Submitted URL: http://www.ghi.ch/
Effective URL: https://ghi.ch/
Submission: On January 17 via api from US — Scanned from CH

Summary

This website contacted 38 IPs in 6 countries across 29 domains to perform 175 HTTP transactions. The main IP is 91.121.209.86, located in France and belongs to OVH, FR. The main domain is ghi.ch.
TLS certificate: Issued by Gandi RSA Domain Validation Secure Se... on October 9th 2023. Valid for: a year.
This is the only time ghi.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 76 91.121.209.86 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
7 2606:4700:20:... 13335 (CLOUDFLAR...)
2 34.249.120.35 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f08... 32934 (FACEBOOK)
3 162.55.246.61 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
4 185.89.210.122 29990 (ASN-APPNEX)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
10 2a03:2880:f17... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
1 151.101.129.108 54113 (FASTLY)
2 172.64.151.101 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 108.138.36.28 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.170.29.7 16509 (AMAZON-02)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 162.19.138.117 16276 (OVH)
1 3 2a02:2638:3::c 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 35.244.159.8 396982 (GOOGLE-CL...)
2 2 37.157.6.243 198622 (ADFORM)
1 2 67.220.228.201 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
1 2 172.217.16.194 15169 (GOOGLE)
175 38
Apex Domain
Subdomains
Transfer
76 ghi.ch
www.ghi.ch
ghi.ch
1 MB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
417 KB
16 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
1687ca191c1e83f1cf89e47f5922b8ed.safeframe.googlesyndication.com
f67b524e3b8b8f1cf1d31904365a46d8.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
83 KB
10 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
3 KB
7 adnz.co
adnz.co — Cisco Umbrella Rank: 64298
api.adnz.co — Cisco Umbrella Rank: 68567
85 KB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 463
p.typekit.net — Cisco Umbrella Rank: 566
120 KB
5 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1736
google-bidout-d.openx.net — Cisco Umbrella Rank: 1735
eu-u.openx.net — Cisco Umbrella Rank: 2043
us-u.openx.net — Cisco Umbrella Rank: 524
2 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
acdn.adnxs.com — Cisco Umbrella Rank: 598
41 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
180 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2029
21 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 423
mug.criteo.com — Cisco Umbrella Rank: 3123
7 KB
3 servedbyadbutler.com
servedbyadbutler.com — Cisco Umbrella Rank: 13191
14 KB
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 801
2 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
130 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1005
bcp.crwdcntrl.net — Cisco Umbrella Rank: 898
12 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 857
id5-sync.com — Cisco Umbrella Rank: 425
29 KB
2 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 2791
981 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
136 KB
2 sysnetgs.com
assurance.sysnetgs.com — Cisco Umbrella Rank: 194075
11 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
149 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1833
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2948
3 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
1 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
175 29
Domain Requested by
75 www.ghi.ch 1 redirects ghi.ch
www.ghi.ch
14 securepubads.g.doubleclick.net adnz.co
securepubads.g.doubleclick.net
ghi.ch
www.googletagservices.com
10 www.facebook.com connect.facebook.net
ghi.ch
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 api.adnz.co adnz.co
5 use.typekit.net ghi.ch
4 ib.adnxs.com adnz.co
acdn.adnxs.com
4 connect.facebook.net ghi.ch
connect.facebook.net
3 servedbyadbutler.com ghi.ch
servedbyadbutler.com
3 www.google-analytics.com ghi.ch
www.google-analytics.com
2 cm.g.doubleclick.net 1 redirects google-bidout-d.openx.net
2 aax-eu.amazon-adsystem.com 1 redirects google-bidout-d.openx.net
2 c1.adform.net 2 redirects
2 www.googletagservices.com securepubads.g.doubleclick.net
2 www.google.com tpc.googlesyndication.com
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects
2 as-sec.casalemedia.com adnz.co
2 www.googletagmanager.com ghi.ch
www.google-analytics.com
2 assurance.sysnetgs.com ghi.ch
2 adnz.co ghi.ch
adnz.co
1 us-u.openx.net google-bidout-d.openx.net
1 match.adsrvr.org google-bidout-d.openx.net
1 eu-u.openx.net google-bidout-d.openx.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 mug.criteo.com
1 f67b524e3b8b8f1cf1d31904365a46d8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 1687ca191c1e83f1cf89e47f5922b8ed.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 acdn.adnxs.com adnz.co
1 region1.google-analytics.com www.googletagmanager.com
1 p.typekit.net ghi.ch
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com ghi.ch
1 ghi.ch
175 45
Subject Issuer Validity Valid
*.ghi.ch
Gandi RSA Domain Validation Secure Server CA 3
2023-10-09 -
2024-09-14
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-09-21 -
2024-10-21
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-04 -
2024-05-03
a year crt.sh
*.sysnetgs.com
Viking Cloud Organization Validation CA, Level 1
2023-09-28 -
2024-09-27
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-10-26 -
2024-01-24
3 months crt.sh
servedbyadbutler.com
Sectigo RSA Domain Validation Secure Server CA
2024-01-16 -
2025-01-18
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3
2023-05-21 -
2024-05-20
a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4
2023-12-23 -
2024-03-22
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2023-10-08 -
2024-11-05
a year crt.sh
cdn.prod.uidapi.com
R3
2023-11-02 -
2024-01-31
3 months crt.sh
oa.openxcdn.net
GTS CA 1D4
2023-11-24 -
2024-02-22
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-15 -
2024-03-10
3 months crt.sh
*.id5-sync.com
R3
2024-01-01 -
2024-03-31
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
www.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1
2023-08-18 -
2024-08-18
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh

This page contains 22 frames:

Primary Page: https://ghi.ch/
Frame ID: C46B6DA18E19EEB7C66E235EDA3C763D
Requests: 113 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 340DC7A24DCA26AA034FCB910880BADB
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 67C53CD212AF40D7619FE51B2FBF0378
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3930e1046db9d%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=440&href=https%3A%2F%2Fghi.ch%2Flaeroport-de-geneve-va-mieux&layout=button_count&locale=fr_FR&sdk=joey
Frame ID: 6410EF7126E3AB8E8A850160841AD58B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17432caf572cb4%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fghi.ch%2Fquoi-de-neuf-dans-le-ghi-de-cette-semaine&layout=button_count&locale=fr_FR&sdk=joey
Frame ID: 4E8FB9B175293EF8F4F815F46C5EC8BC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26020383be11e4%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fghi.ch%2Fune-exposition-raconte-le-celebre-immeuble-la-clarte&layout=button_count&locale=fr_FR&sdk=joey
Frame ID: FD0E09857FD7C66DF85B2ED294975974
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ae5c43420f3d8%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fghi.ch%2Fdiabete-une-recherche-genevoise-met-en-evidence-le-role-des-graisses&layout=button_count&locale=fr_FR&sdk=joey
Frame ID: 1A9EA5EE02A976A6DCAA6F94F1D89F66
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c2b8dc9b4edf%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fghi.ch%2Fselon-les-astres-2024-sera-une-annus-horribilis&layout=button_count&locale=fr_FR&sdk=joey
Frame ID: F3F5C8593E21C8BC30344F1A46456DD3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2943ae0cfe5d18%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fghi.ch%2Fislande-terre-devasion-authentique&layout=button_count&locale=fr_FR&sdk=joey
Frame ID: 4E30145C97DAC15542EDF8E81B382505
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e6e16dfad78c%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fghi.ch%2Fle-boulevard-du-pont-darve-temporairement-rebaptise-rue-polluee&layout=button_count&locale=fr_FR&sdk=joey
Frame ID: BABFB55AB382BC4A1221DF0EE9DF93CF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3314021c0f8cc8%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fghi.ch%2Fsortie-cinema-mean-girls-un-remake-reussi-de-lolita-malgre-moi&layout=button_count&locale=fr_FR&sdk=joey
Frame ID: 867185BD60CA73B8713007C3ED9269E9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df263543ee963e8%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fghi.ch%2Fla-ville-de-geneve-active-son-plan-grand-froid&layout=button_count&locale=fr_FR&sdk=joey
Frame ID: 6A1EB7A18E1A26F8BD1E6658DEB3E0D4
Requests: 1 HTTP requests in this frame

Frame: https://1687ca191c1e83f1cf89e47f5922b8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 183090FA81059538EFCAC69ED03A47C5
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ghi.ch
Frame ID: FBE007F970D9D278F30FB9F60BCCEED0
Requests: 2 HTTP requests in this frame

Frame: https://f67b524e3b8b8f1cf1d31904365a46d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7B9CB5C52C2F71D893B421CAA773E634
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E0B29E036C162510840932E6F8DD1CF1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A1D854307244A3C43780C983E0F3EFEA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8A615725E4D3CD6DE2A28C8DFB67F558
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BF450ED96D8D58FFD810453880C25F4A
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssN_RyELiHJcn5alE3r9BmYH_09QPPdWXZ-BluR6JZQ6QmeBobw3YBpnP_0TKRR3dcsWP9GebFFWAUMySFt09VA9F7Xdo3wDYwoFeThxu_a7lIRSyrIVwJLyjHlDT7R3Ep8blRxXz5ff7NW8MkCGPw9tnqQR0MUKKQOxFHVt-7ML7x9hYsNZLO_QVrYAVRh_kFRmH9EKwAXrPjT0lk-Xlt8l7d63gr6YT2LHVLWtZCzIL6el_u-Fl0HqkE4WXt-v6pQNW8DJc94e92YaWzYSVjTRWZ1FWKZwXwWbW_aV_3SYU7Ff2thb_RqOguRlDtXBn_DrkgiowCDxffY2z1tUozZUFC8W6uR4ntDwInmzQzr4TiysvOac7bFnMy0R58C12Y&sai=AMfl-YQWgIQ8lWHNDryzDG29914bgZrpUqmNR4UKyqzP1OGWUtpyY1RxvrvhoMnkDAa5v0wNul-F4VBB00xi1t_5zVrPQTkWZ6Ibnc3h13P7QA4bNGanVBqMt2skj7uIuFds4UHeH8TeCZaNrXS_Iry221KVjj1KhI3gzEdC8_1YOcu2Nzsy&sig=Cg0ArKJSzMegNY7zq9DvEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 6A9A4AA11F627D2FBD3E9A9BE73C1EC4
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 7A546D62CC88A78B111264B6B5DC1045
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw-d66EY1iglFSLVv8VPsNsYEQfA1cE58wjunNVp2g51akM0N21JrW4MblzdEoPNKJzJuA3WnvE0EYiRE4n5BLqREKlENCYt0Iflf0Zv7CnMUKDQoTZpYv0GET65ZwmpPwJ9lf53EYyseRxFeZe3DWSrAS11_sGi33nIjorkK0jUti511qr1lVbviimLR6ubFnbu_H46BSnOwxzoECPnX5-cFFPmD1yj7SgtflBXuXlHRH8Q5ugqt-bU9vU9Af5A99jGecUW3NXtVoRHHMhqfdgCTnKYY3cwTpgD_x3TPaKrVDJkShzdDJ03DMlPOnjjx-1cwPN9jbwlp5YCvyQJKm858YCo-IAt7ye32Qwk2YvzGNHt4mfo_wP6nUUf7413g&sai=AMfl-YTDSRiMu1A0aJKDr-uTsJeya6GuhWrp5-88t85IaRqU0T2Rbt_fYmvMpwQWjt2IOLR0YumFmb5zm10eI24yyCq7wL3bv8AeurKAA5Sw0fbo5Ri1ox1reWWIBAnKKWaMkpcieE-B3kzagHuGME7sPFcBXB5yKrXybnsw86TT2vOG5EdqMiHFO07NzeFjRpheEVjNcrSCO2HM-zQsISDbeXExx7qgOj5mC-ubSASlfFajcA&sig=Cg0ArKJSzF2CwYKmNNo3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 0CA68F643993E6ABD9806B9E7DC92CF6
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

GHI - Le Journal indépendant des Genevois

Page URL History Show full URLs

  1. http://www.ghi.ch/ HTTP 301
    https://ghi.ch/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:link|style)[^>]+"/sites/(?:default|all)/(?:themes|modules)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

175
Requests

97 %
HTTPS

56 %
IPv6

29
Domains

45
Subdomains

38
IPs

6
Countries

2614 kB
Transfer

5216 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ghi.ch/ HTTP 301
    https://ghi.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 140
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fghi.ch%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fghi.ch%2F&rid=esp&cc=1
Request Chain 148
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ghi.ch&sn=ChromeSyncframe&so=0&topUrl=ghi.ch&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=-a-nY3xUejg5Qkt1LzU5cVdVVjNxemtWdXJ3dmpTcnBZVlg2QW9vejFSenV4bitOQUtNQWJGSHhOd2VPbEpEd3J0OWlMekFMb21JRGM5a3ZvODhKanY1VUJjSXVaaEM3bSsyNjhpZ3ArN0lxYm5aeU1HeW9PYnNVWGduL2k2S3JLQVBzdzAzT1QraHM0RlV2QlMxcUV4SGllRTdzWkZYU1o1Qy8yUkYwQVpiRnBkU0FzUkVEVGtZQUVZZEt3VTczc21MT2IzZFZSZG5vYXhxc3JtSDFFVFBRRUx6TTBSMFBoM0NKUjdvTklpeEVJU3VRcTgyRHdWMktObjdQUUF1VW9iVEY2eW1DN2RaZm9pcExOV0hUdmRLYVJRQT09fA&cppv=2
Request Chain 162
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5509776753783892683
Request Chain 163
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=7f8e14c6-07e7-ca09-06c6-af293839dded HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=7f8e14c6-07e7-ca09-06c6-af293839dded&dcc=t
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJgFxBGN0r7ijZRXFLdpy_Q&google_cver=1

175 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ghi.ch/
Redirect Chain
  • http://www.ghi.ch/
  • https://ghi.ch/
65 KB
16 KB
Document
General
Full URL
https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
c6284bf2c769b4c6045f6dca96981b144012f1203cb56f15652212bc101f7c8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
public, max-age=600
Connection
keep-alive
Content-Encoding
gzip
Content-Language
fr
Content-Type
text/html; charset=utf-8
Date
Wed, 17 Jan 2024 14:32:40 GMT
Expires
Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified
Wed, 17 Jan 2024 13:52:28 GMT
Server
nginx/1.6.2
Transfer-Encoding
chunked
Vary
Cookie
X-Content-Type-Options
nosniff
X-Drupal-Cache
HIT
X-Frame-Options
SAMEORIGIN
X-Generator
Drupal 7 (http://drupal.org)

Redirect headers

Connection
keep-alive
Content-Length
184
Content-Type
text/html
Date
Wed, 17 Jan 2024 14:32:40 GMT
Location
https://ghi.ch/
Server
nginx/1.6.2
css
fonts.googleapis.com/
27 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,400italic,600italic
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8084d84c1e675edb5f7bc65fbe327170d9eecc3613c2d050b4393d28997c96d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jan 2024 14:32:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 14:32:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jan 2024 14:32:40 GMT
system.base.css
www.ghi.ch/modules/system/
5 KB
6 KB
Stylesheet
General
Full URL
https://www.ghi.ch/modules/system/system.base.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
bf6028e15a460586c16adb0210d268374501f60ecf36f11e554e2ffd089c636b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 29 May 2023 11:23:03 GMT
Server
nginx/1.6.2
ETag
"64748b17-1534"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5428
system.menus.css
www.ghi.ch/modules/system/
2 KB
2 KB
Stylesheet
General
Full URL
https://www.ghi.ch/modules/system/system.menus.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
8ddd16e82813d3b21156531806bf2621098f1315544b9dd93386b42fea3b6633

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 29 May 2023 11:23:03 GMT
Server
nginx/1.6.2
ETag
"64748b17-7f3"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2035
system.messages.css
www.ghi.ch/modules/system/
961 B
1 KB
Stylesheet
General
Full URL
https://www.ghi.ch/modules/system/system.messages.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
d0bbad771a8a5ac5f9446791109693aeca1d676d44ced48f8514857f7d3e6fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 29 May 2023 11:23:03 GMT
Server
nginx/1.6.2
ETag
"64748b17-3c1"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
961
system.theme.css
www.ghi.ch/modules/system/
4 KB
4 KB
Stylesheet
General
Full URL
https://www.ghi.ch/modules/system/system.theme.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
ff7750952a601dbf03688b01a2eced6e5671a8335393eb063201bb732f12c99a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 29 May 2023 11:23:03 GMT
Server
nginx/1.6.2
ETag
"64748b17-e7f"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3711
jquery.ui.core.min.css
www.ghi.ch/sites/all/modules/contrib/jquery_update/replace/ui/themes/base/minified/
924 B
1 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/modules/contrib/jquery_update/replace/ui/themes/base/minified/jquery.ui.core.min.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
1678656eeb28b4de4c6fe8871c02409cd217b80866423db5ad0e62fcd476f726

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Tue, 24 Jan 2023 16:58:55 GMT
Server
nginx/1.6.2
ETag
"63d00e4f-39c"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
924
jquery.ui.theme.min.css
www.ghi.ch/sites/all/modules/contrib/jquery_update/replace/ui/themes/base/minified/
13 KB
14 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/modules/contrib/jquery_update/replace/ui/themes/base/minified/jquery.ui.theme.min.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
76d342e20f16102f7367c4ce450586db941f46aa592039665114cf7ff126462b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Tue, 24 Jan 2023 16:58:55 GMT
Server
nginx/1.6.2
ETag
"63d00e4f-3556"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13654
jquery.ui.button.min.css
www.ghi.ch/sites/all/modules/contrib/jquery_update/replace/ui/themes/base/minified/
2 KB
2 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/modules/contrib/jquery_update/replace/ui/themes/base/minified/jquery.ui.button.min.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
394baa0408a9242689e213c42dedf42bb30bb5fb1c63a709ddecfa61681bc1a2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Tue, 24 Jan 2023 16:58:55 GMT
Server
nginx/1.6.2
ETag
"63d00e4f-753"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1875
jquery.ui.resizable.min.css
www.ghi.ch/sites/all/modules/contrib/jquery_update/replace/ui/themes/base/minified/
924 B
1 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/modules/contrib/jquery_update/replace/ui/themes/base/minified/jquery.ui.resizable.min.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
cb65ce4427f4f564807d7a0deae2621fae5ecc031e72046f0bb31a75ce29f0c4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Tue, 24 Jan 2023 16:58:55 GMT
Server
nginx/1.6.2
ETag
"63d00e4f-39c"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
924
jquery.ui.dialog.min.css
www.ghi.ch/sites/all/modules/contrib/jquery_update/replace/ui/themes/base/minified/
1 KB
1 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/modules/contrib/jquery_update/replace/ui/themes/base/minified/jquery.ui.dialog.min.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
7a8226577f50ef4007d27f0b540ea28845a0b21e3c61f58fc057431103cb1e7b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Tue, 24 Jan 2023 16:58:55 GMT
Server
nginx/1.6.2
ETag
"63d00e4f-416"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1046
field.css
www.ghi.ch/modules/field/theme/
550 B
786 B
Stylesheet
General
Full URL
https://www.ghi.ch/modules/field/theme/field.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
e3ad317a103b4271c6d00cb97957c0d8e0f5bfd6cdc74976d022dd526963ecdf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 29 May 2023 11:23:03 GMT
Server
nginx/1.6.2
ETag
"64748b17-226"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
550
node.css
www.ghi.ch/modules/node/
144 B
379 B
Stylesheet
General
Full URL
https://www.ghi.ch/modules/node/node.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
4569fbfef2a73b2369d1e070a2ce3511f5a8c6a22a7cd6d61baf4982e75a21ee

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 29 May 2023 11:23:03 GMT
Server
nginx/1.6.2
ETag
"64748b17-90"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
144
poll.css
www.ghi.ch/modules/poll/
809 B
1 KB
Stylesheet
General
Full URL
https://www.ghi.ch/modules/poll/poll.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
339f934d19697dada0e0fbc9c0fcbec7d4b25aee42520fa15cb27334e8cc617b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 29 May 2023 11:23:03 GMT
Server
nginx/1.6.2
ETag
"64748b17-329"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
809
search.css
www.ghi.ch/modules/search/
564 B
800 B
Stylesheet
General
Full URL
https://www.ghi.ch/modules/search/search.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
50f8d8e45f6742713a156c9fcf1b20d7c8c2dbddc7c649b76ee377775c6c4b83

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 29 May 2023 11:23:03 GMT
Server
nginx/1.6.2
ETag
"64748b17-234"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
564
user.css
www.ghi.ch/modules/user/
2 KB
2 KB
Stylesheet
General
Full URL
https://www.ghi.ch/modules/user/user.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
63eeb9baf46a801bccb55ef3c1a60610e820d57f90814480a393a0ec8edb36a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 29 May 2023 11:23:03 GMT
Server
nginx/1.6.2
ETag
"64748b17-723"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1827
views.css
www.ghi.ch/sites/all/modules/contrib/views/css/
707 B
943 B
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/modules/contrib/views/css/views.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
0dd53ceca07de8b1b2c16d9fee7a1d33dc90bc462a24abd38b2b9da7b8d27bc2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 31 Jan 2022 14:10:12 GMT
Server
nginx/1.6.2
ETag
"61f7edc4-2c3"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
707
media_wysiwyg.base.css
www.ghi.ch/sites/all/modules/contrib/media/modules/media_wysiwyg/css/
369 B
605 B
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/modules/contrib/media/modules/media_wysiwyg/css/media_wysiwyg.base.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
c0e36784dc21a29c3964c9241c2bc7f435038deee5a803342f29d3a0ba2ceb22

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Fri, 23 Apr 2021 17:48:41 GMT
Server
nginx/1.6.2
ETag
"60830879-171"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
369
ghi_import.css
www.ghi.ch/sites/all/modules/custom/ghi_import/css/
873 B
1 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/modules/custom/ghi_import/css/ghi_import.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
ff4ad943a6680fb59c04013fd85d14fb637d6bef3d879d523e63d145f2a2f3e0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Tue, 04 May 2021 14:59:05 GMT
Server
nginx/1.6.2
ETag
"60916139-369"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
873
ctools.css
www.ghi.ch/sites/all/modules/contrib/ctools/css/
509 B
745 B
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/modules/contrib/ctools/css/ctools.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
c1247c6c6e2fa2a3b02f04886deac34f46ccef66483b1c64c1347e6b95e158b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 31 Jan 2022 14:03:08 GMT
Server
nginx/1.6.2
ETag
"61f7ec1c-1fd"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
509
lightbox.css
www.ghi.ch/sites/all/modules/contrib/lightbox2/css/
5 KB
5 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/modules/contrib/lightbox2/css/lightbox.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
33e2a62c99a431e9f60260cf7105756785b5b06083c06d233a5d2598317511ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 15 Oct 2018 08:01:27 GMT
Server
nginx/1.6.2
ETag
"5bc44957-137e"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4990
panels.css
www.ghi.ch/sites/all/modules/contrib/panels/css/
786 B
1022 B
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/modules/contrib/panels/css/panels.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
b5e4bc2762d8432240f7e1d798f9cb4820968b53c1f01c9304b831af3966107a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Sun, 29 Nov 2020 12:24:50 GMT
Server
nginx/1.6.2
ETag
"5fc39312-312"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
786
home.css
www.ghi.ch/sites/all/themes/ghiv2/templates/layouts/home/
286 B
522 B
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/templates/layouts/home/home.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
91a5d0442ecfd90d4bc9fe541bf0813995829d4d4f59163c1470ff2ee1d32f15

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 25 Apr 2018 16:43:47 GMT
Server
nginx/1.6.2
ETag
"5ae0b043-11e"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
286
default.css
www.ghi.ch/sites/all/libraries/nivo-slider/themes/default/
2 KB
2 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/libraries/nivo-slider/themes/default/default.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
3b5fd7fd21093ef27c4f6402dcd42fa0046069e024d62187b2d7f4c148ee3640

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 18 Sep 2019 07:50:32 GMT
Server
nginx/1.6.2
ETag
"5d81e1c8-83f"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2111
nivo-slider.css
www.ghi.ch/sites/all/libraries/nivo-slider/
2 KB
2 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/libraries/nivo-slider/nivo-slider.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
a330a0196da3072001cf3494d57e3ae7bd7ed26db7214a24e9f7488d2e7e9d54

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 18 Sep 2019 07:50:33 GMT
Server
nginx/1.6.2
ETag
"5d81e1c9-80a"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2058
eu_cookie_compliance.css
www.ghi.ch/sites/all/modules/contrib/eu_cookie_compliance/css/
5 KB
6 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/modules/contrib/eu_cookie_compliance/css/eu_cookie_compliance.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
dd324e8f6a01e7545f39f4764512b057acedc45bd971cdc65c907cc263d6be6d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Fri, 22 May 2020 22:16:20 GMT
Server
nginx/1.6.2
ETag
"5ec84f34-15c2"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5570
ghi_home_slider.css
www.ghi.ch/sites/all/modules/custom/ghi_home_slider/css/
176 B
411 B
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/modules/custom/ghi_home_slider/css/ghi_home_slider.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
d6c51134255beeda214a87ac5462e52255d671d03dffd1f6c4797180f6942272

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 18 Sep 2019 08:47:07 GMT
Server
nginx/1.6.2
ETag
"5d81ef0b-b0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
176
flexslider.css
www.ghi.ch/sites/all/themes/ghiv2/css/
7 KB
7 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/css/flexslider.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
09023baefad81ce5066da12f63dbfd860f1321097977c6994d7862905f18da76

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 25 Apr 2018 16:43:47 GMT
Server
nginx/1.6.2
ETag
"5ae0b043-1ab7"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6839
magnific-popup.css
www.ghi.ch/sites/all/themes/ghiv2/css/
8 KB
8 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/css/magnific-popup.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
0fbf945eae1c5869be401c6db68da93f5a47f2c1ff6072151ebb4b2dea6d4f62

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 25 Apr 2018 16:43:47 GMT
Server
nginx/1.6.2
ETag
"5ae0b043-1e66"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7782
reset.css
www.ghi.ch/sites/all/themes/ghiv2/css/
2 KB
2 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/css/reset.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
7d20fc162ac2fb33a5f91325893b45f260c3ac588d3fb5ccf42a949c5f320edd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 25 Apr 2018 16:43:47 GMT
Server
nginx/1.6.2
ETag
"5ae0b043-84d"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2125
grid.css
www.ghi.ch/sites/all/themes/ghiv2/css/
3 KB
4 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/css/grid.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
9e4915c654721b754d41a97e4bee4d4a6f8d48500d5315d02d1fcd38636fb5b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 25 Apr 2018 16:43:47 GMT
Server
nginx/1.6.2
ETag
"5ae0b043-d13"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3347
typography.css
www.ghi.ch/sites/all/themes/ghiv2/css/
5 KB
5 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/css/typography.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
c31d2698b5c3a99e3004ec0150694f66b3d53678196460470cf9847392c24279

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 25 Apr 2018 16:43:47 GMT
Server
nginx/1.6.2
ETag
"5ae0b043-12bd"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4797
forms.css
www.ghi.ch/sites/all/themes/ghiv2/css/
9 KB
10 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/css/forms.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
d053cdf2a5204cdbd01e8dc6309081a8fad935e118b93eb01c23e6c3d7bf48c0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 23 Sep 2020 15:28:25 GMT
Server
nginx/1.6.2
ETag
"5f6b6999-254c"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9548
tables.css
www.ghi.ch/sites/all/themes/ghiv2/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/css/tables.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
76ec38221487ff694180849e0b3fe2e65dec5d505fd3dece327124be02623721

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 25 Apr 2018 16:43:47 GMT
Server
nginx/1.6.2
ETag
"5ae0b043-44c"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1100
base.css
www.ghi.ch/sites/all/themes/ghiv2/css/
8 KB
9 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/css/base.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
8cad71c04fb9bf2a6cc8ee8def3302786cd78704612a3cf00e80e5709140c2f3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 25 Apr 2018 16:43:47 GMT
Server
nginx/1.6.2
ETag
"5ae0b043-21e8"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8680
style.css
www.ghi.ch/sites/all/themes/ghiv2/css/
78 KB
78 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/css/style.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
886f7397f40821af498a54b547073fe1eb57dbf5659b78732334562b007c3a17

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 23 Jan 2023 10:41:18 GMT
Server
nginx/1.6.2
ETag
"63ce644e-13661"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
79457
mediaqueries.css
www.ghi.ch/sites/all/themes/ghiv2/css/
37 KB
37 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/css/mediaqueries.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
4d9e0a73981a1024a63cd93dd2fa0800cb3ff4bcad46f17aedb430835798e0c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 18 Sep 2019 08:54:47 GMT
Server
nginx/1.6.2
ETag
"5d81f0d7-92d9"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37593
custom.css
www.ghi.ch/sites/all/themes/ghiv2/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/css/custom.css?s7btjk
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
9aaa5284f6d60be96a81a6e61e02c66950a82c5f9536cd0bb40d13ce2913adb9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 03 May 2021 08:46:10 GMT
Server
nginx/1.6.2
ETag
"608fb852-4bb"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1211
js_Pt6OpwTd6jcHLRIjrE-eSPLWMxWDkcyYrPTIrXDSON0.js
www.ghi.ch/sites/default/files/js/
134 KB
134 KB
Script
General
Full URL
https://www.ghi.ch/sites/default/files/js/js_Pt6OpwTd6jcHLRIjrE-eSPLWMxWDkcyYrPTIrXDSON0.js
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
3ede8ea704ddea37072d1223ac4f9e48f2d633158391cc98acf4c8ad70d238dd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 15 Jan 2024 23:35:33 GMT
Server
nginx/1.6.2
ETag
"65a5c145-217e2"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
137186
js_tidcMmezGlDRi5Mw2JKi7Qp6N4f9y1OTFq0-pue1QnQ.js
www.ghi.ch/sites/default/files/js/
76 KB
76 KB
Script
General
Full URL
https://www.ghi.ch/sites/default/files/js/js_tidcMmezGlDRi5Mw2JKi7Qp6N4f9y1OTFq0-pue1QnQ.js
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
b6275c3267b31a50d18b9330d892a2ed0a7a3787fdcb539316ad3ea6e7b54274

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 15 Jan 2024 23:35:36 GMT
Server
nginx/1.6.2
ETag
"65a5c148-12ff9"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77817
js_hYA00clbtijo5oCc75oBvEPomglpjtHaTeBk7xNnxNM.js
www.ghi.ch/sites/default/files/js/
69 KB
69 KB
Script
General
Full URL
https://www.ghi.ch/sites/default/files/js/js_hYA00clbtijo5oCc75oBvEPomglpjtHaTeBk7xNnxNM.js
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
858034d1c95bb628e8e6809cef9a01bc43e89a09698ed1da4de064ef1367c4d3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 15 Jan 2024 23:35:33 GMT
Server
nginx/1.6.2
ETag
"65a5c145-1147e"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
70782
js_f-RSYpwL1T8rGxDkiPbht6tajMcvK8VBbR0YcLcNC98.js
www.ghi.ch/sites/default/files/js/
93 KB
93 KB
Script
General
Full URL
https://www.ghi.ch/sites/default/files/js/js_f-RSYpwL1T8rGxDkiPbht6tajMcvK8VBbR0YcLcNC98.js
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
7fe452629c0bd53f2b1b10e488f6e1b7ab5a8cc72f2bc5416d1d1870b70d0bdf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 15 Jan 2024 23:35:33 GMT
Server
nginx/1.6.2
ETag
"65a5c145-17487"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95367
lol7zte.js
use.typekit.net/
17 KB
7 KB
Script
General
Full URL
https://use.typekit.net/lol7zte.js
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
25daaeb302754f2256eeead18f42f193b4f0c5c528df1dc15343455623d679cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Wed, 17 Jan 2024 14:32:40 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6732
header.js
adnz.co/
287 KB
71 KB
Script
General
Full URL
https://adnz.co/header.js?adTagId=103
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d090d082958a429452d9aa27258bb25691fcdbad4a11ef3e1995852b2f1308d7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:40 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2434
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 17 Jan 2024 13:52:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYgUUZTaspOwI9LiOVRsxzAd4i8VknlPk3eKKhDC1sKvn70l5Bhsg%2Bq1yCX9WvaChcynsFIAY%2BgNwsO%2Fho%2FckRxR8JUzf0S7aarZNpiHbsItcQhmeUeS2XxUeSxOWgPq9EzsxgM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1200
cf-ray
846f4f17ec666abb-FRA
access-control-allow-headers
origin, content-type, accept
expires
Wed, 17 Jan 2024 14:52:40 GMT
aeroport_international_de_geneve.jpg
www.ghi.ch/sites/default/files/styles/580x400/public/field/image/
26 KB
27 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/580x400/public/field/image/aeroport_international_de_geneve.jpg?itok=czWhE8Xx
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
92bcdb21375035a7d41e2f6cee63e006a7812e081dd3b0fb57e08bcd34fc3701

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 17 Jan 2024 13:41:59 GMT
Server
nginx/1.6.2
ETag
"65a7d927-6929"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26921
166_135_001_noel_fourrures_.jpg
www.ghi.ch/sites/default/files/styles/home_slider/public/banner/
56 KB
56 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/home_slider/public/banner/166_135_001_noel_fourrures_.jpg?itok=wieZaLmp
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
8322042658bf77ec432d225602ae1535f86dcad13dd4473fdb1ce7484fa2f0e1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 17 Jan 2024 10:57:40 GMT
Server
nginx/1.6.2
ETag
"65a7b2a4-df97"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57239
belatec_165_794_701.jpg
www.ghi.ch/sites/default/files/styles/home_slider/public/banner/
51 KB
51 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/home_slider/public/banner/belatec_165_794_701.jpg?itok=PH5iMjuP
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
c5a330a10fc5f3d8c3414b95cdc903691093b627952d11feaeef6107a5b81e97

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 17 Jan 2024 10:58:51 GMT
Server
nginx/1.6.2
ETag
"65a7b2eb-cc85"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52357
ghi_18_janvier_une_homepage.jpg
www.ghi.ch/sites/default/files/styles/580x400/public/field/image/
24 KB
24 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/580x400/public/field/image/ghi_18_janvier_une_homepage.jpg?itok=ztY-BcR2
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
e81cd2d7afd5b7203070e0ebbf44409d9a15ae6836c1978342393c4f40976f41

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 17 Jan 2024 07:47:58 GMT
Server
nginx/1.6.2
ETag
"65a7862e-6069"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24681
6_studioclarte_1933_frankhenrijullien.jpg
www.ghi.ch/sites/default/files/styles/280x380/public/field/image/
11 KB
11 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/280x380/public/field/image/6_studioclarte_1933_frankhenrijullien.jpg?itok=Z2Z5Dtlp
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
90bacba0e518c2f9319451870f058b13368cf0c87735c68b49fd7008c557115e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 17 Jan 2024 13:53:43 GMT
Server
nginx/1.6.2
ETag
"65a7dbe7-2c69"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11369
webcam-ghi.jpg
www.ghi.ch/sites/default/files/styles/home_promo/public/ghi_promotion/
32 KB
32 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/home_promo/public/ghi_promotion/webcam-ghi.jpg?itok=B83wA52f
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
291a4f32aa469e8104b35c8c647d657818aeff7a9a8a87415424fefd4a41a572

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Thu, 22 Nov 2018 11:05:11 GMT
Server
nginx/1.6.2
ETag
"5bf68d67-7f59"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32601
111787161_m.jpg
www.ghi.ch/sites/default/files/styles/580x400/public/field/image/
18 KB
19 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/580x400/public/field/image/111787161_m.jpg?itok=6pKqlf9F
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
4e53e28f009925ddfa7fe40285ac597802ddd5269c52426caf7c0be408607828

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 15 Jan 2024 09:31:10 GMT
Server
nginx/1.6.2
ETag
"65a4fb5e-4924"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18724
astrologie.jpg
www.ghi.ch/sites/default/files/styles/280x320/public/field/image/
13 KB
13 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/280x320/public/field/image/astrologie.jpg?itok=-GkCPQAS
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
6330835276e72d5add75c5d9a3aa2b16001db3ed131b6467e6cd78f494b09014

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 17 Jan 2024 13:53:57 GMT
Server
nginx/1.6.2
ETag
"65a7dbf5-332e"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13102
207346888_m.jpg
www.ghi.ch/sites/default/files/styles/280x320/public/field/image/
13 KB
13 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/280x320/public/field/image/207346888_m.jpg?itok=kW4JLh2t
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
24b442ded566ca7a7bab409b74539c76202ea3f3b6275e32c5194000f3343295

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 17 Jan 2024 07:50:55 GMT
Server
nginx/1.6.2
ETag
"65a786df-34d6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13526
pont_arve.png
www.ghi.ch/sites/default/files/styles/280x320/public/field/image/
123 KB
123 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/280x320/public/field/image/pont_arve.png?itok=9z2SIWkG
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
6d1d957885117bb5f06fe109fe7f53bb133d7dd1da11f269abee93454851fa65

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Tue, 16 Jan 2024 07:55:45 GMT
Server
nginx/1.6.2
ETag
"65a63681-1ec58"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
126040
mean_girls.jpg
www.ghi.ch/sites/default/files/styles/580x400/public/field/image/
39 KB
39 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/580x400/public/field/image/mean_girls.jpg?itok=d6Ke5y1F
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
1455d53f963919370020975715ff94068b6abe869d0d6ed825a48b44eb5f05af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Thu, 11 Jan 2024 08:31:34 GMT
Server
nginx/1.6.2
ETag
"659fa766-9cc1"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
40129
grand_froid.jpg
www.ghi.ch/sites/default/files/styles/380x400/public/field/image/
26 KB
26 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/380x400/public/field/image/grand_froid.jpg?itok=QytTWAGx
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
1d216f09e417aefb029c3448e2b9534289aed1c637e0a1208de4f5608bfa4cf8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 17 Jan 2024 13:54:25 GMT
Server
nginx/1.6.2
ETag
"65a7dc11-66a9"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26281
defourny.jpg
www.ghi.ch/sites/default/files/styles/380x210/public/field/image/
16 KB
16 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/380x210/public/field/image/defourny.jpg?itok=ik9-rd_y
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
71c2cf828ac0f08e469cfb0487d2aafb074344751d5c68e9a13a6c9633fc2497

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Sat, 06 Jan 2024 08:51:32 GMT
Server
nginx/1.6.2
ETag
"65991494-4041"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16449
199655251_m.jpg
www.ghi.ch/sites/default/files/styles/380x210/public/field/image/
11 KB
11 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/380x210/public/field/image/199655251_m.jpg?itok=HwEY35XN
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
d425c863b8715ebc6509486a887e085e2d5d28cdc1350bcf1bc51d99ae38018d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Fri, 29 Dec 2023 14:05:29 GMT
Server
nginx/1.6.2
ETag
"658ed229-2c77"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11383
dessert.jpg
www.ghi.ch/sites/default/files/styles/80x80/public/field/image/
3 KB
3 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/80x80/public/field/image/dessert.jpg?itok=rOdvMcan
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
10844b78f37ef29cbb742e47ba1a9cd1ac01eaa5c68602037ddcd47a983c9913

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 18 Dec 2023 13:37:27 GMT
Server
nginx/1.6.2
ETag
"65804b17-a67"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2663
CON_163529_194_A.jpg
www.ghi.ch/sites/default/files/styles/80x80/public/import/
2 KB
3 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/80x80/public/import/CON_163529_194_A.jpg?itok=Po5A4ulu
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
f5e4f5c4a112e0be7e187474a0d703470f957450247b6a61967fbf94827f37a5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Thu, 29 Jun 2023 13:54:29 GMT
Server
nginx/1.6.2
ETag
"649d8d15-95e"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2398
CON_162030_185_A.jpg
www.ghi.ch/sites/default/files/styles/80x80/public/import/
2 KB
3 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/80x80/public/import/CON_162030_185_A.jpg?itok=ksWK8OhC
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
204039322ad1e7ef2ae0112df71630a35a79dfcd7a669eb7894c29560efcff99

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Thu, 29 Jun 2023 13:44:07 GMT
Server
nginx/1.6.2
ETag
"649d8aa7-9da"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2522
CON_162036_185_A.jpg
www.ghi.ch/sites/default/files/styles/80x80/public/import/
3 KB
3 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/80x80/public/import/CON_162036_185_A.jpg?itok=ysEvfqIQ
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
8ffd7f6ac0c0a9afa102e21414bf9cc17304e56358baacf8a77ce4d958c57255

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Thu, 29 Jun 2023 13:44:07 GMT
Server
nginx/1.6.2
ETag
"649d8aa7-a0b"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2571
wonka.jpg
www.ghi.ch/sites/default/files/styles/380x210/public/field/image/
17 KB
18 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/380x210/public/field/image/wonka.jpg?itok=vcPZdbdR
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
24858349e8fad7c0a3dedc96c4457f934fa85a9617f1457a4526d00c0aaa461a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Sat, 09 Dec 2023 14:35:32 GMT
Server
nginx/1.6.2
ETag
"65747b34-454e"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17742
hugues_aufray.jpg
www.ghi.ch/sites/default/files/styles/380x210/public/field/image/
10 KB
10 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/380x210/public/field/image/hugues_aufray.jpg?itok=KJev94Q3
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
f1c84bd06ad47d5424d25d0b93890d42714432521b6e8e2c39c1925122ac1548

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 30 Oct 2023 08:54:37 GMT
Server
nginx/1.6.2
ETag
"653f6f4d-2670"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9840
CON_167051_188_A.jpg
www.ghi.ch/sites/default/files/styles/380x210/public/import/
10 KB
10 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/380x210/public/import/CON_167051_188_A.jpg?itok=fTGR9TFS
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
7755726252eeabb5e175c002b0c2eef6c1af95bc17bf9952b5baf4f6633c1918

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Sun, 16 Jul 2023 07:26:51 GMT
Server
nginx/1.6.2
ETag
"64b39bbb-28db"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10459
207346888_m.jpg
www.ghi.ch/sites/default/files/styles/380x210/public/field/image/
17 KB
17 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/380x210/public/field/image/207346888_m.jpg?itok=4EcDvoX4
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
7aca017f0fc1edfa7bb3b80ce0c18522ac34167ab2ce9da8639b34c069e7aaa4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Sat, 13 Jan 2024 09:46:28 GMT
Server
nginx/1.6.2
ETag
"65a25bf4-44b3"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17587
111787161_m.jpg
www.ghi.ch/sites/default/files/styles/380x210/public/field/image/
9 KB
9 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/380x210/public/field/image/111787161_m.jpg?itok=PFrvFywe
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
2669dfffb1406c4a03b86b865b38627429f48838a07b820d072bfd5392b5b1aa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 15 Jan 2024 09:44:49 GMT
Server
nginx/1.6.2
ETag
"65a4fe91-2481"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9345
190940045_m_normal_none.jpg
www.ghi.ch/sites/default/files/styles/380x210/public/field/image/
12 KB
12 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/380x210/public/field/image/190940045_m_normal_none.jpg?itok=CKqf3ZeJ
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
fd1c89d715c21869f4779450edb4f981900ca3911a2ff1f648aa4b904b998d92

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Sat, 23 Sep 2023 16:09:26 GMT
Server
nginx/1.6.2
ETag
"650f0db6-2e11"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11793
moteur.jpg
www.ghi.ch/sites/default/files/styles/380x210/public/field/image/
17 KB
18 KB
Image
General
Full URL
https://www.ghi.ch/sites/default/files/styles/380x210/public/field/image/moteur.jpg?itok=sNEQRZEL
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
147830554777700472148284491a749daf6dc58e16b83791c928725f02791512

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 04 Dec 2023 14:03:39 GMT
Server
nginx/1.6.2
ETag
"656ddc3b-45a5"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17829
js_lftW2kcsGIBavVFjiwiKjGYxB9Ck-v-03eFVKrh4K9M.js
www.ghi.ch/sites/default/files/js/
32 KB
33 KB
Script
General
Full URL
https://www.ghi.ch/sites/default/files/js/js_lftW2kcsGIBavVFjiwiKjGYxB9Ck-v-03eFVKrh4K9M.js
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
95fb56da472c18805abd51638b088a8c663107d0a4faffb4dde1552ab8782bd3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Mon, 15 Jan 2024 23:35:33 GMT
Server
nginx/1.6.2
ETag
"65a5c145-81e0"
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33248
cardJs
assurance.sysnetgs.com/assurancecard/be8e7fbc4499573fd49c094e465c61e65d547c99fbb42277/
2 KB
3 KB
Script
General
Full URL
https://assurance.sysnetgs.com/assurancecard/be8e7fbc4499573fd49c094e465c61e65d547c99fbb42277/cardJs
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.249.120.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-120-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
41813ef6b1d68e34e85bf34894b729a360e48631ab464ba208a539ba2adab8a7
Security Headers
Name Value
Content-Security-Policy default-src 'self' sysnetgs.com 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com fonts.gstatic.com; script-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
content-security-policy
default-src 'self' sysnetgs.com 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com fonts.gstatic.com; script-src 'self';
x-download-options
noopen
x-dns-prefetch-control
off
content-type
text/plain;charset-UTF-8
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, must-revalidate
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=()
content-length
2314
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Jan 2024 13:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2672
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 17 Jan 2024 15:48:09 GMT
publisher.js
adnz.co/dmp/
33 KB
13 KB
Script
General
Full URL
https://adnz.co/dmp/publisher.js
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31dde44c65a4b0b0b28e3d51615c8fb9ce1a629bc297c639f77e879f3d4c06d2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx000006f3e693d97e69ea0-00659d8cb5-12e0d63-default
age
850
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 09 Jan 2024 17:15:12 GMT
server
cloudflare
etag
W/"d0df5bf8cb76abeb6b0ea2e0a4326690"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MceR%2B1xbCH0aKvobfQ7%2FabVj08RUqCVPN0J5puANpgKhbbs9jroXXwdJnXWl5ROdC4v7%2B%2FqO3TVk2MXrtE4IBiRGRJjy1MaAe9Guql0Uf%2FnBnav07Qbgn%2F4qYNDSuupp9MbRxM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
x-rgw-object-type
Normal
cache-control
public, max-age=1800
access-control-allow-credentials
true
cf-ray
846f4f1a0f596abb-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
country
api.adnz.co/api/ws-geodata/
2 B
748 B
Fetch
General
Full URL
https://api.adnz.co/api/ws-geodata/country
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab861dc170dc2e43224e45278d3d31a675b9ebc34c9b0f48c066ca1eeaed8ee6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept
application/text
Referer
https://ghi.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
ratelimit-reset
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
0
ratelimit-limit
100
alt-svc
h3=":443"; ma=86400
content-length
2
x-xss-protection
0
pragma
no-cache
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/text;charset=UTF-8
access-control-allow-origin
https://ghi.ch
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rg7B%2B4YYG4SLd%2BCHUQOFuIzULqY7Q3K2Xh2GstF52V%2FZM5W9qTano0ILiuZbvpRuqbNkhOSkL9%2BTgNz%2BsuCNVKm3PJlwF7A%2Bx%2BXf5ImaQMoAIjkG%2BWyp5P4r9fZ%2BF7TpgD2m2KHLanPz"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cf-ray
846f4f1a4bfd9259-FRA
ratelimit-remaining
99
expires
0
gtm.js
www.googletagmanager.com/
142 KB
54 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NXTWTV
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d12c8b8ef52270ad607c04d22bd3a907758a84b96345bfc61100f2f55ae396d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55057
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 17 Jan 2024 14:32:41 GMT
sdk.js
connect.facebook.net/fr_FR/
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/fr_FR/sdk.js
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1df72222c39d3d440a8e9b9ed8353eb114e2f9a554ff90a17ed894aa2340166a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Jan 2024 14:32:41 GMT
content-md5
cxIwiUiaHK2G5pOcQPxJTw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
x-fb-debug
VYaIyn5i7t2b0t0pN3heBex3wAHAk0tbvra715Qxm+BWzzQPQmIJ0YuuiCADby4RA2Fd1gKELS1pIu3LqVtS5A==
x-fb-content-md5
60a7a3648e18e8d9be39a0846c751805
cross-origin-opener-policy
same-origin-allow-popups
etag
"f4f3df49a34e7b192f75192aa083bf75"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:42:08 GMT
app.js
servedbyadbutler.com/
67 KB
13 KB
Script
General
Full URL
https://servedbyadbutler.com/app.js
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.246.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.61.246.55.162.clients.your-server.de
Software
nginx /
Resource Hash
19f017b060eef42c6c184a49c2293ba61282cf67189da8025a13dd7dd680e588

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
content-encoding
gzip
last-modified
Mon, 06 Nov 2023 22:45:33 GMT
server
nginx
etag
W/"65496c8d-10da1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
expires
Wed, 17 Jan 2024 15:02:41 GMT
search-magnifier.svg
www.ghi.ch/sites/all/themes/ghiv2/img/layout/
978 B
1 KB
Image
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/img/layout/search-magnifier.svg
Requested by
Host: www.ghi.ch
URL: https://www.ghi.ch/sites/all/themes/ghiv2/css/style.css?s7btjk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
123385cbae9135ded86a04c620ccf1ee6cd34e70ff5221f78adc5389fbb730d3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.ghi.ch/sites/all/themes/ghiv2/css/style.css?s7btjk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 25 Apr 2018 16:43:47 GMT
Server
nginx/1.6.2
ETag
"5ae0b043-3d2"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
978
logo-ghi.svg
www.ghi.ch/sites/all/themes/ghiv2/img/layout/
2 KB
2 KB
Image
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/img/layout/logo-ghi.svg
Requested by
Host: www.ghi.ch
URL: https://www.ghi.ch/sites/all/themes/ghiv2/css/style.css?s7btjk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
fd79df406cece3abeb2479955bbd5dfb35425402920236313c19eeb715710d39

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.ghi.ch/sites/all/themes/ghiv2/css/style.css?s7btjk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 25 Apr 2018 16:43:47 GMT
Server
nginx/1.6.2
ETag
"5ae0b043-6cd"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1741
loading.gif
www.ghi.ch/sites/all/libraries/nivo-slider/themes/default/
2 KB
2 KB
Image
General
Full URL
https://www.ghi.ch/sites/all/libraries/nivo-slider/themes/default/loading.gif
Requested by
Host: www.ghi.ch
URL: https://www.ghi.ch/sites/all/libraries/nivo-slider/themes/default/default.css?s7btjk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
0eddaab3b8cb0b15d81d62e5ae5960329c3e576ea78dc321b20734ab20271847

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.ghi.ch/sites/all/libraries/nivo-slider/themes/default/default.css?s7btjk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 18 Sep 2019 07:50:33 GMT
Server
nginx/1.6.2
ETag
"5d81e1c9-6c9"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1737
icons-classifieds.svg
www.ghi.ch/sites/all/themes/ghiv2/img/layout/
6 KB
6 KB
Image
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/img/layout/icons-classifieds.svg
Requested by
Host: www.ghi.ch
URL: https://www.ghi.ch/sites/all/themes/ghiv2/css/style.css?s7btjk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
0560d47885fd902e61b6170349241e3f08c11b5104c89cc96c87942cbdd2d189

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.ghi.ch/sites/all/themes/ghiv2/css/style.css?s7btjk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 25 Apr 2018 16:43:47 GMT
Server
nginx/1.6.2
ETag
"5ae0b043-1787"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6023
payment-methods-footer.svg
www.ghi.ch/sites/all/themes/ghiv2/img/layout/
16 KB
16 KB
Image
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/img/layout/payment-methods-footer.svg
Requested by
Host: www.ghi.ch
URL: https://www.ghi.ch/sites/all/themes/ghiv2/css/style.css?s7btjk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
aa313a04a170be24ceb3077a769316a83a39ce6eb38f582a7cf81e0836b7b3b7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.ghi.ch/sites/all/themes/ghiv2/css/style.css?s7btjk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 25 Apr 2018 16:43:47 GMT
Server
nginx/1.6.2
ETag
"5ae0b043-3ef8"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16120
icons-social-footer.svg
www.ghi.ch/sites/all/themes/ghiv2/img/layout/
1 KB
2 KB
Image
General
Full URL
https://www.ghi.ch/sites/all/themes/ghiv2/img/layout/icons-social-footer.svg
Requested by
Host: www.ghi.ch
URL: https://www.ghi.ch/sites/all/themes/ghiv2/css/style.css?s7btjk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
1264958931eab9426e615b400fb244dd18f1b2d5613af5a88597a43aa98e0236

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.ghi.ch/sites/all/themes/ghiv2/css/style.css?s7btjk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 25 Apr 2018 16:43:47 GMT
Server
nginx/1.6.2
ETag
"5ae0b043-566"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1382
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,400italic,600italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ghi.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 00:41:53 GMT
x-content-type-options
nosniff
age
49848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 00:41:53 GMT
l
use.typekit.net/af/749bab/00000000000000000001735b/27/
28 KB
28 KB
Font
General
Full URL
https://use.typekit.net/af/749bab/00000000000000000001735b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
483c106ad74ceaa5508a38aef2f871ea75f137551a92aa902b0e930c44dc56c6

Request headers

Referer
https://ghi.ch/
Origin
https://ghi.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
server
nginx
etag
"da85e2a7467528e6e3814ae7ec5c4acd285af03d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28656
l
use.typekit.net/af/b628f6/00000000000000000001735d/27/
28 KB
28 KB
Font
General
Full URL
https://use.typekit.net/af/b628f6/00000000000000000001735d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
008a3711eeda51d66302ca371f26573e66f037c7c5f58d8f3fd27a46911db7c0

Request headers

Referer
https://ghi.ch/
Origin
https://ghi.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
server
nginx
etag
"7117c274c06842f27fc30493ef5832246b02bc80"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28432
l
use.typekit.net/af/27cb10/000000000000000000017361/27/
28 KB
29 KB
Font
General
Full URL
https://use.typekit.net/af/27cb10/000000000000000000017361/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f88e9b11e970546697e02269ed3875ff790094cbc3e82b083fd198b120e04015

Request headers

Referer
https://ghi.ch/
Origin
https://ghi.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
server
nginx
etag
"0b9c63ed8d3ce5df3f35f1a44641052e20e49647"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29128
l
use.typekit.net/af/3cbaa0/00000000000000000001735f/27/
28 KB
28 KB
Font
General
Full URL
https://use.typekit.net/af/3cbaa0/00000000000000000001735f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
25a5f2ed328af40ad2963bfbaccc0d8a4a75edd3f3d0b810c8d913840c959166

Request headers

Referer
https://ghi.ch/
Origin
https://ghi.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
server
nginx
etag
"2b8a661e30b7838f44f488d5dc9150f570157e99"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28292
getuidj
ib.adnxs.com/
11 B
566 B
Fetch
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=103
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:41 GMT
an-x-request-uuid
1463c711-7fdf-479b-b5f0-a38a95bb3bb8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ghi.ch
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.87; 149.88.27.87; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
visitor-id
api.adnz.co/api/ws-convey/
20 B
636 B
Fetch
General
Full URL
https://api.adnz.co/api/ws-convey/visitor-id?url=https%3A%2F%2Fghi.ch%2F
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
010395b1e56a21a5f227cc0a914b959bfe8734420455c6662761abf32fb0b9d9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
ratelimit-reset
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="Not used"
x-envoy-upstream-service-time
10
ratelimit-limit
100
alt-svc
h3=":443"; ma=86400
content-length
20
pragma
no-cache
server
cloudflare
etag
-9058284324266390090
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZpLt1gCSl2ijyOmsL6UDFZUAgVKk2wsiK%2FKQCvQSPeL9PctzevX%2B8uqlGD5l%2FmeVlz3xTtxQaJtmVDteezFijSOaMAmZadt7hjuZKmJ93%2BLhfbi5xmhkI9JkwLgJuezoEgJgonPYq3w"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://ghi.ch
access-control-expose-headers
ETag, Authorization
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
846f4f1a4f966abb-FRA
ratelimit-remaining
99
expires
-1
sdk.js
connect.facebook.net/fr_FR/
297 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/fr_FR/sdk.js?hash=81bdff8187dc81cb94e96da8e2023437
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
81577bd0ea832fcfe07f820a80787c0bc00711882be51676b68f375c2c283478
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ghi.ch/
Origin
https://ghi.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 17 Jan 2024 14:32:41 GMT
content-md5
A8qcUg53d4SRPDcyoia2LA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86999
reporting-endpoints
x-fb-debug
ogqJOnIcA4wviH92BxRJSKarG9LcsTmsL1fh64aUiF6WQdN8UePtPo9tnDOfj9Uc2oOZI+PNa77GL7kgz7w6eA==
x-fb-content-md5
4f9b6eb2f9e5acd176a2a28dcf846f24
cross-origin-opener-policy
same-origin-allow-popups
etag
"4505fbd7e3192bf252547e4a857e7ea1"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 16 Jan 2025 13:26:36 GMT
page-keywords
api.adnz.co/api/ws-semantiq/
38 B
345 B
Fetch
General
Full URL
https://api.adnz.co/api/ws-semantiq/page-keywords?url=https%3A%2F%2Fghi.ch%2F&tenantIds=1,579
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cabf5609dd3ca129d4a52f774801221dd9715298f4d99d36959ce24dc3c716ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains
x-content-type-options
nosniff
ratelimit-reset
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-envoy-upstream-service-time
1
ratelimit-limit
100
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
no-cache
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
https://ghi.ch
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LAvSAt%2F07bgqyhShi%2BVT3yod8Vk2BuLXMsPe60puvu0tpQDplSOcMB9DW1TPKpIAS%2FyBysi8MDywEW6uxGGqEgafCr1fw5IuIQvHSeV8QIDfzRXdL7Kv5i3qj3hQG09Jj%2Bmzrq0X7Be"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cf-ray
846f4f1a8c2b9259-FRA
ratelimit-remaining
99
expires
0
collect
www.google-analytics.com/j/
15 B
214 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1309656962&t=pageview&_s=1&dl=https%3A%2F%2Fghi.ch%2F&ul=en-us&de=UTF-8&dt=GHI%20-%20Le%20Journal%20ind%C3%A9pendant%20des%20Genevois&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1886369391&gjid=743101220&cid=35198788.1705501961&tid=UA-30411546-1&_gid=220783793.1705501961&_r=1&_slc=1&z=1462715231
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
d47944bd82b9ef3c1d379f8ee4665b5813ecb2ed1eebe30491bf25325fdf88ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ghi.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ghi.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
230 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NV82SG5FE7&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bef889375eb885630d63d03237eafe7e740d61cf6f5dd2714585fa3e1c1b889e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83341
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Jan 2024 14:32:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 340D
96 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7dc73cf9dd33526a930e48d8793434a0464cb8da75062a0cb18265de22c16788
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29321
x-xss-protection
0
server
cafe
etag
190 / 19739 / 31080487 / config-hash: 17283158720879652238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:32:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 67C5
96 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c588d2b62e71b035058e2ddafd36dcb449a36b95b00f9879e6919d96efc35d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29321
x-xss-protection
0
server
cafe
etag
904 / 19739 / 31080414 / config-hash: 17283158720879652238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:32:41 GMT
;ID=167055;size=1200x250;setID=203604;type=async;domid=placement_203604_0;place=0;pid=8203014;sw=1600;sh=1200;spr=1;rnd=8203014;referrer=https%3A%2F%2Fghi.ch%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER
servedbyadbutler.com/adserve/
145 B
423 B
Script
General
Full URL
https://servedbyadbutler.com/adserve/;ID=167055;size=1200x250;setID=203604;type=async;domid=placement_203604_0;place=0;pid=8203014;sw=1600;sh=1200;spr=1;rnd=8203014;referrer=https%3A%2F%2Fghi.ch%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.246.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.61.246.55.162.clients.your-server.de
Software
nginx /
Resource Hash
873403a00e2e19143bdaf4fb4f272000a57a65b4d4c25a136f0cebf3ee7249fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin
*
content-type
application/javascript
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
expires
Mon, 26 Jul 1997 05:00:00 GMT
;ID=167055;size=720x360;setID=198743;type=async;domid=placement_198743_0;place=0;pid=8203014;sw=1600;sh=1200;spr=1;rnd=8203014;referrer=https%3A%2F%2Fghi.ch%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER
servedbyadbutler.com/adserve/
145 B
423 B
Script
General
Full URL
https://servedbyadbutler.com/adserve/;ID=167055;size=720x360;setID=198743;type=async;domid=placement_198743_0;place=0;pid=8203014;sw=1600;sh=1200;spr=1;rnd=8203014;referrer=https%3A%2F%2Fghi.ch%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER
Requested by
Host: servedbyadbutler.com
URL: https://servedbyadbutler.com/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.246.61 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.61.246.55.162.clients.your-server.de
Software
nginx /
Resource Hash
5df36b21fcd0ac346947fc6cbd8a13078c975938a9d2014c5216f10e7a42f966
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
p3p
CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
access-control-allow-origin
*
content-type
application/javascript
cache-control
post-check=0, pre-check=0
access-control-allow-credentials
true
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
339 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-30411546-1&cid=35198788.1705501961&jid=1912845552&gjid=665735652&_gid=220783793.1705501961&_u=aGDAgEABAAAAAGAAI~&z=1716457575
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ghi.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 17 Jan 2024 14:32:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ghi.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
212 KB
56 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 17 Jan 2024 14:32:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56915
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
zZbWg17cJ/yWqYtqX8efcNHZKHG4bthsEMeDqdnMl0UffYcmHIEtkc6fwmCZpBBptvXqxOn93T/pdf/0OnykVA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1309656962&t=pageview&_s=1&dl=https%3A%2F%2Fghi.ch%2F&ul=en-us&de=UTF-8&dt=GHI%20-%20Le%20Journal%20ind%C3%A9pendant%20des%20Genevois&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEABAAAAACAAI~&jid=1912845552&gjid=665735652&cid=35198788.1705501961&tid=UA-30411546-1&_gid=220783793.1705501961&gtm=45He41a0n71NXTWTV&gcd=11l1l1l1l1&dma=0&z=1223677716
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 16:19:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
80019
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
thumb.png
assurance.sysnetgs.com/img/
8 KB
8 KB
Image
General
Full URL
https://assurance.sysnetgs.com/img/thumb.png
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.249.120.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-120-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
649c7cc2d02c35a7cf6856504fc8482df64752c8462fd5663d87209da4e7de72
Security Headers
Name Value
Content-Security-Policy default-src 'self' sysnetgs.com 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com fonts.gstatic.com; script-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
content-security-policy
default-src 'self' sysnetgs.com 'unsafe-inline' cdnjs.cloudflare.com fonts.googleapis.com fonts.gstatic.com; script-src 'self';
last-modified
Thu, 01 Jan 1970 00:00:01 GMT
x-download-options
noopen
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-dns-prefetch-control
off
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, must-revalidate
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=()
accept-ranges
bytes
content-length
7893
x-xss-protection
1; mode=block
arrows.png
www.ghi.ch/sites/all/libraries/nivo-slider/themes/default/
824 B
1 KB
Image
General
Full URL
https://www.ghi.ch/sites/all/libraries/nivo-slider/themes/default/arrows.png
Requested by
Host: www.ghi.ch
URL: https://www.ghi.ch/sites/all/libraries/nivo-slider/themes/default/default.css?s7btjk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
6821ca4ae2508bdba08e189040928a0769f0a71b12fdd4325c3ae80ef5636bb8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.ghi.ch/sites/all/libraries/nivo-slider/themes/default/default.css?s7btjk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Wed, 18 Sep 2019 07:50:32 GMT
Server
nginx/1.6.2
ETag
"5d81e1c8-338"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
824
ui-icons_222222_256x240.png
www.ghi.ch/sites/all/modules/contrib/jquery_update/replace/ui/themes/base/minified/images/
4 KB
5 KB
Image
General
Full URL
https://www.ghi.ch/sites/all/modules/contrib/jquery_update/replace/ui/themes/base/minified/images/ui-icons_222222_256x240.png
Requested by
Host: www.ghi.ch
URL: https://www.ghi.ch/sites/all/modules/contrib/jquery_update/replace/ui/themes/base/minified/jquery.ui.theme.min.css?s7btjk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.209.86 , France, ASN16276 (OVH, FR),
Reverse DNS
ns364552.ip-91-121-209.eu
Software
nginx/1.6.2 /
Resource Hash
57adb0d65f4e91dacfee975d9574422bee7486c8a182d60133728c672f2cdbbc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.ghi.ch/sites/all/modules/contrib/jquery_update/replace/ui/themes/base/minified/jquery.ui.theme.min.css?s7btjk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 17 Jan 2024 14:32:41 GMT
Last-Modified
Tue, 24 Jan 2023 16:58:55 GMT
Server
nginx/1.6.2
ETag
"63d00e4f-1111"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4369
p.gif
p.typekit.net/
35 B
205 B
Image
General
Full URL
https://p.typekit.net/p.gif?s=1&k=lol7zte&ht=tk&h=ghi.ch&f=5898.5901.5902.5903&a=853215&js=1.21.0&app=typekit&e=js&_=1705501961495
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
last-modified
Fri, 28 Jul 2023 12:40:18 GMT
server
nginx
etag
"64c3b732-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
like.php
www.facebook.com/v2.4/plugins/ Frame 6410
0
119 B
Document
General
Full URL
https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3930e1046db9d%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=440&href=https%3A%2F%2Fghi.ch%2Flaeroport-de-geneve-va-mieux&layout=button_count&locale=fr_FR&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=81bdff8187dc81cb94e96da8e2023437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 17 Jan 2024 14:32:41 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
wbtKnjS6gmx5IKnPzTaFioTwB28pEGlyxk7vrBD4QK3K/BB+SMKFTjfGbZVMTMVLy+9ASdNtykpidEl6I3YHjg==
x-xss-protection
0
like.php
www.facebook.com/v2.4/plugins/ Frame 4E8F
0
117 B
Document
General
Full URL
https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df17432caf572cb4%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fghi.ch%2Fquoi-de-neuf-dans-le-ghi-de-cette-semaine&layout=button_count&locale=fr_FR&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=81bdff8187dc81cb94e96da8e2023437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 17 Jan 2024 14:32:41 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
dUUAMdbR9pmfr3GiPwRV6owyS0ZDZtOm2hoH+Bq29Yu1gh9l86MAZH7KYdPzDDLoCTlraUkhLcucmjvRgWUoYg==
x-xss-protection
0
like.php
www.facebook.com/v2.4/plugins/ Frame FD0E
0
118 B
Document
General
Full URL
https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df26020383be11e4%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fghi.ch%2Fune-exposition-raconte-le-celebre-immeuble-la-clarte&layout=button_count&locale=fr_FR&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=81bdff8187dc81cb94e96da8e2023437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 17 Jan 2024 14:32:41 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
xzez7NW4Ik1v2odE67C7JS82Ro1z/VdS0U8/v/hUYJVyz+i4BDE/8RQpRSWo3qIKSQAHzFSrc+cRwzxURnHv7w==
x-xss-protection
0
like.php
www.facebook.com/v2.4/plugins/ Frame 1A9E
0
118 B
Document
General
Full URL
https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ae5c43420f3d8%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fghi.ch%2Fdiabete-une-recherche-genevoise-met-en-evidence-le-role-des-graisses&layout=button_count&locale=fr_FR&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=81bdff8187dc81cb94e96da8e2023437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 17 Jan 2024 14:32:41 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
Lf7frAYfFb4jZRN4CwfgyooTlar7A+cYOiap9YDRtJzPdREjYPESkM2+MIxAvwniTsJKT4h+tQwuM3cbipR/vg==
x-xss-protection
0
like.php
www.facebook.com/v2.4/plugins/ Frame F3F5
0
118 B
Document
General
Full URL
https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c2b8dc9b4edf%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fghi.ch%2Fselon-les-astres-2024-sera-une-annus-horribilis&layout=button_count&locale=fr_FR&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=81bdff8187dc81cb94e96da8e2023437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 17 Jan 2024 14:32:41 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
w5rtoQxb9KEyfT6qtRDRmTnNMVfOqMGIxmXZqFnrsWiyIua+N1cug6vqGVQShqatXZgUck+pEc1PiMG3xrX2Hw==
x-xss-protection
0
like.php
www.facebook.com/v2.4/plugins/ Frame 4E30
0
116 B
Document
General
Full URL
https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2943ae0cfe5d18%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fghi.ch%2Fislande-terre-devasion-authentique&layout=button_count&locale=fr_FR&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=81bdff8187dc81cb94e96da8e2023437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 17 Jan 2024 14:32:41 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
fBeAW17MQLyuqMNJzzT3azNmceSi4n/WQVuaHF1eeX4Y27pudM6y18HMjTinS1FaTfOqhRpePvoDM5TC1HftHw==
x-xss-protection
0
like.php
www.facebook.com/v2.4/plugins/ Frame BABF
0
116 B
Document
General
Full URL
https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2e6e16dfad78c%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fghi.ch%2Fle-boulevard-du-pont-darve-temporairement-rebaptise-rue-polluee&layout=button_count&locale=fr_FR&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=81bdff8187dc81cb94e96da8e2023437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 17 Jan 2024 14:32:41 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
fQE+csGElsRN7uQZT3ih5NueAtd8uMB2bpRQyv4u4Nq5vHbs4wmW7hF2jX/1YRGzAijSs3ZVwbHfySRstblfrg==
x-xss-protection
0
like.php
www.facebook.com/v2.4/plugins/ Frame 8671
0
2 KB
Document
General
Full URL
https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3314021c0f8cc8%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fghi.ch%2Fsortie-cinema-mean-girls-un-remake-reussi-de-lolita-malgre-moi&layout=button_count&locale=fr_FR&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=81bdff8187dc81cb94e96da8e2023437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 17 Jan 2024 14:32:41 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
wCgLYUpQ8y6xLkhQ6ceznlVBSWr/12/JxWWjuO5F7vd8dwjfHvcQNYo47StJ6x+T2+ov02Dc/PxhB5R+sVR1Pw==
x-xss-protection
0
like.php
www.facebook.com/v2.4/plugins/ Frame 6A1E
0
119 B
Document
General
Full URL
https://www.facebook.com/v2.4/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df263543ee963e8%26domain%3Dghi.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fghi.ch%252Ff6a13c10e041%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fghi.ch%2Fla-ville-de-geneve-active-son-plan-grand-froid&layout=button_count&locale=fr_FR&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=81bdff8187dc81cb94e96da8e2023437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 17 Jan 2024 14:32:41 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options
nosniff
x-fb-debug
jRoqHmo7/2ra08loTYWOD97I+F2VBqTZhZpJ+Wk+6rcx97RRKkmbcIdZ4t5k4Iz5hjYhqyKJx0CzGwFw0qmOvw==
x-xss-protection
0
collect
region1.google-analytics.com/g/
0
247 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-NV82SG5FE7&gtm=45je41a0v9132042187&_p=1705501961274&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=35198788.1705501961&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fghi.ch%2F&dt=GHI%20-%20Le%20Journal%20ind%C3%A9pendant%20des%20Genevois&sid=1705501961&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=881
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NV82SG5FE7&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ghi.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
247506272403373
connect.facebook.net/signals/config/
141 KB
36 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/247506272403373?v=2.9.140&r=stable&domain=ghi.ch
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e322b56db69d01b0995c0410050c79f60f752f079ef9d0c5949a96c4e4f7f2e9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 17 Jan 2024 14:32:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
jEm8alA5n3OxT6XA6Ysh6qiy1sOnSewdtVA8xB/4sSIoJjrIWWnnQEEPtnaHdw6wt14o6jMAJcxZAtG0dmwXxQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), fullscreen=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
v3
ib.adnxs.com/ut/ Frame
0
0
Preflight
General
Full URL
https://ib.adnxs.com/ut/v3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,pragma,x-is-test
Access-Control-Request-Method
POST
Origin
https://ghi.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
cache-control,pragma,x-is-test
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://ghi.ch
access-control-max-age
86400
an-x-request-uuid
ea9b4f54-3d8c-4c6a-99b9-ca2d67ff5636
cache-control
no-store, no-cache, private
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 17 Jan 2024 14:32:41 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
149.88.27.87; 149.88.27.87; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
ast.js
acdn.adnxs.com/ast/
116 KB
39 KB
Script
General
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=103
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9db9ff5cf7743937b33d2929fbceccfe44e696bef7c79255c7c15faaf76d17ff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires
Fri, 15 Dec 2023 19:26:18 GMT
Date
Wed, 17 Jan 2024 14:32:41 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
68694
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
39617
X-Served-By
cache-lga21942-LGA, cache-mxp6929-MXP
Last-Modified
Thu, 14 Dec 2023 19:22:30 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1705501962.619248,VS0,VE0
ETag
W/"657b55f6-1d04c"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
163024, 13880
v3
ib.adnxs.com/ut/
556 B
842 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=103
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f199829a254e912e6053d741adaab4e79c70b48f09f7952eea12c19605b09e73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

pragma
no-cache
cache-control
no-cache
Referer
https://ghi.ch/
X-Is-Test
0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:41 GMT
content-encoding
gzip
an-x-request-uuid
1bdfbfe6-9baf-4ce9-a881-27a722e5d07c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ghi.ch
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.87; 149.88.27.87; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
as-sec.casalemedia.com/
38 B
315 B
Fetch
General
Full URL
https://as-sec.casalemedia.com/cygnus?s=805184&v=7.2&r=%7B%22id%22%3A%225969441294656195%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22adnz_wideboard_1_1200x250%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%221200x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_1_994x118%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22994x118%22%7D%2C%22banner%22%3A%7B%22w%22%3A994%2C%22h%22%3A118%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_1_728x90%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_1_1200x250%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%221200x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A1200%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_1_800x250%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22800x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A800%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_1_970x250%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_1_994x250%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22994x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A994%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_2_994x250%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22994x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A994%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_2_994x118%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22994x118%22%7D%2C%22banner%22%3A%7B%22w%22%3A994%2C%22h%22%3A118%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_2_728x90%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_2_800x250%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22800x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A800%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_2_970x250%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_2_994x250%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22994x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A994%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_3_994x250%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22994x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A994%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_3_994x118%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22994x118%22%7D%2C%22banner%22%3A%7B%22w%22%3A994%2C%22h%22%3A118%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_3_728x90%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_3_800x250%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22800x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A800%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_3_970x250%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_wideboard_3_994x250%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22994x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A994%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_halfpage_1_160x600%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fghi.ch%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D&ac=j&sd=1
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0b5c570844a825315864dd9857f58f196fa8a9226d3d1170f9d167c1333cc46

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FWYXyAs35K2qIMGayDoKAqyHTWMfsypuomukFjNl85Fai%2FMA4rnHGG7GnTfjihsO1LkeLfMYdBKkR6Fbl9uxpZN57JTT%2BK3ARwMo4FRjABVL2oBE0AnNnLOvvXaMlfuC4Fs2a0W40i8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ghi.ch
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
846f4f1c1e8b9219-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
cygnus
as-sec.casalemedia.com/
38 B
666 B
Fetch
General
Full URL
https://as-sec.casalemedia.com/cygnus?s=805184&v=7.2&r=%7B%22id%22%3A%225969441294656195%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22adnz_halfpage_1_160x600%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22adnz_halfpage_1_300x600%22%2C%22ext%22%3A%7B%22siteID%22%3A%22805184%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fghi.ch%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%7D&ac=j&sd=1
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0b5c570844a825315864dd9857f58f196fa8a9226d3d1170f9d167c1333cc46

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FgEt2uVBzu7eB54ehJHgUVEocUy%2B92f8ksa4mys1Zah3nZkqZYnrrB%2Fn5A1c1nyT6anmWkCJJUMSqxQ2SRW3%2BoiAJinXnsfXnVoBdWvpU7I14L2CW%2BMhfmASIsr1joB6doytiBqU9M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ghi.ch
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
846f4f1c1e8a9219-FRA
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
v3
ib.adnxs.com/ut/
19 B
856 B
XHR
General
Full URL
https://ib.adnxs.com/ut/v3
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ghi.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:41 GMT
an-x-request-uuid
2dacb415-399b-475e-b90d-54d72b1b6269
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ghi.ch
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
149.88.27.87; 149.88.27.87; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.facebook.com/tr/
0
136 B
Image
General
Full URL
https://www.facebook.com/tr/?id=247506272403373&ev=PageView&dl=https%3A%2F%2Fghi.ch%2F&rl=&if=false&ts=1705501961660&sw=1600&sh=1200&v=2.9.140&r=stable&ec=0&o=4126&fbp=fb.1.1705501961659.385344617&cs_est=true&ler=empty&it=1705501961538&coo=false&rqm=GET
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 17 Jan 2024 14:32:41 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/ Frame 340D
430 KB
135 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8730aafbdb6d03c6d4a37f76ebf8d504d5706fbae56686399a4b198981a0b6be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:37:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
68125
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138464
x-xss-protection
0
server
cafe
etag
13337571285874554267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 15 Jan 2025 19:37:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 340D
675 B
342 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ghi.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0820581b362388f72193dea4f4a010e90923a5279d6ef1627548ddcfde45443d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
317
x-xss-protection
0
expires
Wed, 17 Jan 2024 14:32:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 340D
97 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcf359c56991fc7e5065d4d16544798f3b7a039aced1a793bd89a4e2a1fb8c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29628
x-xss-protection
0
server
cafe
etag
491 / 19739 / m202401100101 / config-hash: 17283158720879652238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:32:41 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/ Frame 67C5
438 KB
138 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080414
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 20:44:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
64093
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140824
x-xss-protection
0
server
cafe
etag
1760809391848743662
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 15 Jan 2025 20:44:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 67C5
675 B
342 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ghi.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0820581b362388f72193dea4f4a010e90923a5279d6ef1627548ddcfde45443d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
317
x-xss-protection
0
expires
Wed, 17 Jan 2024 14:32:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 67C5
97 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adnz.co
URL: https://adnz.co/header.js?adTagId=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e129ae7a34cd327c4265faa399d909e4e35f3edad3b15b75691c857f4f28b05a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29628
x-xss-protection
0
server
cafe
etag
309 / 19739 / m202401100101 / config-hash: 17283158720879652238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:32:41 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 340D
31 KB
13 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4434582859385943&correlator=3209805898320158&eid=31079233%2C31080487&output=ldjh&gdfp_req=1&vrg=202401110101&ptt=17&impl=fif&iu_parts=96628199%2Cfr_ghi.ch_v2%2Cfr_ghi.ch_v2_1850&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=994x118%7C728x90%7C1200x250%7C800x250%7C970x250%7C994x250%7C1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705501961844&lmt=1705501961&adxs=800&adys=20&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4vugradst66n&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fghi.ch%2F&ref=https%3A%2F%2Fghi.ch%2F&top=https%3A%2F%2Fghi.ch%2F&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ga_vid=35198788.1705501961&ga_sid=1705501962&ga_hid=833538808&ga_fc=true&dlt=1705501961418&idt=400&ppid=00000009058284324266390090unblhd&prev_scp=hb_pb%3D0.30&adks=3975924159&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b7f6ad512c2977e234b777fb135b2e6b17825b365ee18f4d563330c06262151
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13314
x-xss-protection
0
google-lineitem-id
6401070699
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138293562321
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ghi.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ Frame 340D
732 B
1 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
29431
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230100-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eg3J%2BkxmvZ81vIAVkRO6%2F%2Fzxw2IkUDUZb5UEax2NeQixnSHIzI%2BQv%2FPrp2Ed%2B5pkW5JlX7cVyv3IQKycebjwHktnU3EpNDMzpBj2rjNf8yaYCBo98YruNrLmgHWcjLfdpZEmWoiAkWhMR4nM7YI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
846f4f1dda999293-FRA
esp.js
cdn.id5-sync.com/api/1.0/ Frame 340D
114 KB
29 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 08 Jan 2024 11:20:59 GMT
server
cloudflare
x-amz-request-id
P0SZRWJEMT596H4H
age
33
etag
W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
846f4f1deb5e9156-FRA
x-amz-id-2
RORF20IXLdr6MKVZ6gGDqsw7FtjxeaKZU61L3w5T8KA1Ev4Ua4nrbPMzr1zVoIDwrbGXWcZF7AwcDD8FsCrr7A==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ Frame 340D
1 KB
1 KB
Script
General
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
3409049372e4f2cdd7bdad943b37e14e
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ Frame 340D
39 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-28.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 05:37:13 GMT
content-encoding
gzip
via
1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
32129
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
4aY93Eh54aiyYcWR2K_ZAcW1Td9b0JWSplVg2T_z6ezQW-kKK8O9bA==
uid2SecureSignal.js
cdn.prod.uidapi.com/ Frame 340D
3 KB
3 KB
Script
General
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:d200:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Wed, 17 Jan 2024 09:17:41 GMT
Via
1.1 2551fa016e0e39646c40c584001d7b4e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P1
Age
18901
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
RItojhVsSiq55J7fnNDIaYcxCLGhnokJY7BjeB5_J0cb9rnns0VXoA==
esp.js
oa.openxcdn.net/ Frame 340D
24 KB
8 KB
Script
General
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 10:53:29 GMT
content-encoding
gzip
age
531552
x-guploader-uploadid
ABPtcPpaztn71wKaQGLNEshY3uYQC9zk4DEfMemTKNxLTA3dFEDOJPhbr_vbb44BDT6DUl_Utna-hLdKcLDt9DGrFs_4iA7YcO0w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Fri, 10 Jan 2025 10:53:29 GMT
publishertag.ids.js
static.criteo.net/js/ld/ Frame 340D
41 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3dd103ba888c627706f31656287652d5fceb9ef7a7099eec5a07aac2f7d397dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 10 Jan 2024 15:13:35 GMT
server
nginx
etag
W/"659eb41f-a585"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 18 Jan 2024 14:32:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 340D
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401110101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6a8e025663bcd1a0d949efbb4c5a8823006505d8b50f7f2328910ce0af7fda6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12170
x-xss-protection
0
container.html
1687ca191c1e83f1cf89e47f5922b8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1830
6 KB
3 KB
Document
General
Full URL
https://1687ca191c1e83f1cf89e47f5922b8ed.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 14:32:41 GMT
expires
Thu, 16 Jan 2025 14:32:41 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
batch
api.adnz.co/api/ws-events-sink/
0
0
Fetch
General
Full URL
https://api.adnz.co/api/ws-events-sink/batch?visitorId=-9058284324266390090&hash=&uid=&events=W3sidHlwZSI6IlBBR0VfSU1QUkVTU0lPTiIsImV2ZW50SWQiOjg1OTYwMzM3MDU3NDIyOSwicGFnZUltcHJlc3Npb25JZCI6MzY4NjQyNzU5NjQ1NTUxMywidXJsIjoiaHR0cHM6Ly9naGkuY2gvIiwiYm9keSI6e319LHsidHlwZSI6IkhFQURFUl9ET01fRk9VTkQiLCJldmVudElkIjoxNDU0ODcyMzIzMDk2ODcsInBhZ2VJbXByZXNzaW9uSWQiOjM2ODY0Mjc1OTY0NTU1MTMsInVybCI6Imh0dHBzOi8vZ2hpLmNoLyIsImJvZHkiOnsiYWRUYWdJZCI6MTAzLCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOiIxODUwIn19LHsidHlwZSI6IkhFQURFUl9ET01fRk9VTkQiLCJldmVudElkIjo3NTkxOTA5NTY0ODgyNjQ3LCJwYWdlSW1wcmVzc2lvbklkIjozNjg2NDI3NTk2NDU1NTEzLCJ1cmwiOiJodHRwczovL2doaS5jaC8iLCJib2R5Ijp7ImFkVGFnSWQiOjEwMywiZGl2SWQiOiJhZG56X2hhbGZwYWdlXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOiIxODU3In19LHsidHlwZSI6IkhFQURFUl9DQU5fQkVfUFJFTE9BREVEIiwiZXZlbnRJZCI6MTcxMTQ0NDE5NTY3MzY2NywicGFnZUltcHJlc3Npb25JZCI6MzY4NjQyNzU5NjQ1NTUxMywidXJsIjoiaHR0cHM6Ly9naGkuY2gvIiwiYm9keSI6eyJhZFRhZ0lkIjoxMDMsImRpdklkIjoiYWRuel93aWRlYm9hcmRfMSIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6IjE4NTAifX0seyJ0eXBlIjoiSEVBREVSX0NBTl9CRV9QUkVMT0FERUQiLCJldmVudElkIjo1NTk1MzY4OTQ1NTczNjQ5LCJwYWdlSW1wcmVzc2lvbklkIjozNjg2NDI3NTk2NDU1NTEzLCJ1cmwiOiJodHRwczovL2doaS5jaC8iLCJib2R5Ijp7ImFkVGFnSWQiOjEwMywiZGl2SWQiOiJhZG56X2hhbGZwYWdlXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOiIxODU3In19LHsidHlwZSI6IkhFQURFUl9DQU5fQkVfU0hPV04iLCJldmVudElkIjoyNTk5OTQyNDk0ODMyNjgzLCJwYWdlSW1wcmVzc2lvbklkIjozNjg2NDI3NTk2NDU1NTEzLCJ1cmwiOiJodHRwczovL2doaS5jaC8iLCJib2R5Ijp7ImFkVGFnSWQiOjEwMywiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIiwiaXNSZWxvYWQiOmZhbHNlLCJzaXplTWFwcGluZ0lkIjoiMTg1MCJ9fSx7InR5cGUiOiJIRUFERVJfQ0FOX0JFX1NIT1dOIiwiZXZlbnRJZCI6Mzc2NjE4ODA3MDA4NjQ2NSwicGFnZUltcHJlc3Npb25JZCI6MzY4NjQyNzU5NjQ1NTUxMywidXJsIjoiaHR0cHM6Ly9naGkuY2gvIiwiYm9keSI6eyJhZFRhZ0lkIjoxMDMsImRpdklkIjoiYWRuel9oYWxmcGFnZV8xIiwiaXNSZWxvYWQiOmZhbHNlLCJzaXplTWFwcGluZ0lkIjoiMTg1NyJ9fSx7InR5cGUiOiJCSURfUkVRVUVTVCIsImV2ZW50SWQiOjE1NDQ1NjUwMjQwMjc1MSwicGFnZUltcHJlc3Npb25JZCI6MzY4NjQyNzU5NjQ1NTUxMywidXJsIjoiaHR0cHM6Ly9naGkuY2gvIiwiYm9keSI6eyJoZWFkZXJUYWdJZCI6IjEwMyIsImNyZWF0ZWQiOjE3MDU1MDE5NjE2OTgsInJlcXVlc3RJZCI6IjU5Njk0NDEyOTQ2NTYxOTUiLCJiaWRkZXJzIjpbIkFQUE5FWFVTIiwiVEVBRFMiLCJJWCIsIkFNQVpPTiIsIkJDIiwiQlRBIiwiQ09ERSIsIlhBTkRSX0JBTk5FUiJdLCJzaXplcyI6WyIxMjAweDI1MCIsIjk5NHgxMTgiLCI3Mjh4OTAiLCIxMjAweDI1MCIsIjgwMHgyNTAiLCI5NzB4MjUwIiwiOTk0eDI1MCJdLCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzEifX0seyJ0eXBlIjoiQklEX1JFUVVFU1QiLCJldmVudElkIjo0ODEyMjk1MjM1MzkyMzczLCJwYWdlSW1wcmVzc2lvbklkIjozNjg2NDI3NTk2NDU1NTEzLCJ1cmwiOiJodHRwczovL2doaS5jaC8iLCJib2R5Ijp7ImhlYWRlclRhZ0lkIjoiMTAzIiwiY3JlYXRlZCI6MTcwNTUwMTk2MTY5OCwicmVxdWVzdElkIjoiNTk2OTQ0MTI5NDY1NjE5NSIsImJpZGRlcnMiOlsiQVBQTkVYVVMiLCJURUFEUyIsIklYIiwiQU1BWk9OIiwiQkMiLCJCVEEiLCJDT0RFIiwiWEFORFJfQkFOTkVSIl0sInNpemVzIjpbIjk5NHgyNTAiLCI5OTR4MTE4IiwiNzI4eDkwIiwiODAweDI1MCIsIjk3MHgyNTAiLCI5OTR4MjUwIl0sImRpdklkIjoiYWRuel93aWRlYm9hcmRfMiJ9fSx7InR5cGUiOiJCSURfUkVRVUVTVCIsImV2ZW50SWQiOjQ2MDEyNzQ1OTI3MzgxMTMsInBhZ2VJbXByZXNzaW9uSWQiOjM2ODY0Mjc1OTY0NTU1MTMsInVybCI6Imh0dHBzOi8vZ2hpLmNoLyIsImJvZHkiOnsiaGVhZGVyVGFnSWQiOiIxMDMiLCJjcmVhdGVkIjoxNzA1NTAxOTYxNjk4LCJyZXF1ZXN0SWQiOiI1OTY5NDQxMjk0NjU2MTk1IiwiYmlkZGVycyI6WyJBUFBORVhVUyIsIlRFQURTIiwiSVgiLCJBTUFaT04iLCJCQyIsIkJUQSIsIkNPREUiLCJYQU5EUl9CQU5ORVIiXSwic2l6ZXMiOlsiOTk0eDI1MCIsIjk5NHgxMTgiLCI3Mjh4OTAiLCI4MDB4MjUwIiwiOTcweDI1MCIsIjk5NHgyNTAiXSwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8zIn19LHsidHlwZSI6IkJJRF9SRVFVRVNUIiwiZXZlbnRJZCI6ODg3MjA2NzE0MTM5Njc2OSwicGFnZUltcHJlc3Npb25JZCI6MzY4NjQyNzU5NjQ1NTUxMywidXJsIjoiaHR0cHM6Ly9naGkuY2gvIiwiYm9keSI6eyJoZWFkZXJUYWdJZCI6IjEwMyIsImNyZWF0ZWQiOjE3MDU1MDE5NjE2OTgsInJlcXVlc3RJZCI6IjU5Njk0NDEyOTQ2NTYxOTUiLCJiaWRkZXJzIjpbIkFQUE5FWFVTIiwiVEVBRFMiLCJJWCIsIkFNQVpPTiIsIkJDIiwiQlRBIiwiQ09ERSIsIlhBTkRSX0JBTk5FUiJdLCJzaXplcyI6WyIxNjB4NjAwIiwiMTYweDYwMCIsIjMwMHg2MDAiXSwiZGl2SWQiOiJhZG56X2hhbGZwYWdlXzEifX0seyJ0eXBlIjoiSEVBREVSX0FVQ1RJT04iLCJldmVudElkIjo2ODMwMjgxOTEyOTU5NDkxLCJwYWdlSW1wcmVzc2lvbklkIjozNjg2NDI3NTk2NDU1NTEzLCJ1cmwiOiJodHRwczovL2doaS5jaC8iLCJib2R5Ijp7ImFkVGFnSWQiOjEwMywiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIiwiaXNSZWxvYWQiOmZhbHNlLCJzaXplTWFwcGluZ0lkIjoiMTg1MCJ9fSx7InR5cGUiOiJIRUFERVJfQVVDVElPTiIsImV2ZW50SWQiOjU0MDQ1MzMzNTU4MTIxNjksInBhZ2VJbXByZXNzaW9uSWQiOjM2ODY0Mjc1OTY0NTU1MTMsInVybCI6Imh0dHBzOi8vZ2hpLmNoLyIsImJvZHkiOnsiYWRUYWdJZCI6MTAzLCJkaXZJZCI6ImFkbnpfaGFsZnBhZ2VfMSIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6IjE4NTcifX0seyJ0eXBlIjoiSEVBREVSX0FMTE9XRUQiLCJldmVudElkIjo2NzAyOTE2MjIxMjAyNDIzLCJwYWdlSW1wcmVzc2lvbklkIjozNjg2NDI3NTk2NDU1NTEzLCJ1cmwiOiJodHRwczovL2doaS5jaC8iLCJib2R5Ijp7ImFkVGFnSWQiOjEwMywiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIiwiaXNSZWxvYWQiOmZhbHNlLCJzaXplTWFwcGluZ0lkIjoiMTg1MCJ9fSx7InR5cGUiOiJIRUFERVJfQUxMT1dFRCIsImV2ZW50SWQiOjYxNzcwNTE0OTc3NzIzMzMsInBhZ2VJbXByZXNzaW9uSWQiOjM2ODY0Mjc1OTY0NTU1MTMsInVybCI6Imh0dHBzOi8vZ2hpLmNoLyIsImJvZHkiOnsiYWRUYWdJZCI6MTAzLCJkaXZJZCI6ImFkbnpfaGFsZnBhZ2VfMSIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6IjE4NTcifX0seyJ0eXBlIjoiSEVBREVSX0dQVF9JTkpFQ1RFRCIsImV2ZW50SWQiOjQwODg0NTU5MDE4MTgyNjUsInBhZ2VJbXByZXNzaW9uSWQiOjM2ODY0Mjc1OTY0NTU1MTMsInVybCI6Imh0dHBzOi8vZ2hpLmNoLyIsImJvZHkiOnsiYWRUYWdJZCI6MTAzLCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOiIxODUwIn19LHsidHlwZSI6IkhFQURFUl9HUFRfSU5KRUNURUQiLCJldmVudElkIjo1OTQyOTc3NDU2MTMxNjg5LCJwYWdlSW1wcmVzc2lvbklkIjozNjg2NDI3NTk2NDU1NTEzLCJ1cmwiOiJodHRwczovL2doaS5jaC8iLCJib2R5Ijp7ImFkVGFnSWQiOjEwMywiZGl2SWQiOiJhZG56X2hhbGZwYWdlXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOiIxODU3In19XQ%3D%3D
Requested by
Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:41 GMT
ratelimit-reset
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1wNTi6pa8olFw35q%2BudpnGPIcF022az5mqjJFzB6fU3RvEmcItm0CIYq7QeLjrWPu6f5aouGCkPyLeuC58HSCQS14XfQcJeYh45fF2pp0Cp1eeSYvNb9vp1g9ssSslt057vm4d%2F6Zvf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://ghi.ch
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
ratelimit-limit
100
cf-ray
846f4f1dae6b3a5c-FRA
ratelimit-remaining
99
alt-svc
h3=":443"; ma=86400
map
bcp.crwdcntrl.net/6/ Frame 340D
156 B
607 B
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.29.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-29-7.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
fee802222dd84927c4e5a92a9bf5d91e3103da06ad11dab45a4d6e0f9a5a2f69

Request headers

Referer
https://ghi.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ghi.ch
cache-control
no-cache
x-server
10.45.25.211
access-control-allow-credentials
true
content-length
156
expires
0
esp
oajs.openx.net/ Frame 340D
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fghi.ch%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fghi.ch%2F&rid=esp&cc=1
85 B
194 B
Fetch
General
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fghi.ch%2F&rid=esp&cc=1
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
4e118ec6f7aa2d7b7971712964ce6b2b0c3ad3e0a7dd747619d2ec9b137df60c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:42 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-1THsFQvT0GyYX6DWaXLBDfd7SSA"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ghi.ch
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 17 Jan 2024 14:32:42 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://ghi.ch
location
/esp?url=https%3A%2F%2Fghi.ch%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
increment
id5-sync.com/api/esp/ Frame 340D
0
222 B
XHR
General
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ghi.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ghi.ch
date
Wed, 17 Jan 2024 14:32:41 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame FBE0
14 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ghi.ch
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 14:32:41 GMT
server
Kestrel
server-processing-duration-in-ticks
444053
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
ads
securepubads.g.doubleclick.net/gampad/ Frame 67C5
31 KB
13 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3061029612229805&correlator=4348672047830555&eid=31080414&output=ldjh&gdfp_req=1&vrg=202401100101&ptt=17&impl=fif&iu_parts=96628199%2Cfr_ghi.ch_v2%2Cfr_ghi.ch_v2_1857&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C300x600%7C1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1705501961967&lmt=1705501961&adxs=1250&adys=615&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=rtl0dyooq4k&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fghi.ch%2F&ref=https%3A%2F%2Fghi.ch%2F&top=https%3A%2F%2Fghi.ch%2F&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ga_vid=35198788.1705501961&ga_sid=1705501962&ga_hid=2004791790&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_NzavtExSABSAghkEhkKCnB1YmNpZC5vcmcYyd3avtExSABSAghqEhcKCHJ0YmhvdXNlGNTd2r7RMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRj83Nq-0TFIAFICCGQSGQoKdWlkYXBpLmNvbRj83Nq-0TFIAFICCGQSFAoFb3BlbngY_NzavtExSABSAghkEhsKDGlkNS1zeW5jLmNvbRj83Nq-0TFIAFICCGQ.&dlt=1705501961426&idt=441&ppid=00000009058284324266390090unblhd&prev_scp=hb_pb%3D0.30&adks=2780614994&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe5a5b7dd74e4aab3780885d9ba4ea7ef2d6c4fd2d0745714a317c3594ba1000
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13701
x-xss-protection
0
google-lineitem-id
6401070699
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138299349130
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ghi.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 67C5
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76b06e3c8015d09aee8de519b899b9d9f8ccd5c1e033d4a2869acdf9837c7bca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12405
x-xss-protection
0
container.html
f67b524e3b8b8f1cf1d31904365a46d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7B9C
6 KB
3 KB
Document
General
Full URL
https://f67b524e3b8b8f1cf1d31904365a46d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 14:32:42 GMT
expires
Thu, 16 Jan 2025 14:32:42 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 340D
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 17 Jan 2024 14:32:42 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 67C5
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 17 Jan 2024 14:32:42 GMT
sid
mug.criteo.com/ Frame FBE0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ghi.ch&sn=ChromeSyncframe&so=0&topUrl=ghi.ch&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=-a-nY3xUejg5Qkt1LzU5cVdVVjNxemtWdXJ3dmpTcnBZVlg2QW9vejFSenV4bitOQUtNQWJGSHhOd2VPbEpEd3J0OWlMekFMb21JRGM5a3ZvODhKanY1VUJjSXVaaEM3bSsyNjhpZ3ArN0lxYm5aeU1HeW9PYnNVWGduL2...
436 B
659 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=-a-nY3xUejg5Qkt1LzU5cVdVVjNxemtWdXJ3dmpTcnBZVlg2QW9vejFSenV4bitOQUtNQWJGSHhOd2VPbEpEd3J0OWlMekFMb21JRGM5a3ZvODhKanY1VUJjSXVaaEM3bSsyNjhpZ3ArN0lxYm5aeU1HeW9PYnNVWGduL2k2S3JLQVBzdzAzT1QraHM0RlV2QlMxcUV4SGllRTdzWkZYU1o1Qy8yUkYwQVpiRnBkU0FzUkVEVGtZQUVZZEt3VTczc21MT2IzZFZSZG5vYXhxc3JtSDFFVFBRRUx6TTBSMFBoM0NKUjdvTklpeEVJU3VRcTgyRHdWMktObjdQUUF1VW9iVEY2eW1DN2RaZm9pcExOV0hUdmRLYVJRQT09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
94ffef8ef634363cd7fcf1a09d52894aa1d8ff231491878f21f2aa0b64da5018
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1409406
expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=-a-nY3xUejg5Qkt1LzU5cVdVVjNxemtWdXJ3dmpTcnBZVlg2QW9vejFSenV4bitOQUtNQWJGSHhOd2VPbEpEd3J0OWlMekFMb21JRGM5a3ZvODhKanY1VUJjSXVaaEM3bSsyNjhpZ3ArN0lxYm5aeU1HeW9PYnNVWGduL2k2S3JLQVBzdzAzT1QraHM0RlV2QlMxcUV4SGllRTdzWkZYU1o1Qy8yUkYwQVpiRnBkU0FzUkVEVGtZQUVZZEt3VTczc21MT2IzZFZSZG5vYXhxc3JtSDFFVFBRRUx6TTBSMFBoM0NKUjdvTklpeEVJU3VRcTgyRHdWMktObjdQUUF1VW9iVEY2eW1DN2RaZm9pcExOV0hUdmRLYVJRQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
301254
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E0B2
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3078
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 13:41:24 GMT
expires
Thu, 16 Jan 2025 13:41:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A1D8
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a15da7811c03c5464103d49b68dfacf6f2ea98238b8ca1678920dfb285ad721c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1sd3ft3tcXxGB73zbtAEhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-1sd3ft3tcXxGB73zbtAEhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 14:32:42 GMT
expires
Wed, 17 Jan 2024 14:32:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame E0B2
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 11:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
9330
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 11:57:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8A61
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
3078
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 13:41:24 GMT
expires
Thu, 16 Jan 2025 13:41:24 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BF45
829 B
770 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cd2d6372ee984b80d8b07ae17afb6f4dbcbb62425a5bb2fd25d9c65fbb8efed7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HBtXrhG9o5rgE3IGHYcZSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-HBtXrhG9o5rgE3IGHYcZSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 14:32:42 GMT
expires
Wed, 17 Jan 2024 14:32:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 8A61
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 11:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
9330
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 11:57:12 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A1D8
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401110101&jk=4434582859385943&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame BF45
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401100101&jk=3061029612229805&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

view
securepubads.g.doubleclick.net/pcs/ Frame 6A9A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssN_RyELiHJcn5alE3r9BmYH_09QPPdWXZ-BluR6JZQ6QmeBobw3YBpnP_0TKRR3dcsWP9GebFFWAUMySFt09VA9F7Xdo3wDYwoFeThxu_a7lIRSyrIVwJLyjHlDT7R3Ep8blRxXz5ff7NW8MkCGPw9tnqQR0MUKKQOxFHVt-7ML7x9hYsNZLO_QVrYAVRh_kFRmH9EKwAXrPjT0lk-Xlt8l7d63gr6YT2LHVLWtZCzIL6el_u-Fl0HqkE4WXt-v6pQNW8DJc94e92YaWzYSVjTRWZ1FWKZwXwWbW_aV_3SYU7Ff2thb_RqOguRlDtXBn_DrkgiowCDxffY2z1tUozZUFC8W6uR4ntDwInmzQzr4TiysvOac7bFnMy0R58C12Y&sai=AMfl-YQWgIQ8lWHNDryzDG29914bgZrpUqmNR4UKyqzP1OGWUtpyY1RxvrvhoMnkDAa5v0wNul-F4VBB00xi1t_5zVrPQTkWZ6Ibnc3h13P7QA4bNGanVBqMt2skj7uIuFds4UHeH8TeCZaNrXS_Iry221KVjj1KhI3gzEdC8_1YOcu2Nzsy&sig=Cg0ArKJSzMegNY7zq9DvEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 17 Jan 2024 14:32:42 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6A9A
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401110101/pubads_impl.js?cb=31080487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:32:42 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 7A54
703 B
861 B
Document
General
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7e5374ec3878dcb2532712e65a9e83ddabca96035cbc2da83c64afae8dbfaf29

Request headers

Referer
https://ghi.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
445
content-type
text/html
date
Wed, 17 Jan 2024 14:32:42 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
generate_204
tpc.googlesyndication.com/ Frame E0B2
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?O7-EwA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 8A61
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?Bn53Nw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
eu-u.openx.net/w/1.0/ Frame 7A54
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5509776753783892683
43 B
97 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5509776753783892683
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5509776753783892683
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7A54
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=7f8e14c6-07e7-ca09-06c6-af293839dded
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=7f8e14c6-07e7-ca09-06c6-af293839dded&dcc=t
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=7f8e14c6-07e7-ca09-06c6-af293839dded&dcc=t
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
HTTP/1.1
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 14:32:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P4YHTEFW63EH3BZNS2CV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 14:32:42 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1X0ACT6YWY6E5V45ECTQ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=7f8e14c6-07e7-ca09-06c6-af293839dded&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 7A54
70 B
149 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=275868bb-1b4d-71f3-c6c8-2dbe500a160d&gdpr=0
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:42 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 7A54
170 B
409 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MGIzN2JiNzEtZDIzYS0yZjU3LWQzMjgtNzcwNzlhZThkODZk
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7A54
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJgFxBGN0r7ijZRXFLdpy_Q&google_cver=1
43 B
171 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJgFxBGN0r7ijZRXFLdpy_Q&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 14:32:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJgFxBGN0r7ijZRXFLdpy_Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0CA6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuw-d66EY1iglFSLVv8VPsNsYEQfA1cE58wjunNVp2g51akM0N21JrW4MblzdEoPNKJzJuA3WnvE0EYiRE4n5BLqREKlENCYt0Iflf0Zv7CnMUKDQoTZpYv0GET65ZwmpPwJ9lf53EYyseRxFeZe3DWSrAS11_sGi33nIjorkK0jUti511qr1lVbviimLR6ubFnbu_H46BSnOwxzoECPnX5-cFFPmD1yj7SgtflBXuXlHRH8Q5ugqt-bU9vU9Af5A99jGecUW3NXtVoRHHMhqfdgCTnKYY3cwTpgD_x3TPaKrVDJkShzdDJ03DMlPOnjjx-1cwPN9jbwlp5YCvyQJKm858YCo-IAt7ye32Qwk2YvzGNHt4mfo_wP6nUUf7413g&sai=AMfl-YTDSRiMu1A0aJKDr-uTsJeya6GuhWrp5-88t85IaRqU0T2Rbt_fYmvMpwQWjt2IOLR0YumFmb5zm10eI24yyCq7wL3bv8AeurKAA5Sw0fbo5Ri1ox1reWWIBAnKKWaMkpcieE-B3kzagHuGME7sPFcBXB5yKrXybnsw86TT2vOG5EdqMiHFO07NzeFjRpheEVjNcrSCO2HM-zQsISDbeXExx7qgOj5mC-ubSASlfFajcA&sig=Cg0ArKJSzF2CwYKmNNo3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: ghi.ch
URL: https://ghi.ch/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0CA6
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401100101/pubads_impl.js?cb=31080414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 14:32:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6A9A
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkIg0Ut8AqWVC2v_lHiRIDirQWV9eOySETN6KU0I2El-cq6ZIrTSDZ2O82TpJ_o_dERj7B1-6nkrV5Pwx_hIbly53GMe6V83l2tFQQAEEfktXoaW5Af8chej49P398MKc95CYmiNgVo_N2A_pZL9DAbUk9qNRLUZWSbDrTCVDzLOTNnvHsRAUb4jADh4SRcRe3NIo58w5xVr5aLZzF-Ny8lgGhenzLie5vDY0bGUEbfCTKsvwlzHzKw9WMXYFtdU8_HjH6u7mj23Z8cder5ICWegpSC9TY7bRYh7FfQU_S3PMq4SK1A3C9x4MT7YuhM-XnZ3hmvVeqGe5gi8GBiuNL3v1lJsC38eeuKStVeJdxC_U2lh71iYyIxza2LxT3wDzZJg&sai=AMfl-YQYcn-Xp7plsjHhPGZsXRzm_78bmhmcix3TRSSiCH8bIvmXiqwfBdttRqUvCDgLTCsolDmIBXiN4xqWotsCczwm6M-9PdeNp8QkCpauhEzSKhQ7LQCLIYk_N3k0HpUDJM2hfLEQx_QZQPpCU9CEOTu3h_6uOeqyAtuIA49pJ0RiN54F&sig=Cg0ArKJSzC2q3RLW2iLkEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 17 Jan 2024 14:32:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0CA6
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYU932jPHZwykSmFlBz5iwITFH7dlNfZtn08N4EdCygo1Y8CXn_fMGOSksD7NkknEOVRRQOPD4-f1algPMUIBTsYnYU67wiJjH2URDE2AHnMw2nu1GuSpXGUFhjBHu7eWTdWuwHgobY1W_5MdgvTpO6lt09VrlT2xFZTDFo1Hmd48bWt_ERn-ZzNi4WDi5EAv-z2x-fNtJDXGw4UcRS6k8WjCfWNMTbOloinqi8nS0dKtOJIJGjVnUmWgfG5AZ7br9Pah9GlOIrIxEL5jNSr5R4rfgOmJ_9PojNmpurXLgceeVmbjIshDfBxNFJuDClgTPdD0EqqYOKRReH8D2JP_tQwBvBm5jdQuf2FmTBjymW5xJ1ZEECpIDkUusyvgzIbNCJw&sai=AMfl-YRljnMENkxjClGLuJ8zAL-WA80yd-dmU4NZioEPIwu30lFKWKOKAxPQwPGCwPSDhf4oTAVQYrhqZu0SQIvimvC-6DIF0CbVLIBdrDJccA1i2alf5JGyGZHB6_mUbz89vR8Cqg2kRK3kHzNAdcro4NmNfMuvoNvoqA53mkosp-kZiqlJ2xFETFsjv2C8oXEwTvBFLo7c_bPGgvp7LIxJfe7YvrProSHW-V5CcU71g2WGBw&sig=Cg0ArKJSzLqK2Tl3rpUdEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 17 Jan 2024 14:32:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 340D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401110101&jk=4434582859385943&bg=!ODulO3TNAAa8BdJLnAU7ADQBe5WfOIMSLXQCMy58k-WS8IrJb0tn1XyERwdGCtRIvKU6Oc7tcRGnp9Rb9owbSMrzKvG5AgAAAFNSAAAAAWgBB5kC1pCq8AqfQmeEKCD2eVs0hieFm045jnmk0KPUNQu9Rk8WDlf2u4lrj-WOpT-jGtR4kqUAx1KFwjUAhwOoceY75PSnQl4v7if2grIUpWva0iqfMxpwLJjwMPbWBByodVtJTvb14lSTEcppe7eIQhqVlMKRExcPstr9E3mK2jNzQyaVF29wdmFlR52eUJR2hX9BhRkkjI40au0LKz-1l8NihvCP_eJVRSXqC1d-39u9-NOFHGWA2c2QNf7GHGSgIK7wyKr3ETGuuSiKA67cxUkB_Um6eKRm4a0nBumYZfn5Btkx19goAS6NvSlp06jfr2IPGqPEIXsQYkd6doZFfWxusrWan1MubHMTz9HV0igXPAOAMS_tR3cF625qooigrn3egBr9IWRk6dJYlf09ieWrgccWj5-w0n9rHwnbk0ctX1wc2CgbQcC3P7xUeKjzIosThmvuFvuglVgQiFTFiXZ_Ef8twQeRIFYjkrAmfLcKXcxdbZ2K6QtLuEzHri1QkBuv2rLaCsDIGWpz4wUyx5Mc81ZLvIapGid1U5ammy0tpXQgnaabsKBGqPXM3DaK0VAVTTBVcS2tj8jVU5Qr76Z5jSM5wUQtIhXfqYwtnq2pZjb8j4_CX9leJD3X3Ypoi4vqtt3kIKCTQ9rNQO6pRudscJ4VJ2FTrX4KV9bXBdP5LBbDAsQ_hND3bnFm4xppvX98Xm3ZqliPEQyNw5DffxaJQJbFkzL30gatz8H50sUC7ZDymrHaSBylLeeZrkDMveFs-I628_hNY8qyHng_FX8Gx-sXnWzZOtm5c08RqsfzQ86fSbiKA_reqpAh9lcwIVIgoRp-cuEtc5UJ4mDwt31H4cbD7ATSwkQSvY2BysaQItQ2mICL27u-_OL5iF-ts4sWoW0qSqEb_FXz4SxNdg8MijnwjPdHHSK1yXhvY-ZUaprbneILvIs1NAe-o2f1A21AekkE32qovw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 67C5
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401100101&jk=3061029612229805&bg=!lZalltnNAAa8BdJLnAU7ADQBe5WfOC80C7tkPbQuYncNAyme4BAVMQhT5swfbeqTYCHfexbd9nxI1N6k4FYPu4zfnzkBAgAAAGRSAAAAAWgBB5kCvu8k1M0HmQjlUIAaOAw0T_2mKKUpf6oHvZ2ge5ekXLC0cbHWpcMSziL1I3cR9vR63CQm4HLCaTtxsbFMmNCL_xaKLVJsdnbooA70sI6cJp9F1iRHDNBqxiHuBAUKZ9igrhuwvXWTSUgJPTPGxrLe1tq8AJ73H19AyuDmkVL5fIwDyAAjkMfJuVwRLCDPrXMk4JW0CW_6Q68eInQUUwpRdJvW5dY2LT4nPJzt1KDzpZk55w0-gkkyPqkOI312taZKbimd17eAHC_-GJ9K0AevTHDieRfv-17NasFg6UynDLcKx2JVd8SPIAm2vEZ71THSHZ8YZDAz8KOTG_QwHpAihJ4nAcdqIhuy8w-5fkOGNBkebZa7NGTOz7HG1TO6DQ_ncxw2_oXBtDYn0tg1fcFhAfCpbdd8Kdnx0PxId53PFXhA39KE2utDD18KD5ULkt112yCH0G0mQnxluRxFAxtetWZ3QNeduTi0z2wBtuxuu9Jlf8SnN4e16cCq8jhrpzadgr6vBR5zwSHqIK0XfpJR7uzZhgPBpXeQmEuzrtdhbMlPvRQWhKeZmkruUWKYbpfF_ZOmTlRmC70YhykZGd563n-mAa3Bg23WefTpTfwa_NyBjgRWZPJfuPyM11wiCuEVr-Wasd4M2GELBTtDvziaj11B0i4Br0sw-CI0VDceTemjC0q3JPC3Zr1xRlmXvT7z7td_33ucLUOScxCoBCAJ9lmQ1V2Hjc7vjMPbbZa7l47ZCxDKOgvu7Qko65HBV1-Vxp9dv_dJG6IKPrNi02CP6FyAiA3ZJfTn0AQCXNVmvsltSJi8clxjDkDSPyBbWVzYiUO_JO6PrEHVBlwFDAbolvADy2w59zmNQ9osBcEp4GSR3cj0I2xs8ZdyfcfXVvdPKmjyKaTJbpZ-sujlv37se3LHXdaBExMfVajk7Dxncw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

batch
api.adnz.co/api/ws-events-sink/
0
0
Fetch
General
Full URL
https://api.adnz.co/api/ws-events-sink/batch?visitorId=-9058284324266390090&hash=&uid=&events=W3sidHlwZSI6IkJJRF9XSU5ORVIiLCJldmVudElkIjo0Njg0MjY4MDA5NTEyOTU1LCJwYWdlSW1wcmVzc2lvbklkIjozNjg2NDI3NTk2NDU1NTEzLCJ1cmwiOiJodHRwczovL2doaS5jaC8iLCJib2R5Ijp7ImhlYWRlclRhZ0lkIjoiMTAzIiwiY3JlYXRlZCI6MTcwNTUwMTk2MjIxNCwic2l6ZU1hcHBpbmdJZCI6IiIsInNpemUiOiIiLCJyZXF1ZXN0SWQiOiI1OTY5NDQxMjk0NjU2MTk1IiwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIiwiYmlkZGVyU2NvcmVzIjp7IkFQUE5FWFVTIjpudWxsLCJURUFEUyI6bnVsbCwiSVgiOm51bGwsIkFNQVpPTiI6bnVsbCwiQkMiOm51bGwsIkJUQSI6bnVsbCwiQ09ERSI6bnVsbCwiWEFORFJfQkFOTkVSIjpudWxsLCJHT09HTEUiOjB9fX0seyJ0eXBlIjoiSEVBREVSX0FEX0lNUFJFU1NJT04iLCJldmVudElkIjo4NjM1Nzc0MjA5MTkwMDMsInBhZ2VJbXByZXNzaW9uSWQiOjM2ODY0Mjc1OTY0NTU1MTMsInVybCI6Imh0dHBzOi8vZ2hpLmNoLyIsImJvZHkiOnsiYWRUYWdJZCI6MTAzLCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzEiLCJpc1JlbG9hZCI6ZmFsc2UsImlzRGVsaXZlcmVkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6IjE4NTAifX0seyJ0eXBlIjoiQklEX1dJTk5FUiIsImV2ZW50SWQiOjUxMzEwMDQzODE5MDA0ODMsInBhZ2VJbXByZXNzaW9uSWQiOjM2ODY0Mjc1OTY0NTU1MTMsInVybCI6Imh0dHBzOi8vZ2hpLmNoLyIsImJvZHkiOnsiaGVhZGVyVGFnSWQiOiIxMDMiLCJjcmVhdGVkIjoxNzA1NTAxOTYyMzc4LCJzaXplTWFwcGluZ0lkIjoiIiwic2l6ZSI6IiIsInJlcXVlc3RJZCI6IjU5Njk0NDEyOTQ2NTYxOTUiLCJkaXZJZCI6ImFkbnpfaGFsZnBhZ2VfMSIsImJpZGRlclNjb3JlcyI6eyJBUFBORVhVUyI6bnVsbCwiVEVBRFMiOm51bGwsIklYIjpudWxsLCJBTUFaT04iOm51bGwsIkJDIjpudWxsLCJCVEEiOm51bGwsIkNPREUiOm51bGwsIlhBTkRSX0JBTk5FUiI6bnVsbCwiR09PR0xFIjowfX19LHsidHlwZSI6IkhFQURFUl9BRF9JTVBSRVNTSU9OIiwiZXZlbnRJZCI6NzI3OTI4MjYxODUyOTk2NywicGFnZUltcHJlc3Npb25JZCI6MzY4NjQyNzU5NjQ1NTUxMywidXJsIjoiaHR0cHM6Ly9naGkuY2gvIiwiYm9keSI6eyJhZFRhZ0lkIjoxMDMsImRpdklkIjoiYWRuel9oYWxmcGFnZV8xIiwiaXNSZWxvYWQiOmZhbHNlLCJpc0RlbGl2ZXJlZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOiIxODU3In19XQ%3D%3D
Requested by
Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ghi.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:32:42 GMT
ratelimit-reset
1
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fziBfFdSb5rEUTSeC6H71ah2V7YaWPoItccfvfz5KobaumznNUtE5FQefKd%2FwYNxAUXMwsHSUgsMwgiBSF6QQrls7vTIVfHqEMaio72kW1fOcY85INQIVVNTUE4PsUuSuu56VyAYQQDV"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://ghi.ch
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
ratelimit-limit
100
cf-ray
846f4f242d053a5c-FRA
ratelimit-remaining
99
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| Drupal undefined| $ function| jQuery object| jQuery112405903345848045576 object| Lightbox string| GoogleAnalyticsObject function| ga object| html5 object| Modernizr function| yepnope object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| Typekit object| audienzz object| apntag number| audienzzCheck object| __adnz__ object| dataLayer object| AdButler string| abkw number| plc203604 number| plc198743 string| eu_cookie_compliance_cookie_name object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __buffer number| rnd object| google_tag_manager function| fbq function| _fbq object| criteo_syncframe_state

27 Cookies

Domain/Path Name / Value
.api.adnz.co/ Name: adnzVisitorId
Value: -9058284324266390090
.ghi.ch/ Name: _ga
Value: GA1.2.35198788.1705501961
.ghi.ch/ Name: _gid
Value: GA1.2.220783793.1705501961
.ghi.ch/ Name: _gat
Value: 1
.ghi.ch/ Name: _dc_gtm_UA-30411546-1
Value: 1
.ghi.ch/ Name: _ga_NV82SG5FE7
Value: GS1.2.1705501961.1.1.1705501961.0.0.0
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.ghi.ch/ Name: _fbp
Value: fb.1.1705501961659.385344617
.adnxs.com/ Name: XANDR_PANID
Value: yqFOVo5kJYZUsQpoMv_2TFX93519AdVIcTp1sNYm9mvRw_1WMp9-kid0CB0wqKbAYSMX7pkqOYrFaDs237MND4bGvW8xmlXCMI-w6ZIf_rg.
.adnxs.com/ Name: uuid2
Value: 7693757998510701140
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 5109ac74-0837-49c2-b5d7-953e8a516f4c
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: d789e2742fcccfe6a359ee1c0bea4e21
.ghi.ch/ Name: _cc_id
Value: d789e2742fcccfe6a359ee1c0bea4e21
.ghi.ch/ Name: panoramaId_expiry
Value: 1705588362038
.ghi.ch/ Name: cto_bundle
Value: CfeJKF81QVVNeGp3OGdnNDhCJTJGQWpPeVhFMU5KTTZjMWp1Yk1ITVM4M3BoMDRFWXdISVNjSiUyQlZpTHVEOWJiSk12ZTR2RHY2ayUyQjNjZ3hDV29IbGklMkJVYzlQelBsZjhHRUNzMlVPWW5lJTJCZmE2JTJCSWRjS2ZHRmZoTldmTHJZdDQwWHAyWXlBRCUyRnRlZ3V6Z2xucjhhdGNKMFI2YUtpZyUzRCUzRA
.openx.net/ Name: i
Value: f4f457e2-b2ca-4e04-9c1e-e556342d25f0|1705501962
.doubleclick.net/ Name: IDE
Value: AHWqTUk2_WH9AzumY2oWpWW_fWuLugv3FDUGJ5xYNkmfOLhpGpb1njHRSJXEaA55tdU
.openx.net/ Name: pd
Value: v2|1705501962|n0vNvQiygu
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ghi.ch/ Name: __gads
Value: ID=dca2c80c17ea4e60:T=1705501961:RT=1705501961:S=ALNI_MYq8tEXFr9whpI-TMU3Wax2s9subQ
.ghi.ch/ Name: __gpi
Value: UID=00000d436c536232:T=1705501961:RT=1705501961:S=ALNI_MYa8auT4DXPaUdsUudpVAV5kGLbLg
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 5509776753783892683
.amazon-adsystem.com/ Name: ad-id
Value: A8lGZXxKSEuCldTzLT5hbI0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

1 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/247506272403373?v=2.9.140&r=stable&domain=ghi.ch(Line 137)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1687ca191c1e83f1cf89e47f5922b8ed.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
adnz.co
api.adnz.co
as-sec.casalemedia.com
assurance.sysnetgs.com
bcp.crwdcntrl.net
c1.adform.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.g.doubleclick.net
connect.facebook.net
eu-u.openx.net
f67b524e3b8b8f1cf1d31904365a46d8.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
ghi.ch
google-bidout-d.openx.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
p.typekit.net
pagead2.googlesyndication.com
region1.google-analytics.com
securepubads.g.doubleclick.net
servedbyadbutler.com
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
tpc.googlesyndication.com
us-u.openx.net
use.typekit.net
www.facebook.com
www.ghi.ch
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
108.138.36.28
151.101.129.108
162.19.138.117
162.55.246.61
172.217.16.194
172.64.151.101
185.89.210.122
2001:4860:4802:32::36
2600:9000:225b:d200:a:e047:753:a221
2606:4700:10::6816:3556
2606:4700:20::681a:205
2606:4700::6810:5514
2a00:1450:4001:808::200e
2a00:1450:4001:810::2008
2a00:1450:4001:811::2001
2a00:1450:4001:813::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c06::9a
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:1495
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.33.220.150
34.102.146.192
34.120.135.53
34.249.120.35
34.96.70.87
35.244.159.8
37.157.6.243
54.170.29.7
67.220.228.201
91.121.209.86
008a3711eeda51d66302ca371f26573e66f037c7c5f58d8f3fd27a46911db7c0
010395b1e56a21a5f227cc0a914b959bfe8734420455c6662761abf32fb0b9d9
0560d47885fd902e61b6170349241e3f08c11b5104c89cc96c87942cbdd2d189
0820581b362388f72193dea4f4a010e90923a5279d6ef1627548ddcfde45443d
09023baefad81ce5066da12f63dbfd860f1321097977c6994d7862905f18da76
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0dd53ceca07de8b1b2c16d9fee7a1d33dc90bc462a24abd38b2b9da7b8d27bc2
0eddaab3b8cb0b15d81d62e5ae5960329c3e576ea78dc321b20734ab20271847
0fbf945eae1c5869be401c6db68da93f5a47f2c1ff6072151ebb4b2dea6d4f62
10844b78f37ef29cbb742e47ba1a9cd1ac01eaa5c68602037ddcd47a983c9913
123385cbae9135ded86a04c620ccf1ee6cd34e70ff5221f78adc5389fbb730d3
1264958931eab9426e615b400fb244dd18f1b2d5613af5a88597a43aa98e0236
1455d53f963919370020975715ff94068b6abe869d0d6ed825a48b44eb5f05af
147830554777700472148284491a749daf6dc58e16b83791c928725f02791512
1678656eeb28b4de4c6fe8871c02409cd217b80866423db5ad0e62fcd476f726
19f017b060eef42c6c184a49c2293ba61282cf67189da8025a13dd7dd680e588
1d216f09e417aefb029c3448e2b9534289aed1c637e0a1208de4f5608bfa4cf8
1df72222c39d3d440a8e9b9ed8353eb114e2f9a554ff90a17ed894aa2340166a
204039322ad1e7ef2ae0112df71630a35a79dfcd7a669eb7894c29560efcff99
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
24858349e8fad7c0a3dedc96c4457f934fa85a9617f1457a4526d00c0aaa461a
24b442ded566ca7a7bab409b74539c76202ea3f3b6275e32c5194000f3343295
25a5f2ed328af40ad2963bfbaccc0d8a4a75edd3f3d0b810c8d913840c959166
25daaeb302754f2256eeead18f42f193b4f0c5c528df1dc15343455623d679cc
2669dfffb1406c4a03b86b865b38627429f48838a07b820d072bfd5392b5b1aa
291a4f32aa469e8104b35c8c647d657818aeff7a9a8a87415424fefd4a41a572
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31dde44c65a4b0b0b28e3d51615c8fb9ce1a629bc297c639f77e879f3d4c06d2
339f934d19697dada0e0fbc9c0fcbec7d4b25aee42520fa15cb27334e8cc617b
33e2a62c99a431e9f60260cf7105756785b5b06083c06d233a5d2598317511ec
394baa0408a9242689e213c42dedf42bb30bb5fb1c63a709ddecfa61681bc1a2
3b5fd7fd21093ef27c4f6402dcd42fa0046069e024d62187b2d7f4c148ee3640
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3dd103ba888c627706f31656287652d5fceb9ef7a7099eec5a07aac2f7d397dd
3ede8ea704ddea37072d1223ac4f9e48f2d633158391cc98acf4c8ad70d238dd
41813ef6b1d68e34e85bf34894b729a360e48631ab464ba208a539ba2adab8a7
4569fbfef2a73b2369d1e070a2ce3511f5a8c6a22a7cd6d61baf4982e75a21ee
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
483c106ad74ceaa5508a38aef2f871ea75f137551a92aa902b0e930c44dc56c6
4d9e0a73981a1024a63cd93dd2fa0800cb3ff4bcad46f17aedb430835798e0c5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e118ec6f7aa2d7b7971712964ce6b2b0c3ad3e0a7dd747619d2ec9b137df60c
4e53e28f009925ddfa7fe40285ac597802ddd5269c52426caf7c0be408607828
50f8d8e45f6742713a156c9fcf1b20d7c8c2dbddc7c649b76ee377775c6c4b83
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57adb0d65f4e91dacfee975d9574422bee7486c8a182d60133728c672f2cdbbc
5df36b21fcd0ac346947fc6cbd8a13078c975938a9d2014c5216f10e7a42f966
5f689a26dae9b3d64d05a61dafe9a94f7e05e9a949dfe2330b879d532b441843
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6330835276e72d5add75c5d9a3aa2b16001db3ed131b6467e6cd78f494b09014
63eeb9baf46a801bccb55ef3c1a60610e820d57f90814480a393a0ec8edb36a3
649c7cc2d02c35a7cf6856504fc8482df64752c8462fd5663d87209da4e7de72
6821ca4ae2508bdba08e189040928a0769f0a71b12fdd4325c3ae80ef5636bb8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d1d957885117bb5f06fe109fe7f53bb133d7dd1da11f269abee93454851fa65
71c2cf828ac0f08e469cfb0487d2aafb074344751d5c68e9a13a6c9633fc2497
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
76b06e3c8015d09aee8de519b899b9d9f8ccd5c1e033d4a2869acdf9837c7bca
76d342e20f16102f7367c4ce450586db941f46aa592039665114cf7ff126462b
76ec38221487ff694180849e0b3fe2e65dec5d505fd3dece327124be02623721
7755726252eeabb5e175c002b0c2eef6c1af95bc17bf9952b5baf4f6633c1918
7a8226577f50ef4007d27f0b540ea28845a0b21e3c61f58fc057431103cb1e7b
7aca017f0fc1edfa7bb3b80ce0c18522ac34167ab2ce9da8639b34c069e7aaa4
7d20fc162ac2fb33a5f91325893b45f260c3ac588d3fb5ccf42a949c5f320edd
7dc73cf9dd33526a930e48d8793434a0464cb8da75062a0cb18265de22c16788
7e5374ec3878dcb2532712e65a9e83ddabca96035cbc2da83c64afae8dbfaf29
7fe452629c0bd53f2b1b10e488f6e1b7ab5a8cc72f2bc5416d1d1870b70d0bdf
8084d84c1e675edb5f7bc65fbe327170d9eecc3613c2d050b4393d28997c96d8
81577bd0ea832fcfe07f820a80787c0bc00711882be51676b68f375c2c283478
8322042658bf77ec432d225602ae1535f86dcad13dd4473fdb1ce7484fa2f0e1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
858034d1c95bb628e8e6809cef9a01bc43e89a09698ed1da4de064ef1367c4d3
8730aafbdb6d03c6d4a37f76ebf8d504d5706fbae56686399a4b198981a0b6be
873403a00e2e19143bdaf4fb4f272000a57a65b4d4c25a136f0cebf3ee7249fa
886f7397f40821af498a54b547073fe1eb57dbf5659b78732334562b007c3a17
8b7f6ad512c2977e234b777fb135b2e6b17825b365ee18f4d563330c06262151
8cad71c04fb9bf2a6cc8ee8def3302786cd78704612a3cf00e80e5709140c2f3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ddd16e82813d3b21156531806bf2621098f1315544b9dd93386b42fea3b6633
8ffd7f6ac0c0a9afa102e21414bf9cc17304e56358baacf8a77ce4d958c57255
90bacba0e518c2f9319451870f058b13368cf0c87735c68b49fd7008c557115e
91a5d0442ecfd90d4bc9fe541bf0813995829d4d4f59163c1470ff2ee1d32f15
92bcdb21375035a7d41e2f6cee63e006a7812e081dd3b0fb57e08bcd34fc3701
94ffef8ef634363cd7fcf1a09d52894aa1d8ff231491878f21f2aa0b64da5018
95fb56da472c18805abd51638b088a8c663107d0a4faffb4dde1552ab8782bd3
9aaa5284f6d60be96a81a6e61e02c66950a82c5f9536cd0bb40d13ce2913adb9
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c588d2b62e71b035058e2ddafd36dcb449a36b95b00f9879e6919d96efc35d7
9db9ff5cf7743937b33d2929fbceccfe44e696bef7c79255c7c15faaf76d17ff
9e4915c654721b754d41a97e4bee4d4a6f8d48500d5315d02d1fcd38636fb5b9
a15da7811c03c5464103d49b68dfacf6f2ea98238b8ca1678920dfb285ad721c
a330a0196da3072001cf3494d57e3ae7bd7ed26db7214a24e9f7488d2e7e9d54
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
aa313a04a170be24ceb3077a769316a83a39ce6eb38f582a7cf81e0836b7b3b7
ab861dc170dc2e43224e45278d3d31a675b9ebc34c9b0f48c066ca1eeaed8ee6
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b5e4bc2762d8432240f7e1d798f9cb4820968b53c1f01c9304b831af3966107a
b6275c3267b31a50d18b9330d892a2ed0a7a3787fdcb539316ad3ea6e7b54274
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
bcf359c56991fc7e5065d4d16544798f3b7a039aced1a793bd89a4e2a1fb8c6c
bef889375eb885630d63d03237eafe7e740d61cf6f5dd2714585fa3e1c1b889e
bf6028e15a460586c16adb0210d268374501f60ecf36f11e554e2ffd089c636b
c0e36784dc21a29c3964c9241c2bc7f435038deee5a803342f29d3a0ba2ceb22
c1247c6c6e2fa2a3b02f04886deac34f46ccef66483b1c64c1347e6b95e158b9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c31d2698b5c3a99e3004ec0150694f66b3d53678196460470cf9847392c24279
c5a330a10fc5f3d8c3414b95cdc903691093b627952d11feaeef6107a5b81e97
c6284bf2c769b4c6045f6dca96981b144012f1203cb56f15652212bc101f7c8d
cabf5609dd3ca129d4a52f774801221dd9715298f4d99d36959ce24dc3c716ad
cb65ce4427f4f564807d7a0deae2621fae5ecc031e72046f0bb31a75ce29f0c4
cd2d6372ee984b80d8b07ae17afb6f4dbcbb62425a5bb2fd25d9c65fbb8efed7
d053cdf2a5204cdbd01e8dc6309081a8fad935e118b93eb01c23e6c3d7bf48c0
d090d082958a429452d9aa27258bb25691fcdbad4a11ef3e1995852b2f1308d7
d0bbad771a8a5ac5f9446791109693aeca1d676d44ced48f8514857f7d3e6fd0
d12c8b8ef52270ad607c04d22bd3a907758a84b96345bfc61100f2f55ae396d8
d425c863b8715ebc6509486a887e085e2d5d28cdc1350bcf1bc51d99ae38018d
d47944bd82b9ef3c1d379f8ee4665b5813ecb2ed1eebe30491bf25325fdf88ee
d6c51134255beeda214a87ac5462e52255d671d03dffd1f6c4797180f6942272
dd324e8f6a01e7545f39f4764512b057acedc45bd971cdc65c907cc263d6be6d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0b5c570844a825315864dd9857f58f196fa8a9226d3d1170f9d167c1333cc46
e129ae7a34cd327c4265faa399d909e4e35f3edad3b15b75691c857f4f28b05a
e322b56db69d01b0995c0410050c79f60f752f079ef9d0c5949a96c4e4f7f2e9
e3ad317a103b4271c6d00cb97957c0d8e0f5bfd6cdc74976d022dd526963ecdf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a8e025663bcd1a0d949efbb4c5a8823006505d8b50f7f2328910ce0af7fda6
e81cd2d7afd5b7203070e0ebbf44409d9a15ae6836c1978342393c4f40976f41
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
f199829a254e912e6053d741adaab4e79c70b48f09f7952eea12c19605b09e73
f1c84bd06ad47d5424d25d0b93890d42714432521b6e8e2c39c1925122ac1548
f5e4f5c4a112e0be7e187474a0d703470f957450247b6a61967fbf94827f37a5
f88e9b11e970546697e02269ed3875ff790094cbc3e82b083fd198b120e04015
fd1c89d715c21869f4779450edb4f981900ca3911a2ff1f648aa4b904b998d92
fd79df406cece3abeb2479955bbd5dfb35425402920236313c19eeb715710d39
fe5a5b7dd74e4aab3780885d9ba4ea7ef2d6c4fd2d0745714a317c3594ba1000
fee802222dd84927c4e5a92a9bf5d91e3103da06ad11dab45a4d6e0f9a5a2f69
ff4ad943a6680fb59c04013fd85d14fb637d6bef3d879d523e63d145f2a2f3e0
ff7750952a601dbf03688b01a2eced6e5671a8335393eb063201bb732f12c99a
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876