ch&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA96
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEJ_JpGGD_SML1b5GrR07H5g&google_cver=1&google_push=AXcoOmR-vzX96Zuwuyr7otwEim8H9vRlZXjdVGlmwgmpzMMleaoV92nFL1Mrk9YQPQXFw9DEQJFquviYPZooWI1F3ePa...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEJ_JpGGD_SML1b5GrR07H5g&google_cver=1&google_push=AXcoOmR-vzX96Zuwuyr7otwEim8H9vRlZXjdVGlmwgmpzMMleaoV92nFL1Mrk9YQPQXFw9DEQJFquviYPZooWI...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR-vzX96Zuwuyr7otwEim8H9vRlZXjdVGlmwgmpzMMleaoV92nFL1Mrk9YQPQXFw9DEQJFquviYPZooWI1F3ePa3XLwMRQWlU_F&google_hm=mcPDSfRdQtibe4hOzIL...

170 B
188 B

34ms
34ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR-vzX96Zuwuyr7otwEim8H9vRlZXjdVGlmwgmpzMMleaoV92nFL1Mrk9YQPQXFw9DEQJFquviYPZooWI1F3ePa3XLwMRQWlU_F&google_hm=mcPDSfRdQtibe4hOzILWVA==

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR-vzX96Zuwuyr7otwEim8H9vRlZXjdVGlmwgmpzMMleaoV92nFL1Mrk9YQPQXFw9DEQJFquviYPZooWI1F3ePa3XLwMRQWlU_F&google_hm=mcPDSfRdQtibe4hOzILWVA==
date: Wed, 04 Oct 2023 09:29:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA96
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBPuVPKpeCSep5-okcOQH3o&google_cver=1&google_push=AXcoOmRgXtE64yJfURkab2Bzth_gzLZX6_w8D9gO5NlSlN8gvWB4GXkVlqhpr5G1fWEC3yWPnzp8c3Z8...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBPuVPKpeCSep5-okcOQH3o&google_cver=1&google_push=AXcoOmRgXtE64yJfURkab2Bzth_gzLZX6_w8D9gO5NlSlN8gvWB4GXkVlqhpr5G1fWEC3yWPnzp...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgyMDMwODg2NTg1MjkxODMz&google_push=AXcoOmRgXtE64yJfURkab2Bzth_gzLZX6_w8D9gO5NlSlN8gvWB4GXkVlqhpr5G1fWEC3yWPnzp8c3Z8...

170 B
188 B

34ms
33ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgyMDMwODg2NTg1MjkxODMz&google_push=AXcoOmRgXtE64yJfURkab2Bzth_gzLZX6_w8D9gO5NlSlN8gvWB4GXkVlqhpr5G1fWEC3yWPnzp8c3Z8MuyKzjNK5BonXPPK3nLZHh4u

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgyMDMwODg2NTg1MjkxODMz&google_push=AXcoOmRgXtE64yJfURkab2Bzth_gzLZX6_w8D9gO5NlSlN8gvWB4GXkVlqhpr5G1fWEC3yWPnzp8c3Z8MuyKzjNK5BonXPPK3nLZHh4u
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA96
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEMDLVRNOAciw0TgfGy4i3zk&google_cver=1&google_push=AXcoOmQb7_yooC-Tw8EcwPUPTEbRlEkDXcuyD6GxPs6T8Dl6xHeMPGUnb...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQb7_yooC-Tw8EcwPUPTEbRlEkDXcuyD6GxPs6T8Dl6xHeMPGUnbc68vko5C_E5Qx9czWwNbTvmHdAYUtLFxyfr7laYVt_vqANK&google_hm=QlMuOTI2Mi0zZG...

170 B
188 B

39ms
38ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQb7_yooC-Tw8EcwPUPTEbRlEkDXcuyD6GxPs6T8Dl6xHeMPGUnbc68vko5C_E5Qx9czWwNbTvmHdAYUtLFxyfr7laYVt_vqANK&google_hm=QlMuOTI2Mi0zZGU3LTRmNWYtYmQ5OQ==

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQb7_yooC-Tw8EcwPUPTEbRlEkDXcuyD6GxPs6T8Dl6xHeMPGUnbc68vko5C_E5Qx9czWwNbTvmHdAYUtLFxyfr7laYVt_vqANK&google_hm=QlMuOTI2Mi0zZGU3LTRmNWYtYmQ5OQ==
Date: Wed, 04 Oct 2023 09:29:46 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame EA96 42 B
233 B 348ms
109ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEKQk0QPsbMdmAJvjQIS5xuQ&google_cver=1&google_push=AXcoOmTEoGfmR30hZz3KDl9u3CAwQWRZwAgb_SLs1iRbEH-Ak-8UcU6VaU_XpyFSxpYG-z-lUpKnIiXMRXQB8TS0MbqWY5OJTGLP3VMg3A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=910339894&adf=2484202531&pi=t.aa~a.1977219284~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2098&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2273&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=j8DsPvmoS9&p=https%3A//www.belogo.ch&dtd=13
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 04 Oct 2023 09:29:46 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame EA96
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESED9mAd9KxzDk2Ywjf3XiwIA?ext-param=AXcoOmS_DAopTPRSZZKgQn5HoT-p0ym6fYnoWqedP5c0MHNxFz-xkom2Ep-rEy3xxQvXXZ7ad_ppc8BexthSXUDIfsp9hFtzavPU3uy2Zw&partner-tag=yande...
https://an.yandex.ru/mapuid/google/CAESED9mAd9KxzDk2Ywjf3XiwIA?redir-setuniq=1&ext-param=AXcoOmS_DAopTPRSZZKgQn5HoT-p0ym6fYnoWqedP5c0MHNxFz-xkom2Ep-rEy3xxQvXXZ7ad_ppc8BexthSXUDIfsp9hFtzavPU3uy2Zw&p...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESED9mAd9KxzDk2Ywjf3XiwIA&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
168 B

72ms
70ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 18 Sep 2024 09:29:47 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EA96
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEAyZMz2CPPds9qhaIKTc7Ew&google_cver=1&google_push=AXcoOmR-ctwlBRtKTkJ9u3s5At5AHOFvLtJSqu5FJlDAZGcrq-sgg123uLvVIOdjuEi...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR-ctwlBRtKTkJ9u3s5At5AHOFvLtJSqu5FJlDAZGcrq-sgg123uLvVIOdjuEiSCEAPFTJ-QiZ7KKCntPdwNKcsVm5o_QHZHW6gnQ

170 B
188 B

33ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR-ctwlBRtKTkJ9u3s5At5AHOFvLtJSqu5FJlDAZGcrq-sgg123uLvVIOdjuEiSCEAPFTJ-QiZ7KKCntPdwNKcsVm5o_QHZHW6gnQ

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 2b08f4dc.1f6fecec
date: Wed, 04 Oct 2023 09:29:46 GMT
x-bytefaas-request-id: 202310040929463B45A545014251D75246
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-53-41-84.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.1-51461813) (-)
x-parent-response-time: 94,23.53.41.84
server-timing: cdn-cache; desc=MISS, edge; dur=87, origin; dur=8, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310040929463B45A545014251D75246
x-cache-remote: TCP_MISS from a23-218-219-15.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR-ctwlBRtKTkJ9u3s5At5AHOFvLtJSqu5FJlDAZGcrq-sgg123uLvVIOdjuEiSCEAPFTJ-QiZ7KKCntPdwNKcsVm5o_QHZHW6gnQ
x-bytefaas-execution-duration: 3.61
access-control-allow-origin: *
access-control-allow-credentials: true
x-origin-response-time: 8,23.218.219.15
x-tt-trace-host: 01fcd2230d245efa6f3fd569ff7230778b55ae64ac8145b0d2bbfdafb1c356c7afaddc16576ad9592b6ac1e3e691b125c7f49cf74fe68c1563357e297a4916a3ddf0eac952ad388a932a02ac0e4d6345298fb771d06cf8727fb67877a3d6355a7b2d4a8433f175916d113eb71dacc664de
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Wed, 04 Oct 2023 09:29:46 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame EA96 0
130 B 88ms
31ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvAGKSl1XK5LJzD2_olYHThSIpuoEl0j-p6lDEIU7EJYrdYPrHP1bN5Wk4dgZgV7ZKQ4jeAx05nw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B88E 33 KB
33 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 87628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 09:09:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 58EC 14 KB
1 KB 28ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=40496009&adf=3551923085&pi=t.aa~a.3476897752~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2098&idt=1&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3069&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=MedDQtk9NA&p=https%3A//www.belogo.ch&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 04 Oct 2023 09:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 07:39:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 Oct 2023 09:29:46 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame 58EC 2 KB
897 B 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:22:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:22:24 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/ Frame 58EC 23 KB
9 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:20:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54547
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:20:39 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame 58EC 3 KB
1 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:35:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6883
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 07:35:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/ Frame 58EC 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231002/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 18:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 17 Oct 2023 18:21:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 58EC 0
0 29ms
27ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMblqOKcVyVXkTWIC_RObr1SZBoO-odswMlOARzmb2AgMDo_FfEag5bX2VnU3TDqhXFVp7MOMYGqwzng-3wehCEHMXHg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=40496009&adf=3551923085&pi=t.aa~a.3476897752~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2098&idt=1&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3069&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=MedDQtk9NA&p=https%3A//www.belogo.ch&dtd=17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58EC 187 KB
59 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696246517909956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 09:29:46 GMT

GET
H3 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame 58EC 36 KB
15 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 20:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 20:38:48 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC32
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEDNk_x2EoH4g10MijRiMheM&google_cver=1&google_push=AXcoOmRD8w9rmxxM4AzIGh08z5RONOMZVcvI7oBY5IqXDW7TQ4BdZCFUXKJY56KIJEo0BPbHLzI9yPd4AsxZkaL2EsYGw8s4QJRFJg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4353F35E52924D5C82FCB497561B6210&google_push=AXcoOmRD8w9rmxxM4AzIGh08z5RONOMZVcvI7oBY5IqXDW7TQ4BdZCFUXKJY56KIJEo0BPbHLzI9yPd4AsxZkaL...

170 B
188 B

33ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4353F35E52924D5C82FCB497561B6210&google_push=AXcoOmRD8w9rmxxM4AzIGh08z5RONOMZVcvI7oBY5IqXDW7TQ4BdZCFUXKJY56KIJEo0BPbHLzI9yPd4AsxZkaL2EsYGw8s4QJRFJg

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 04 Oct 2023 09:29:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4353F35E52924D5C82FCB497561B6210&google_push=AXcoOmRD8w9rmxxM4AzIGh08z5RONOMZVcvI7oBY5IqXDW7TQ4BdZCFUXKJY56KIJEo0BPbHLzI9yPd4AsxZkaL2EsYGw8s4QJRFJg
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 03 Oct 2023 09:29:46 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC32
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESECwCHnNovmB6eqcB4vp1JCU&google_cver=1&google_push=AXcoOmQxrVNb1nUSQhAn6YbMDZgkFmn9Yg0aJxo-b6rnYKqMCKoxWfH7c0vou4o_--aEgIZsuTMjb...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQxrVNb1nUSQhAn6YbMDZgkFmn9Yg0aJxo-b6rnYKqMCKoxWfH7c0vou4o_--aEgIZsuTMjbJwGyTswx9hVUIwP086FspxRAA

170 B
188 B

34ms
33ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQxrVNb1nUSQhAn6YbMDZgkFmn9Yg0aJxo-b6rnYKqMCKoxWfH7c0vou4o_--aEgIZsuTMjbJwGyTswx9hVUIwP086FspxRAA

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 04 Oct 2023 09:29:46 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C934201B3A1345B681EF5D3FF2B477A0 Ref B: ZRHEDGE1512 Ref C: 2023-10-04T09:29:46Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQxrVNb1nUSQhAn6YbMDZgkFmn9Yg0aJxo-b6rnYKqMCKoxWfH7c0vou4o_--aEgIZsuTMjbJwGyTswx9hVUIwP086FspxRAA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYG4KXyg810HgQ88IGsaw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC32
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESELTj76lNG4cHc14yidZwTiA&google_cver=1&google_push=AXcoOmQCLa37rr5E_a-b9mkux4-6Nny7J_5bVln2qYpCzgjWeJ-4bbk9UpiJ4lsHyUJIPLcB9k66jQMBwoaXSSFboLOe9oUTUazv
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=REIwRTc0ODY5NjZCNzYxRA==

170 B
188 B

34ms
34ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=REIwRTc0ODY5NjZCNzYxRA==

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=REIwRTc0ODY5NjZCNzYxRA==
date: Wed, 04 Oct 2023 09:29:47 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC32
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGK0QoZl3erRM9YQKBCVkGo&google_cver=1&google_push=AXcoOmSpq2CAWrK3T2z9h6tDjtKcGQwFWleKkb_QVBYHiie1UqZhob0mfnl1y7I7cK6jfOg9Ghj8M24ctPN52iOB...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=I2BaSS-SQzUgcM2bsI8liw&google_push=AXcoOmSpq2CAWrK3T2z9h6tDjtKcGQwFWleKkb_QVBYHiie1UqZhob0mfnl1y7I7cK6jfOg9Ghj8M24ctPN52iOB27ZfUXvpfsTACg

170 B
188 B

37ms
37ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=I2BaSS-SQzUgcM2bsI8liw&google_push=AXcoOmSpq2CAWrK3T2z9h6tDjtKcGQwFWleKkb_QVBYHiie1UqZhob0mfnl1y7I7cK6jfOg9Ghj8M24ctPN52iOB27ZfUXvpfsTACg

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 04 Oct 2023 09:29:46 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=I2BaSS-SQzUgcM2bsI8liw&google_push=AXcoOmSpq2CAWrK3T2z9h6tDjtKcGQwFWleKkb_QVBYHiie1UqZhob0mfnl1y7I7cK6jfOg9Ghj8M24ctPN52iOB27ZfUXvpfsTACg
x-host: tde-deliveryengine-production-8b9d7bc7f-5nlfj
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC32
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQnHLbo...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQnHLbo...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEwMDQwOTI5NDcwMDAxMzQzODY5NzY1MQ%3D%3D&google_push=AXcoOmQnHLbogNQnOEsxXKpFuawFqRbYeKg3y_X71oaKQ1H71lk05gveMsejHw0ok0XSMK...

170 B
188 B

44ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEwMDQwOTI5NDcwMDAxMzQzODY5NzY1MQ%3D%3D&google_push=AXcoOmQnHLbogNQnOEsxXKpFuawFqRbYeKg3y_X71oaKQ1H71lk05gveMsejHw0ok0XSMK7Z2VMSmEdHU0ufPWZI1KUYyVLg4-HWAg

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEwMDQwOTI5NDcwMDAxMzQzODY5NzY1MQ%3D%3D&google_push=AXcoOmQnHLbogNQnOEsxXKpFuawFqRbYeKg3y_X71oaKQ1H71lk05gveMsejHw0ok0XSMK7Z2VMSmEdHU0ufPWZI1KUYyVLg4-HWAg
pragma: no-cache
date: Wed, 04 Oct 2023 09:29:47 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Wed, 04 Oct 2023 09:29:47 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC32
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIH3w6Ho0mi9y8RuYk5DhjY&google_cver=1&google_push=AXcoOmSE_GIeaflhvyRzy1VlLRYJj93Hsl0qji-AcpjgSuSLpmtqPxYrv1JIUfqR-7EsHPD_nE_Z4uS_8VaR...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSE_GIeaflhvyRzy1VlLRYJj93Hsl0qji-AcpjgSuSLpmtqPxYrv1JIUfqR-7EsHPD_nE_Z4uS_8VaR6UDGIOjW83LAbSXDAg

170 B
188 B

32ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSE_GIeaflhvyRzy1VlLRYJj93Hsl0qji-AcpjgSuSLpmtqPxYrv1JIUfqR-7EsHPD_nE_Z4uS_8VaR6UDGIOjW83LAbSXDAg

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSE_GIeaflhvyRzy1VlLRYJj93Hsl0qji-AcpjgSuSLpmtqPxYrv1JIUfqR-7EsHPD_nE_Z4uS_8VaR6UDGIOjW83LAbSXDAg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame CC32
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEO8ADIaJn9vd...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NDg1OTgxMzYtOWM0Ni00NzkzLTkyNWUtNjAxNThiYWI0ZTI5&google_push=AXcoOmT4V_HomqA87yERsN9roQq-wN6RSqLOZujB6gT5pK3YbT6jAQXpR8N1YXoHH9mwS...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

113ms
113ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: www.belogo.ch
URL: https://www.belogo.ch/
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

expires: Wed, 04 Oct 2023 09:29:47 GMT
pragma: no-cache
date: Wed, 04 Oct 2023 09:29:47 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CC32 0
40 B 31ms
30ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqLvxo-ySWAn6siDF_55HX8g4-Tl9XEJuj_2KFffJYphRbyDKnsYqlQPF72Ce_NvTXjzHoJA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2099&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280&nras=3&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=6H6RzbEt6i&p=https%3A//www.belogo.ch&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0DF3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CWU52iTAdZfTdJP2GjuwPs8qq6Ae5mbujc4mC6-ueEtvZHhABIO_OsVBg9ZXOgeAEoAH48_XOKcgBCakCKJVSx_xNjj6oAwHIA8sEqgSOAk_QJUSfdAK7PuXAVkm4Kh_1TEqUrR7tuvF9LN9...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf0fe59c91a7ed19a0000000000000000%22,%222%22:%220x2214dfa036f9439e0000000000000000%22,%223%22:%220xeec056...

0
0

59ms
58ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xf0fe59c91a7ed19a0000000000000000%22,%222%22:%220x2214dfa036f9439e0000000000000000%22,%223%22:%220xeec056669cf4b3d80000000000000000%22,%224%22:%220x6ea7d609048f31260000000000000000%22,%225%22:%220x5b1461af9634db90000000000000000%22},%22debug_key%22:%2217645384148658273458%22,%22debug_reporting%22:true,%22destination%22:%22https://drhausmeister.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211171363320%22],%224%22:[%2210-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218225023473762066145%22}&andc=true

Requested by

Host: www.belogo.ch
URL: https://www.belogo.ch/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:46 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xf0fe59c91a7ed19a0000000000000000","2":"0x2214dfa036f9439e0000000000000000","3":"0xeec056669cf4b3d80000000000000000","4":"0x6ea7d609048f31260000000000000000","5":"0x5b1461af9634db90000000000000000"},"debug_key":"17645384148658273458","debug_reporting":true,"destination":"https://drhausmeister.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11171363320"],"4":["10-04"],"6":["true"]},"priority":"500","source_event_id":"18225023473762066145"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Oct 2023 09:29:46 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 04 Oct 2023 09:29:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xf0fe59c91a7ed19a0000000000000000","2":"0x2214dfa036f9439e0000000000000000","3":"0xeec056669cf4b3d80000000000000000","4":"0x6ea7d609048f31260000000000000000","5":"0x5b1461af9634db90000000000000000"},"debug_key":"17645384148658273458","debug_reporting":true,"destination":"https://drhausmeister.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11171363320"],"4":["10-04"],"6":["true"]},"priority":"500","source_event_id":"18225023473762066145"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame C7AA 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8864388490249032&output=html&h=280&adk=2119092829&adf=1056625411&pi=t.aa~a.2857851930~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696404585&rafmt=1&to=qs&pwprc=4234865788&format=1200x280&url=https%3A%2F%2Fwww.belogo.ch%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696411785559&bpp=1&bdt=2099&idt=-M&shv=r20231002&mjsv=m202309290901&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1e8bb31ae6544c17-226ec0db26df0089%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_MZaQRX7-w1XwUy4q8MRLEOK1JFFsw&gpic=UID%3D00000c8bdb7b8a9c%3AT%3D1696411784%3ART%3D1696411784%3AS%3DALNI_Mbb-chH_p0apkmtI-0PLTRfTGiREA&prev_fmts=0x0%2C1200x280&nras=3&correlator=7558065167283&frm=20&pv=1&ga_vid=1718403013.1696411784&ga_sid=1696411784&ga_hid=309146355&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31078421%2C44769661%2C21065725&oid=2&pvsid=57404263805121&tmod=1181534078&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=6H6RzbEt6i&p=https%3A//www.belogo.ch&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 19:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 19:38:27 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CEA5 1 KB
643 B 28ms
27ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 5661
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 07:55:25 GMT
etag: 48472445140208031
expires: Thu, 05 Oct 2023 07:55:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame 1866 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 19:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 19:38:27 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15053338321979453435/ Frame 58EC 37 KB
37 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15053338321979453435/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29d32a859f298d3c715ca38e8a75ed8dbe2003c7124955df9f7fe4a7e79c1c83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 06:41:09 GMT
x-content-type-options: nosniff
age: 96517
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37523
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 12:26:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Oct 2024 06:41:09 GMT

GET
DATA 200
OK truncated
/ Frame 58EC 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 58EC 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 60ms
59ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 Oct 2023 09:29:46 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 58EC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96d46104395cae81aa3fba89c3d98a83661c2720210e6180e5e59edac39b151d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 58EC 33 KB
33 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 87628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 09:09:18 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame CEA5
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKCqMjNjdnF0IHmKNEMnoqc&google_cver=1&google_push=AXcoOmRVxZaVktRplkiwULRQn1QU_k2T7vXCh_xg8t3pMsYFpcauauj71JiRv64eRrKsQUkHDQ3ofrxv1-QPtPOlha3-FqZaZ0RlOH8
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzU0NzY5MTkwMjQ2MzI2MjAwMA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKCqMjNjdnF0IHmKNEMnoqc&google_cver=1

43 B
398 B

63ms
40ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKCqMjNjdnF0IHmKNEMnoqc&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 04 Oct 2023 09:29:46 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEKCqMjNjdnF0IHmKNEMnoqc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame CEA5 35 B
464 B 71ms
22ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHpm2WZpnwDa69Xw90Ypims&google_cver=1&google_push=AXcoOmSLsRdynPteovId4uyzQF7P2OMftrB3mErL-DUif-9ym5VxzHaT08CR0wn7ma0SbeDFMwZzaY8RlUn39bRYJRoKz54Hx5hPc5Xr

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CEA5
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEDPVlbvQdZl5611fctDAZJk&c_param1=AXcoOmQESYYBmyXMxPnClf_LGzXVYGLwxfQEvyVTEbQfT5MCrZ8X8kYxarqwD4WrQcQRDQJAuo554gjzw2VzHUqUXrPAsuNjFZiTRTdK&gdpr=%%GDP...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQESYYBmyXMxPnClf_LGzXVYGLwxfQEvyVTEbQfT5MCrZ8X8kYxarqwD4WrQcQRDQJAuo554gjzw2VzHUqUXrPAsuNjFZiTRTdK

170 B
188 B

35ms
33ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQESYYBmyXMxPnClf_LGzXVYGLwxfQEvyVTEbQfT5MCrZ8X8kYxarqwD4WrQcQRDQJAuo554gjzw2VzHUqUXrPAsuNjFZiTRTdK

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQESYYBmyXMxPnClf_LGzXVYGLwxfQEvyVTEbQfT5MCrZ8X8kYxarqwD4WrQcQRDQJAuo554gjzw2VzHUqUXrPAsuNjFZiTRTdK
date: Wed, 04 Oct 2023 09:29:47 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CEA5
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEB9D-UPQU_FbU4TCIIip7c0&google_cver=1&google_push=AXcoOmTt6U6DN_CGtiAF_j_NJrIH5TjLpEBKy9LmZmY6zz8ieKw2xWAoxauDu3UWwmbthSB4CVRArF05...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgyMDMwODg2NTg1MjkxODMz&google_push=AXcoOmTt6U6DN_CGtiAF_j_NJrIH5TjLpEBKy9LmZmY6zz8ieKw2xWAoxauDu3UWwmbthSB4CVRArF05...

170 B
188 B

35ms
34ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgyMDMwODg2NTg1MjkxODMz&google_push=AXcoOmTt6U6DN_CGtiAF_j_NJrIH5TjLpEBKy9LmZmY6zz8ieKw2xWAoxauDu3UWwmbthSB4CVRArF05JYZc8UrzgXzS2XwvcCQtmnQW

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTgyMDMwODg2NTg1MjkxODMz&google_push=AXcoOmTt6U6DN_CGtiAF_j_NJrIH5TjLpEBKy9LmZmY6zz8ieKw2xWAoxauDu3UWwmbthSB4CVRArF05JYZc8UrzgXzS2XwvcCQtmnQW
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CEA5
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESENNKryAX0PlF_CMGMo6TJuA&google_cver=1&google_push=AXcoOmSMMoLNlHivutAywhgIx9iNO5GDIz-lVsjozM6ZmrvQtFx-u_SQn-2ah3VKpgkR7pDLZjuwIGbgvXNpK...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESENNKryAX0PlF_CMGMo6TJuA&google_push=AXcoOmSMMoLNlHivutAywhgIx9iNO5GDIz-lVsjozM6ZmrvQtFx-u_SQn-2ah3VKpgkR7pDLZjuwIGbgvXNpK...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSMMoLNlHivutAywhgIx9iNO5GDIz-lVsjozM6ZmrvQtFx-u_SQn-2ah3VKpgkR7pDLZjuwIGbgvXNpKlLgnNUGSFrKhIUswyMA&google_hm=Wk55Z2k2R3h2Unhw...

170 B
188 B

33ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSMMoLNlHivutAywhgIx9iNO5GDIz-lVsjozM6ZmrvQtFx-u_SQn-2ah3VKpgkR7pDLZjuwIGbgvXNpKlLgnNUGSFrKhIUswyMA&google_hm=Wk55Z2k2R3h2UnhwdFp5NzFpcDc=

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 04 Oct 2023 09:29:47 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSMMoLNlHivutAywhgIx9iNO5GDIz-lVsjozM6ZmrvQtFx-u_SQn-2ah3VKpgkR7pDLZjuwIGbgvXNpKlLgnNUGSFrKhIUswyMA&google_hm=Wk55Z2k2R3h2UnhwdFp5NzFpcDc=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 240
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CEA5
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELFOF-D0WSVP_LcdNEZ0Huc&google_cver=1&google_push=AXcoOmTBkIE7cuSEala_GrNQJSj4cSt_fwz_oEzfc67E139QNG9umnz9Z9YSQo1VIb7hBtFXMDDUw-sHpVgn...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTBkIE7cuSEala_GrNQJSj4cSt_fwz_oEzfc67E139QNG9umnz9Z9YSQo1VIb7hBtFXMDDUw-sHpVgntFN-YIBJCsZnRf6ZFSqG

170 B
188 B

33ms
32ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTBkIE7cuSEala_GrNQJSj4cSt_fwz_oEzfc67E139QNG9umnz9Z9YSQo1VIb7hBtFXMDDUw-sHpVgntFN-YIBJCsZnRf6ZFSqG

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTBkIE7cuSEala_GrNQJSj4cSt_fwz_oEzfc67E139QNG9umnz9Z9YSQo1VIb7hBtFXMDDUw-sHpVgntFN-YIBJCsZnRf6ZFSqG
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame CEA5
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEBbog6nunttfRPFPGGDwSdk?ext-param=AXcoOmQH_wSIOr59yOxOBo4RpZ4y0BFQPIgKgBio6390HRkom8VJGjah_y6D03aio6z_8dw6BA31-sgFYxsREqIEE0IiZeMoxWTe5pxrYQ&partner-tag=yande...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEBbog6nunttfRPFPGGDwSdk&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
78 B

77ms
76ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 18 Sep 2024 09:29:47 GMT

Redirect headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CEA5 0
12 B 33ms
31ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KRTZY4iApefzEFJa4WrZgjzIj9g5qF120_FHeiMf4lomn8GoIT2Kown7gLvsF2rqliiurfNQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 58EC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cj8mwiTAdZZ7oJOOzjuwP2tibkArmlbq5bMXduOG1EGQQASDvzrFQYPWVzoHgBKABytq36gLIAQmpAp-bbFKUM7I-qAMByAPLBKoE_QFP0H1FXoQTU7xxTRWcWFyEhdrljeFPDp5nVgg3eZh...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x95f04b04e1c066ce0000000000000000%22,%222%22:%220x8e12cc2ec76095190000000000000000%22,%223%22:%220xa7b265...

0
0

62ms
61ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x95f04b04e1c066ce0000000000000000%22,%222%22:%220x8e12cc2ec76095190000000000000000%22,%223%22:%220xa7b2656f57dfb6900000000000000000%22,%224%22:%220xcde537942f6419a60000000000000000%22,%225%22:%220xaf7dc5c9465131300000000000000000%22},%22debug_key%22:%2217178879929736268608%22,%22debug_reporting%22:true,%22destination%22:%22https://telepski-treuhand.ch%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22760081738%22],%224%22:[%2210-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223302909064296342225%22}&andc=true

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:47 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x95f04b04e1c066ce0000000000000000","2":"0x8e12cc2ec76095190000000000000000","3":"0xa7b2656f57dfb6900000000000000000","4":"0xcde537942f6419a60000000000000000","5":"0xaf7dc5c9465131300000000000000000"},"debug_key":"17178879929736268608","debug_reporting":true,"destination":"https://telepski-treuhand.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["760081738"],"4":["10-04"],"6":["true"]},"priority":"500","source_event_id":"3302909064296342225"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 04 Oct 2023 09:29:47 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 04 Oct 2023 09:29:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x95f04b04e1c066ce0000000000000000","2":"0x8e12cc2ec76095190000000000000000","3":"0xa7b2656f57dfb6900000000000000000","4":"0xcde537942f6419a60000000000000000","5":"0xaf7dc5c9465131300000000000000000"},"debug_key":"17178879929736268608","debug_reporting":true,"destination":"https://telepski-treuhand.ch","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["760081738"],"4":["10-04"],"6":["true"]},"priority":"500","source_event_id":"3302909064296342225"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 111ms
71ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231002&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/show_ads_impl_fy2021.js?bust=31078421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

baab9af0b867370dbcec9d946f9488da7ee4c5e256d0c7ee89ccc2bba731066c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12311
x-xss-protection: 0

GET
H3 200 fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js Show response
pagead2.googlesyndication.com/bg/ Frame 3DD1 37 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fKmd0_GjkmbwxuPCHGJrquWY3DKtsFUpFSxCST8vOts.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 19:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 19:38:27 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 56ms
56ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 Oct 2023 09:29:47 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 137ms
136ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309290901/show_ads_impl_fy2021.js?bust=31078421

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 09:29:47 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F9A3 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxu9gEFLsvkcLD7FGsONuFJrz0TKm6YAnoxDmCoIrpLZPlxNOSXDESUmregQBygbwdlyTyMOEbWWfeOmvqxAnGHaNJw_W3vj9zNL6Zz8IOEU78qyN5rwa_QSiuQa9NKQmG6c2qi4j1Lw&sai=AMfl-YQnYp67SK1AzjJobEjfqbeiQKhsumAO3SHAUDER3VbDc_a3A1a7xtfNFu2MEzUAvmtVl2tu--wX0Pzuhj01fHK1ziUeeYcv9Tu5zrFGmWO8BXKf7dGNdwQcW3eC_4lo4ATP2wYOqSmgswFc&sig=Cg0ArKJSzEqqOsXvwlu6EAE&cid=CAQSSwDICaaNkZniD4B01Rlot9gJ27OZ6Xmx8Wu5maj15braaEaElw1GtHtSwPledML5Nn88qJoliAROG3V44aDswFcrd3oeb1UATm37OxgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=229,884,1000,1082,1082&tos=229,655,116,82,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696411785670&rpt=425&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A304 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.belogo.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 2597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 08:46:30 GMT
expires: Thu, 03 Oct 2024 08:46:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 68A2 829 B
559 B 31ms
30ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e285fb9a50489553843f1ce98632c2218c239317f42b3db42ce4627e2c2c2750

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-weNxOe3idGZKhudnvCnDzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.belogo.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-weNxOe3idGZKhudnvCnDzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 09:29:47 GMT
expires: Wed, 04 Oct 2023 09:29:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FCF2 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssj4z_zpYgmhdpuDC7TON5zDm3lRvRjEDNI2d4YNP_e-E_tQuHGhsOSP2akAqQAX-SyUeqYw1qA9I-reSUcrRTIOCUcFEwTWJ92eeFr3ZJ4lojVXt3_BhLubmCtl2LpBcUULVxO-0-kNw&sai=AMfl-YQsxrw3rzz4cB-lMCSgkuTbKqFURaM283VRPUzi5KPT7TIOkJsr5Wsrl41G7EN4j43xY6ECTg8Ue4PLu5z-e4IW1uRWWguAWPRiBW4-Q7MI0n-USit-EwiAF6IVN18nr4gT56x7jWrnJTdS&sig=Cg0ArKJSzOkKO_y9g6pzEAE&cid=CAQSSwDICaaNkZniD4B01Rlot9gJ27OZ6Xmx8Wu5maj15braaEaElw1GtHtSwPledML5Nn88qJoliAROG3V44aDswFcrd3oeb1UATm37OxgB&id=lidar2&mcvt=1008&p=0,0,600,200&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20231002&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696411785667&rpt=506&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Oct 2023 09:29:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js Show response
pagead2.googlesyndication.com/bg/ Frame A304 37 KB
14 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BAadeGEE1qHjsQ6c_rqFtjeXulPdvwUFIKdhRpM9mgY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 08:46:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2597
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14550
x-xss-protection: 0
last-modified: Mon, 25 Sep 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 03 Oct 2024 08:46:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 68A2 0
0 54ms
53ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231002&jk=57404263805121&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H3 200 style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/ Frame 4BC6 999 B
336 B 20ms
20ms Stylesheet
text/css 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7869e738c989ba6a596def04580a125181c2ac1c0c7048a600cb3461f2ee9b24

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 02 Oct 2023 17:09:24 GMT
age: 145223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 12:48:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 17:09:24 GMT

GET
H3 200 txt2@2x.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/ Frame 4BC6 1 KB
1 KB 28ms
28ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/txt2@2x.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

192c7cda7e23ee21d2f098f41ccec79ebf700f19e73d98d2af38dc82b2e3948e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 02 Oct 2023 17:09:24 GMT
x-content-type-options: nosniff
age: 145223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1483
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 12:48:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 17:09:24 GMT

GET
H3 200 txt3@2x.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/ Frame 4BC6 1 KB
1 KB 43ms
41ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/txt3@2x.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

130617c97bb88a511e4e3bf08ed79dae949dc2e83d41d5964976bf92f87cf770

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 02 Oct 2023 17:09:24 GMT
x-content-type-options: nosniff
age: 145223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1482
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 12:48:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 17:09:24 GMT

GET
H3 200 txt4@2x.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/ Frame 4BC6 2 KB
2 KB 41ms
40ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/txt4@2x.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec5c4d05328aab9ff726e6d8f8c6b5f2d7230b60ffd5408f7215cfe9188a7f6b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 02 Oct 2023 17:09:24 GMT
x-content-type-options: nosniff
age: 145223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1854
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 12:48:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 17:09:24 GMT

GET
H3 200 txt5@2x.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/ Frame 4BC6 5 KB
5 KB 30ms
28ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/txt5@2x.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

486eefc942fbbbc261ab792d1ad5d0a5d75214148ad601245b3e40c1d18056f7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 02 Oct 2023 17:09:24 GMT
x-content-type-options: nosniff
age: 145223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4897
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 12:48:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 17:09:24 GMT

GET
H3 200 subline@2x.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/ Frame 4BC6 765 B
803 B 42ms
41ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/subline@2x.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39a0d583d6e6faa94f45308e92316d0f68bb2b9e35ce29c8048e8541e497145d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 02 Oct 2023 17:09:24 GMT
x-content-type-options: nosniff
age: 145223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 765
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 12:48:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 17:09:24 GMT

GET
H3 200 stoerer@2x.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/ Frame 4BC6 2 KB
2 KB 39ms
38ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/stoerer@2x.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c04be49c9678138a4b892d8403040e16d9304e9f5602ac50ae9cd3f367a697

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 02 Oct 2023 17:09:24 GMT
x-content-type-options: nosniff
age: 145223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1712
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 12:48:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 17:09:24 GMT

GET
H3 200 bg2@2x.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/ Frame 4BC6 20 KB
20 KB 30ms
29ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/bg2@2x.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9983798b1537051290e6d9e94dfce801a5ff67f8d2fb5e88c9da6d8753d89d7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 02 Oct 2023 17:09:24 GMT
x-content-type-options: nosniff
age: 145223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20169
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 12:48:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 17:09:24 GMT

GET
H3 200 bg3@2x.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/ Frame 4BC6 15 KB
15 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/bg3@2x.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef85316228df4e8d1554c98fbe6802f66c9db1882d6c5ff456206dbe2f4b8b58

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 02 Oct 2023 17:09:24 GMT
x-content-type-options: nosniff
age: 145223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15385
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 12:48:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 17:09:24 GMT

GET
H3 200 bg4@2x.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/ Frame 4BC6 15 KB
15 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/img/bg4@2x.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45c5b1b721d1bdd6bda31ae9cb3ea8d9ea50b724d033ddb20dd18a822c98284

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2605918907876511121/HMCH_KONA_Roadshow_DE_Leaderboard_728x90/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 02 Oct 2023 17:09:24 GMT
x-content-type-options: nosniff
age: 145223
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15693
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 12:48:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 01 Oct 2024 17:09:24 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A304 0
12 B 39ms
38ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_7NgaQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 09:29:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
56ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231002&jk=57404263805121&bg=!5Oel56jNAAYEJRtnJCU7ADQBe5WfOIev04HDu-GFjp0DDZcLtspj7BNOWwByrvpVs03_sLzhNTM3XU_3SziKrbwdA8khAgAAAKFSAAAACGgBBwoAtpFtM0t92fp1Lbxjkz293xnyrnjkF9qKI7rrkJ1mHomOTHNvWLyKF0bv3Hdrg0YWSlUDXnOfvJdHDnupJ62jpPQmL0lF7bE9BNCvclfs17jdymfKOVZdwjwBBHCV5XSuqNYAQ4GmnbNPp3MXwWbLzhXdreFJXwp83vqXIyyqQHWtwUCd-1CHdA6Mfuh8dAAd0PgGPRDwJq63rDK2Ie_L-k62i9RW_ICgoYMhLDOJCA6q7ND1DeiamQKoMpN5qnGN_BT38je0Wczup-X_LbAVrS3mb2x3SDQDgGCwlhCEIOOL3m5NyDyiUdxhMOqVwIsr1dZX8YFQDW5PFMWRaYRt3Z8FAWtOMTxHHciMBthdN2VrafeATkRES0LgXLxLGO8wQkrP7C55iv7aUmWm3Pc8obgCe2QHxT4yYjZ0mE-kfBD1eDAp4GF9YO2lksJlK2a1uNBGj4I9Gl1cMfRzMFiPQmBfDK9P0IjWACKFLY_V5ePiKcAz96ab8LSmRHMYaiZIvX7g8c9MIYOuvjsw-BT_YJB6g7zjOG24b2ciqzzo8vOPB6AnKsxmuTMlgzkHUBChioLwk7zfT4r7sggyRRuGlrgGeWxlOCvZPCJVi6wnrpfYfVMA32nQdGR_CizNBeX2bI3N-rODAhq2Dz_zHi7nuh8wLtWtcl8Uc1CI7sh0p41WgoNFYT8rSsEddpOxfwCoonkNDDgh3C54YYQzu1TFYfgLjB_5PY2xg1KD6Sud9M92nxB0kpsYvXvbx35Gh8I5pTMm9ns8sQylcPnJwX5L-BM6_Jn4g3BASOF0H-7FeV8LV3VLQdsAiHlZG5Qd7EQtMgT4q66zVwP6ywWfO3n6Rw-6nR2WCKD4h9Zpyv-CjydyiBBeMR2mLpQqS_0tijDPF-0MEf8A-3gQuCrpBTWc6r3HyZ8bnGoNdPcst89mo1tEYvHtbt-BJZBQYjOrQsfstrf6FV6jEgpiCS1o-_rw2XVpGrj6fi5kyroVg7wH5KGo7wowykWDMJVz2D5sU5m1Zcjp0tS4yjy_CuGWtqWzGSd2jfzOm5_rZ594culWmZInvm0fzAehv-v5mwwLVs6Ft7A2XOJY70XmCtMMlgPrydbCsgJPSXAE7HvYpEOr41c-_kdOjqDKbRaMpGjLb-3VQ0o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.belogo.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.belogo.ch/	1970-01-21 00:49:31	Name: _ga Value: GA1.2.1718403013.1696411784
.belogo.ch/	1970-01-20 15:14:58	Name: _gid Value: GA1.2.225635729.1696411784
.belogo.ch/	1970-01-20 15:13:31	Name: _gat Value: 1
.belogo.ch/	1970-01-21 00:35:07	Name: __gads Value: ID=6fd81bbad02af255:T=1696411784:RT=1696411784:S=ALNI_MbBUXgb3piNS-A2hsDNQxFSf66g0w
.belogo.ch/	1970-01-21 00:35:07	Name: __gpi Value: UID=00000c8bdb6ad0fe:T=1696411784:RT=1696411784:S=ALNI_Mai5p2YXSDlUJapKAcv0na1qSPLtQ
.googleadservices.com/	1970-01-20 17:23:07	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 00:49:31	Name: IDE Value: AHWqTUlGqWxWTSFkH0BetW0WU9rY_0lM0t_Lzic_sC5gFKFjgD8yajIp8g7L84J4bCs
.blismedia.com/	1970-01-20 23:59:11	Name: b Value: 651D308A1760EAE1E99C5B26BLIS
.bidswitch.net/	1970-01-20 23:59:07	Name: tuuid Value: 99c3c349-f45d-42d8-9b7b-884ecc82d654
.bidswitch.net/	1970-01-20 23:59:07	Name: c Value: 1696411786
.bidswitch.net/	1970-01-20 23:59:07	Name: tuuid_lu Value: 1696411786
.adform.net/	1970-01-20 15:58:10	Name: C Value: 1
.bidswitch.net/	1970-01-20 15:13:32	Name: google_push Value: AXcoOmR-vzX96Zuwuyr7otwEim8H9vRlZXjdVGlmwgmpzMMleaoV92nFL1Mrk9YQPQXFw9DEQJFquviYPZooWI1F3ePa3XLwMRQWlU_F
.travelaudience.com/	1970-01-21 00:45:12	Name: _tracker Value: %7B%22UUID%22%3A%2223605A49-2F92-4335-2070-CD9BB08F258B%22%7D
.yandex.ru/	1970-01-21 00:49:31	Name: yuidss Value: 8496312231696411786
.yandex.ru/	1970-01-21 00:49:31	Name: yandexuid Value: 8496312231696411786
.adform.net/	1970-01-20 16:39:55	Name: uid Value: 582030886585291833
.simpli.fi/	1970-01-21 00:00:34	Name: suid Value: 4353F35E52924D5C82FCB497561B6210
.teads.tv/	1970-01-20 23:57:41	Name: tt_viewer Value: 48598136-9c46-4793-925e-60158bab4e29
.linkedin.com/	1970-01-20 23:59:07	Name: bcookie Value: "v=2&ce6006b5-aa97-474b-86b1-3a67b22ef6bf"
.linkedin.com/	1970-01-20 19:32:43	Name: li_gc Value: MTswOzE2OTY0MTE3ODY7MjswMjFqcYg+//c39NHYOBle2038IsBTkJwlVP7zkgXWBeBd0g==
.linkedin.com/	1970-01-20 15:14:58	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2666:u=1:x=1:i=1696411786:t=1696498186:v=2:sig=AQEGBMJ_wf9PNuaXENtOaFPigE7ndzi4"
.e.dlx.addthis.com/	1970-01-21 00:43:46	Name: na_tc Value: Y
.quantserve.com/	1970-01-20 17:23:07	Name: d Value: ED8BCQGNKoEA
.quantserve.com/	1970-01-21 00:43:46	Name: mc Value: 651d308b-04202-781fd-42788
.uuidksinc.net/	1970-01-20 23:59:07	Name: jcsuuid Value: arrcYTh9lRNz0jiT8ytW
.turn.com/	1970-01-20 19:32:43	Name: uid Value: 3547691902463262000
fksnk.com/	1970-01-20 15:23:36	Name: AWSALBCORS Value: aYuqTIQ87o1AibpNDGM3IgYXRZtgWn5U8mdE8yyVEdTa/1ltEJt4Hw8o6HEtkxsSPQ2khcs6PhMj967hvYdLpro9fjNkkYsXDz2ySgmDKsyRdOISN7RN8k9DYdkq
.fksnk.com/	1970-01-20 17:23:07	Name: f_001 Value: DB0E7486966B761D
.fksnk.com/	1970-01-20 15:14:58	Name: g_001 Value: 1
.addthis.com/	1970-01-21 00:43:46	Name: na_id Value: 2023100409294700013438697651
.addthis.com/	1970-01-21 00:43:46	Name: na_tc Value: Y
.addthis.com/	1970-01-21 00:43:46	Name: uid Value: 651d308b9c3621a5
.addthis.com/	1970-01-21 00:43:46	Name: ouid Value: 651d308b00019ea8566d49239e1081f6307817978c2afdf2e7be
.dlx.addthis.com/	1970-01-20 15:56:43	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 15:56:43	Name: na_sr Value: 20231004
.dlx.addthis.com/	1970-01-20 15:13:31	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 15:56:43	Name: na_sc_e Value: 0
.zemanta.com/	1970-01-20 23:59:07	Name: zuid Value: ZNygi6GxvRxptZy71ip7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.travelaudience.com
an.yandex.ru
analytics.pangle-ads.com
b1sync.zemanta.com
belogo.ch
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
e.dlx.addthis.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
im.bluevoox.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
px.ads.linkedin.com
r.turn.com
rtb2-useast.e-volution.ai
s.uuidksinc.net
s0.2mdn.net
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
www.belogo.ch
www.google-analytics.com
www.google.ch
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.186.130
172.217.18.2
174.137.133.49
18.213.189.173
185.196.197.130
2.16.97.41
2001:678:cb4:bbbb::11
213.239.197.61
23.212.211.126
23.53.41.88
2606:4700::6811:180e
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2a00:1450:4001:809::2004
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2006
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9a
2a02:6b8::90
3.123.242.198
34.96.105.8
35.190.0.66
35.204.74.118
37.157.6.232
51.89.9.253
52.45.175.185
64.202.112.95
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
04069d786104d6a1e3b10e9cfeba85b63797ba53ddbf050520a76146933d9a06
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04e482fe797af14d41a4a9782b64a26f1706b637cb1bf823031e60e62bc7cabb
05692ed05d33958c9e667f0b15a52e796d5b07307806296003272814c148b182
08d27f460466e4b36d9eb2cfef27e442ca206f87d6cbb157f98c16704c999a2a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f3e7e4687148d9b184dedbd7f244139334a700568fdfd952e54c8a465e3acd8
130617c97bb88a511e4e3bf08ed79dae949dc2e83d41d5964976bf92f87cf770
13d2265891cb867ce6cf28a52d35903dc2ec32fc0c397cd549019c968c699338
15dc3ec728059bc225377d6ba898e86c7875f13b6607abfaef87b89eeed62533
184677597efe3e9cca3b6743119d49e675395131de577d056ab43c2961681073
192c7cda7e23ee21d2f098f41ccec79ebf700f19e73d98d2af38dc82b2e3948e
19aaa87c8184f65551d5c44d78d03aa8230d28c7c04d142f731f0fa129fd9cdb
1a8f548a36437ec684a0dab93a1a5f2c4d4fae8b5f8880629b20fe35bd718c55
1d973932dc866346764642cb860ab9e9ac5dd0b6f96cf1eb9279a2fa6e9dffba
1faf126bdd114eab0a2c2cead06889c3c90cb5dcee17634cec3117a70f2bfd1c
2856eb5f210716db027cd2f44fbaf05b50fa65df0330847e528f2cb4bf731991
29c04be49c9678138a4b892d8403040e16d9304e9f5602ac50ae9cd3f367a697
29d32a859f298d3c715ca38e8a75ed8dbe2003c7124955df9f7fe4a7e79c1c83
2c9009aa7edf81751484121ab06967ffdca211c00fbd155680b37c07f41c897c
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
39a0d583d6e6faa94f45308e92316d0f68bb2b9e35ce29c8048e8541e497145d
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b1ab917c7da8e45e24d8eea1c130fa25ce01e422fb747eea8163a06e07e84bb
3d6e57ecf184d9aba744af4de5a99f0804348b87085fb6355fc4ca35e2982641
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
4280e50a63f119c0a6357af6d881fb87c3ab8a89a22c2684cd72be6537fdd726
433a5cb7b0a0ad42314acc6a198265549e1355a092ed15c175caf36d4070e0b4
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4755a52910466d3bd7b706550f76af98eeb94b7092368df86e6e0c914eff2756
486eefc942fbbbc261ab792d1ad5d0a5d75214148ad601245b3e40c1d18056f7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5031c96da1493f299e17a2b8ae0ee2bec99ceac01036a14748e602ec669d903b
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
519f4557b31789e9d9a8891d01b2c00d7a4b029b58aa31e464dfbb7e9000ebed
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58cdf374bc131964b32b809c22ab1a3ef67603adc79b77ec994da92964267d33
596723006f79d2f6b92d260593594771b3f2bdda67605e11b9f804bc3fa68e76
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cc5214bca5857486b3af42c35393429875eb0c7e88f0b2ca62dd1fadf5f01dd
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b12db406576f6b3434858ec7e3c313e22dbd51217941d8e07da64433ff78728
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc
7869e738c989ba6a596def04580a125181c2ac1c0c7048a600cb3461f2ee9b24
79034275d34268aa80c8004b2a8f7638d3755a6a1ca690f24a590d462af4ae21
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7ca99dd3f1a39266f0c6e3c21c626baae598dc32adb05529152c42493f2f3adb
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
84b605eda61716151760cfe745f251319b4466c4931df4cd8e4e6b04e8583da3
8a2875dfcf82a06a69899d774bba9f7303ce5caf91767703cf8d9cca7a695948
8afe4aa2b118972a42265fb5f142d3de524e9ca057c290b89ccd11c69d1417ae
8c851aa30c092c6e5c219edede0d8c8eb6b9a738c5055987a0081302bd8a41f0
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
96d46104395cae81aa3fba89c3d98a83661c2720210e6180e5e59edac39b151d
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1478f32148ae7e7c5ead563a2d2b4576728e3e34ac0093bdf142723611a6f5b
a6c7a302569d54495823de9410cb5262a1d989fcd3478114213fdbd46ced17b6
a9983798b1537051290e6d9e94dfce801a5ff67f8d2fb5e88c9da6d8753d89d7
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac4a4d48faf1670dd95aac541fd22c6728ab6528d9fbacfdbd2e58ab5cbc83c8
acc48ffb07316007622f24af9f0bb81ad3cfcabe3531e3bcc7bbc6a6ce9c8096
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa9ae8eec6cb530d00256d71c700f9f0d72d298bd50f3af7f4450aa9aed2c98
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b9791dee785d0a53b0ebe862e242f1439c051196af0dbe1b165011507d0c717b
baab9af0b867370dbcec9d946f9488da7ee4c5e256d0c7ee89ccc2bba731066c
bcf501df83d95d638a38936a42e0ff4db844bac5ef307e41d16ccc23a56d43c6
c00d6a20e82456c029bfb39e97da8b5857d9d70d1dab2d89ebea1d5c7f0afd08
c0d2622f2ba7aa4bd0c7459cd76fa0f86b0e8d1fc0c6510ab5a0b973b8811f27
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
c5c83b5b2ae1d82b7f42d8ab691fce886653a4cb7347a5ce227da2cacc01ad6d
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
ce87d49c5ebcfd5021d28b24ef1aff53b39586ffcfc19e90a4e5df37c990484d
d14be7cf095f2fef445955016fc12808fa8ea951d16c2190dedadfbaf607f11c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df54bfc704486987eba99ff78e495b38c53d2810893d97486e09d0774736969c
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e0aac8c089d16d95d70093cae3086b56dda9c9acbadbb8e178982b72c58f73a3
e285fb9a50489553843f1ce98632c2218c239317f42b3db42ce4627e2c2c2750
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45c5b1b721d1bdd6bda31ae9cb3ea8d9ea50b724d033ddb20dd18a822c98284
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
ec5c4d05328aab9ff726e6d8f8c6b5f2d7230b60ffd5408f7215cfe9188a7f6b
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef85316228df4e8d1554c98fbe6802f66c9db1882d6c5ff456206dbe2f4b8b58
efb1ad68e78e61552f46a04c90a2eed8cc18f2683d03143590105642c988ac88
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f69e4d9cc1af1097299a101658f148802312d8729e62e692c3a4e6972d1d4ac0
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.belogo.ch Open in urlscan Pro 213.239.197.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

184 Requests

88 %HTTPS

51 %IPv6

30 Domains

37 Subdomains

24 IPs

7 Countries

2410 kBTransfer

5325 kBSize

39 Cookies

2 Outgoing links

Page URL History

Redirected requests

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.belogo.ch Open in urlscan Pro
213.239.197.61 Public Scan

Screenshot
Live screenshot

Full Image

184
Requests

88 %
HTTPS

51 %
IPv6

30
Domains

37
Subdomains

24
IPs

7
Countries

2410 kB
Transfer

5325 kB
Size

39
Cookies

184 HTTP transactions
13 data transactions