www.swissadserver.ch Open in urlscan Pro
185.46.59.235 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://swissadserver.ch/
Effective URL:
https://www.swissadserver.ch/
Submission: On September 27 via api (September 27th 2023, 10:40:25 am UTC) from CH — Scanned from CH

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 7 domains to perform 48 HTTP transactions. The main IP is 185.46.59.235, located in Switzerland and belongs to ASN-METANET Routingpeering issues: noc@metanet.ch, CH. The main domain is www.swissadserver.ch. The Cisco Umbrella rank of the primary domain is 402689.
TLS certificate: Issued by R3 on August 4th 2023. Valid for: 3 months.

This is the only time www.swissadserver.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	185.46.59.235 185.46.59.235	21069 (ASN-METAN...) (ASN-METANET Routingpeering issues: noc@metanet.ch)
15	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:e800:e:5a66:ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
48	9

4 185.46.59.235 (Switzerland) 1 redirects

ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH)
PTR: mc22u0212.dnh.net

swissadserver.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.swissadserver.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:e800:e:5a66:ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

files.publishing.tamedia.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0be138296f514d669d519301dfd5094c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 0be138296f514d669d519301dfd5094c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 169	288 KB
15	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235	225 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	229 KB
4	swissadserver.ch 1 redirects swissadserver.ch — Cisco Umbrella Rank: 402422 www.swissadserver.ch — Cisco Umbrella Rank: 402689	3 KB
1	google.com www.google.com — Cisco Umbrella Rank: 11	1 KB
1	tamedia.ch files.publishing.tamedia.ch — Cisco Umbrella Rank: 358801	1 KB
0	adsafeprotected.com Failed pixel.adsafeprotected.com Failed
48	7

	Domain	Requested by
15	securepubads.g.doubleclick.net	www.swissadserver.ch securepubads.g.doubleclick.net www.googletagservices.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	www.googletagservices.com	securepubads.g.doubleclick.net
3	www.swissadserver.ch	www.swissadserver.ch
1	www.google.com	tpc.googlesyndication.com
1	0be138296f514d669d519301dfd5094c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	files.publishing.tamedia.ch	www.swissadserver.ch
1	swissadserver.ch	1 redirects
0	pixel.adsafeprotected.com Failed	www.swissadserver.ch
48	10

This site contains no links.

Subject Issuer	Validity	Valid
swissadserver.ch R3	`2023-08-04` - `2023-11-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
publishing.tamedia.ch Amazon RSA 2048 M02	`2023-04-23` - `2024-05-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.swissadserver.ch/
Frame ID: CFB8164F40EB3EC58A72393724EDC19F
Requests: 14 HTTP requests in this frame

Frame: https://0be138296f514d669d519301dfd5094c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4F41A3E33A702C7E76680A403DF3823F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_iuyR_YulVJBHFO4jSypV36kgYBfU6qrd89wHg5qMYPnvd2ZIhGOijHk8sSVG9dXEEwPBNzCPNxtsipA7XB7vlOcJ4MGgfkbw1IifKIWsjquKHBJsLA-DuuU05Hs7eWzO_Z4kk5ZHhHVkN3TweAn9sxR8FGLbOxqjK2bM3aqyECouIAwaYRYAbuaZBOUMAaiwKzJWI2L3zkqIrrJG_pEm8gJdEhLhkReaPVzQF9T6mOo1B7QFLcNBRuOfUzTwrujGZ_2jl5xgR__flEJr5pUPQfMlldNyYD8V3ow3mXvZLVsapvyCNg-FsnGViyUfrAzelQSw_dajgRvExa7FqLbmbaKRLBcjIM83aLTBAw&sai=AMfl-YSa5BOILVpJH1Nn9uyMGaZXHwg1gFpPeqEzzW79brESfstx0c7IchuYg0sqeajj2yFUvbG03ISCgBija7aaUuhsnV1LSHXuNRzOmlOG6oK5_8KHRNvzEu_BdbWByHtjfjG6qoAi6Lw-LbiYRUyt&sig=Cg0ArKJSzMLP2kxM3Hq5EAE&uach_m=[UACH]&adurl=
Frame ID: 3C59FCCC33D4E3C642697B4B2BFE9A01
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGjqc0LVpr_isekSOk49tLUrECBa64TsE06DBhXn_i7PaPKo122pT_iE06winmdzVMyJzUpAQePZO4GlnSummfsGS1F7_fS6hA7EOxmkuewhPuxm1Noy-35lhTtmEmUVZkIDqXzDUpX4yAopDtYgHsoJIf9ndic40q7_dk1SjTcaRHlQa13OgwNDuXravCS4MnIc3y-szzKr6EPqvFy2hE5548_z7bIOi4UvKslCG5HVwtTiKpDEnI_-Mks5_4aIS_29tzb1oedqWpYPMzAWQ4prOCylruUQjWppgppL0oAxR_ulGnE6CtvZCbAIlkKHePs2whH-kJUtEQZZJzRfu_g1omds4nQbD00t_ESw&sai=AMfl-YSb3hWFSI_jC0NzJK7Q1vJbSdINUbTOXAJqbTgyxH9pBIYxkKbs2CjXxS8vCBRReCdc5yGKz2d8isZAcuA8UCj3BQ6LPMEnEwWCfRGC3-gR6TT-1BkUdBUjZGnBNYmbeJi_Zc_93EjWrBiBxSZG&sig=Cg0ArKJSzNa2v1U1tlxREAE&uach_m=[UACH]&adurl=
Frame ID: D2A6F9E6F1E4514C720B683C515F4DA2
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUaVNECq47y6EFMkfgirhX76_T55pVDDTdpgsAGIsOHRltLn6RMVREZu9AeOAAjUrXVmHmFRgjEyNJGHZ7udVxW2ihyWhUcodVC8veobZD622HMAgAkrTKRO3HF_aIVVMc6q12KXCvDuW530PxBZR5LN328nUxau47tvQwgRwirVcNMMYFlfEtgplPySqjl0U-N-YBKQIJgv8dBccIvAMeo_XUh-J2fUqb0drB630ygO3t8VaE16T3Xl0RjHnexiJIKU6FtPciImd1hv9aBM5XnZ2YzboG6NPYMj6eQ4IT5LMeujVN7sVNayJJ5F07cwakHGqlO7CNbe7lQ1DJzLgonj5t2ZziJJlTJD7nXg&sai=AMfl-YRlvBiFOUU_8U4fBmHBl999qH3N1qeMbrAcm7jOxpkF-3p7fnSq_subp3nl3K5JwDqo4f7N3Ywojs7a74_znbRts9u-Uc4xh_EiIvMJLKqPxhYtW82nTM5LvoFEB9PwwMGIL2tvJBzeV_llXA0&sig=Cg0ArKJSzNZZJPbp60d-EAE&uach_m=[UACH]&adurl=
Frame ID: 8924FF890E6DE315465FDF532D1D6D01
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspPuy0a2evHeAsgvuK2GuclD6IA9ypPJJMHzgcAAYsLhf08iNy5isXMxL92hL9JMc9AigDFpcCfwR2N4rzMCTyaNrfmp7-MqqvS93dpRLDvPI_eA9o44ywAhOnDnuRLmXZQFpwQHzA0kZg2HUlTwRRc8UiytvzxzQhalyKeNaBRmWAkCB3DWLqniTdXKpkdB5GjxXK0qDqv-Wt0IIbWWpOh4FfaxcDXn4lqbr9WgDcIZMVc-iDuyKGZ2SYDQuIjkWZMAmpZt_TJbi6_w2-ma2RqDwOH4xToZOVB3coYItUocKXbjAcNLZaI_TJAfuInC06-81Q4tpq6Kt9whXyzFngNh5fOGjwFNdx1cz6tA&sai=AMfl-YTu6eCiLJSJ2a2Jop4j4l-ni3iN_c_SQ31S-vE8zcd1YZ1i5ZfcHItpQvjiEEv7u8S-42ysEKCbGYIL0YNIAFhacsU4TNBOCYgEey3aVUlmci6-ikaISGv9oGD3826bfFJObIJ3s1fMK3C61J34&sig=Cg0ArKJSzFhqnlG2YZtlEAE&uach_m=[UACH]&adurl=
Frame ID: 4BAE62AD5289738D0AD112E9FD157524
Requests: 7 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930546&campId=294x250&pubId=5232675802&chanId=22841513681&placementId=6162740628&pubCreative=138413924432&pubOrder=3113356528&cb=1199254632&adsafe_par&impId=
Frame ID: 4B2FFBE54CD76D6586633252BF60BE20
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 79B5AA6DB693FE9FF10237C99C4DB8C1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C06653F45B58F877EB9DAAD7C2C67ED9
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930546&campId=294x250&pubId=5232675802&chanId=22843542539&placementId=6177682547&pubCreative=138416550673&pubOrder=3121627673&cb=580663893&adsafe_par&impId=
Frame ID: 3029F5C9D7F37C2D81DEAFF7611230EF
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930546&campId=294x250&pubId=5232675802&chanId=22843243390&placementId=6162524040&pubCreative=138413982666&pubOrder=3113356528&cb=284574072&adsafe_par&impId=
Frame ID: 9433ADA5BA1ED117E065A22929B13339
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930546&campId=294x250&pubId=5232675802&chanId=22843530983&placementId=6167291467&pubCreative=138414202847&pubOrder=3117053208&cb=448247584&adsafe_par&impId=
Frame ID: F927AE9A9FD87C236FA8B0896D1EE1D7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://swissadserver.ch/ HTTP 301
https://www.swissadserver.ch/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

48
Requests

92 %
HTTPS

88 %
IPv6

7
Domains

10
Subdomains

9
IPs

3
Countries

747 kB
Transfer

1766 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://swissadserver.ch/ HTTP 301
https://www.swissadserver.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.swissadserver.ch/
Redirect Chain

https://swissadserver.ch/
https://www.swissadserver.ch/

10 KB
3 KB

76ms
24ms

Document
text/html

185.46.59.235
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissadserver.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.46.59.235 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: mc22u0212.dnh.net
Software: nginx /
Resource Hash: f1db2f8b6c3803dadb4c562031b0bccd11b48e9dcf64f1ac7fa99b56111435b5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 27 Sep 2023 10:40:20 GMT
etag: W/"63d76121-2938"
last-modified: Mon, 30 Jan 2023 06:18:09 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

content-length: 162
content-type: text/html
date: Wed, 27 Sep 2023 10:40:20 GMT
location: https://www.swissadserver.ch/
server: nginx

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 106 KB
29 KB 246ms
168ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.swissadserver.ch
URL: https://www.swissadserver.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bcbf642872664a570a6067ce6a5bffe4f99c26138d886b03a5f10ecf344a103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29332
x-xss-protection: 0
server: cafe
etag: 305 / 19627 / m202309210101 / config-hash: 3771063390485969137
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 27 Sep 2023 10:40:20 GMT

GET
H2 200 dnd_iframe_autofit_child.js Show response
files.publishing.tamedia.ch/_static/ 2 KB
1 KB 146ms
34ms Script
application/javascript 2600:9000:223c:e800:e:5a66:ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://files.publishing.tamedia.ch/_static/dnd_iframe_autofit_child.js
Requested by: Host: www.swissadserver.ch
URL: https://www.swissadserver.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:e800:e:5a66:ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: d8cf9c099210d35a81ecaa76fa79748cf99d5435a3e8d469dc964cea4faac124

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:21:41 GMT
content-encoding: gzip
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
last-modified: Tue, 26 Sep 2023 07:13:55 GMT
x-amz-cf-pop: FRA56-P2
age: 4719
x-powered-by: Express
etag: W/"733-18ad0565b38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=10800
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5bFJQwvbnl2sNH6GyFFw5qdlt4ME6z1d3uxwcjlfVr7ycy3zkl2_zw==

GET
H2 404 BatonTurboWeb-Medium.34b36a55.woff2
www.swissadserver.ch/ 0
0 25ms
25ms Font
text/html 185.46.59.235
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissadserver.ch/BatonTurboWeb-Medium.34b36a55.woff2
Requested by: Host: www.swissadserver.ch
URL: https://www.swissadserver.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.46.59.235 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: mc22u0212.dnh.net
Software: nginx /
Resource Hash

Request headers

Referer: https://www.google.com/
Origin: https://www.swissadserver.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:20 GMT
last-modified: Tue, 06 Dec 2022 20:32:16 GMT
server: nginx
accept-ranges: bytes
etag: "328-5ef2eb3219d11"
content-length: 808
content-type: text/html

GET
H2 404 BatonTurboWeb-Medium.10714ed3.woff
www.swissadserver.ch/ 0
0 24ms
24ms Font
text/html 185.46.59.235
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.swissadserver.ch/BatonTurboWeb-Medium.10714ed3.woff
Requested by: Host: www.swissadserver.ch
URL: https://www.swissadserver.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.46.59.235 , Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: mc22u0212.dnh.net
Software: nginx /
Resource Hash

Request headers

Referer: https://www.google.com/
Origin: https://www.swissadserver.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:20 GMT
last-modified: Tue, 06 Dec 2022 20:32:16 GMT
server: nginx
accept-ranges: bytes
etag: "328-5ef2eb3219d11"
content-length: 808
content-type: text/html

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/ 409 KB
129 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 07:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12617
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132106
x-xss-protection: 0
server: cafe
etag: 17184539905708832606
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 26 Sep 2024 07:10:03 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 42 B
65 B 127ms
65ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.swissadserver.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0de35029eda2bb34ece2b5b82ebc942bbfdb4dd6b6c6598a89d5d6c321436e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41
x-xss-protection: 0
expires: Wed, 27 Sep 2023 10:40:20 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
17 KB 90ms
90ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=23495494249868&correlator=3486263296218905&eid=31076479%2C31077232&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=46753895%2Cde-20minuten.ch%2Cpartner-ad-pos5&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=294x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1695811220709&lmt=1675055889&adxs=206&adys=46&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.swissadserver.ch%2F&vis=1&psz=294x250&msz=294x250&fws=0&ohw=0&ga_vid=1701839027.1695811221&ga_sid=1695811221&ga_hid=748617414&ga_fc=false&dlt=1695811220172&idt=385&cust_params=partner%3DTop&adks=3463513121&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f751fddc13ff4ccdb45026ad21389931565198efee5935e84a9d3325537687a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17215
x-xss-protection: 0
google-lineitem-id: 6162740628
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138413924432
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.swissadserver.ch
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 148ms
80ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309210101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cf4b446acf445d89bcbd00a0121b9028a0175c0501fc43b1e603c7ddeacf465

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12060
x-xss-protection: 0

GET
H2 200 container.html Show response
0be138296f514d669d519301dfd5094c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4F41 6 KB
3 KB 162ms
37ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0be138296f514d669d519301dfd5094c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.swissadserver.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 10:40:20 GMT
expires: Thu, 26 Sep 2024 10:40:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
17 KB 89ms
89ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=23495494249868&correlator=3486263296218905&eid=31076479%2C31077232&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=46753895%2Cde-20minuten.ch%2Cpartner-ad-pos6&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=294x250&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1695811220721&lmt=1675055889&adxs=504&adys=46&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.swissadserver.ch%2F&vis=1&psz=294x250&msz=294x250&fws=0&ohw=0&ga_vid=1701839027.1695811221&ga_sid=1695811221&ga_hid=748617414&ga_fc=false&dlt=1695811220172&idt=385&cust_params=partner%3DTop&adks=793892471&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5ee3310b2019826e8368a4ba0b56af6d7953a3a416cb1cf94e454300c6e2e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17078
x-xss-protection: 0
google-lineitem-id: 6177682547
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138416550673
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.swissadserver.ch
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
17 KB 96ms
96ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=23495494249868&correlator=3486263296218905&eid=31076479%2C31077232&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=46753895%2Cde-20minuten.ch%2Cpartner-ad-pos7&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=294x250&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1695811220727&lmt=1675055889&adxs=802&adys=46&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.swissadserver.ch%2F&vis=1&psz=294x250&msz=294x250&fws=0&ohw=0&ga_vid=1701839027.1695811221&ga_sid=1695811221&ga_hid=748617414&ga_fc=false&dlt=1695811220172&idt=385&cust_params=partner%3DTop&adks=2674425955&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9265f36ca4a2e2e3d4a91253d00159fb92f3027009d3ec877e22e3ff955463f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17099
x-xss-protection: 0
google-lineitem-id: 6162524040
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138413982666
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.swissadserver.ch
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
17 KB 103ms
103ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=23495494249868&correlator=3486263296218905&eid=31076479%2C31077232&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fif&iu_parts=46753895%2Cde-20minuten.ch%2Cpartner-ad-pos8&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=294x250&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1695811220731&lmt=1675055889&adxs=1100&adys=46&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.swissadserver.ch%2F&vis=1&psz=294x250&msz=294x250&fws=0&ohw=0&ga_vid=1701839027.1695811221&ga_sid=1695811221&ga_hid=748617414&ga_fc=false&dlt=1695811220172&idt=385&cust_params=partner%3DTop&adks=2034361088&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4a0b262c74c7466a00144f49c346951b39e35ca464f6cdc3160f8c103810a3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17059
x-xss-protection: 0
google-lineitem-id: 6167291467
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138414202847
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.swissadserver.ch
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3C59 0
0 70ms
69ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_iuyR_YulVJBHFO4jSypV36kgYBfU6qrd89wHg5qMYPnvd2ZIhGOijHk8sSVG9dXEEwPBNzCPNxtsipA7XB7vlOcJ4MGgfkbw1IifKIWsjquKHBJsLA-DuuU05Hs7eWzO_Z4kk5ZHhHVkN3TweAn9sxR8FGLbOxqjK2bM3aqyECouIAwaYRYAbuaZBOUMAaiwKzJWI2L3zkqIrrJG_pEm8gJdEhLhkReaPVzQF9T6mOo1B7QFLcNBRuOfUzTwrujGZ_2jl5xgR__flEJr5pUPQfMlldNyYD8V3ow3mXvZLVsapvyCNg-FsnGViyUfrAzelQSw_dajgRvExa7FqLbmbaKRLBcjIM83aLTBAw&sai=AMfl-YSa5BOILVpJH1Nn9uyMGaZXHwg1gFpPeqEzzW79brESfstx0c7IchuYg0sqeajj2yFUvbG03ISCgBija7aaUuhsnV1LSHXuNRzOmlOG6oK5_8KHRNvzEu_BdbWByHtjfjG6qoAi6Lw-LbiYRUyt&sig=Cg0ArKJSzMLP2kxM3Hq5EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.swissadserver.ch
URL: https://www.swissadserver.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 27 Sep 2023 10:40:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 3C59 3 KB
2 KB 99ms
31ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:16:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C59 182 KB
57 KB 142ms
75ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695641553523962"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 10:40:20 GMT

GET
H2 200 9102126516091506158
tpc.googlesyndication.com/simgad/ Frame 3C59 57 KB
58 KB 274ms
207ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9102126516091506158

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b255fec3530462b92005c536eccaa958b6ed126823d6a0dae4daa52189ec47d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:21 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58872
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 14:23:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Sep 2024 10:40:21 GMT

GET
DATA 200
OK truncated
/ Frame 3C59 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88fede8c1dd00518cfea1edf245d424e44e964c6d3a83f65b6f77d2b7c2dc017

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D2A6 0
0 66ms
66ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGjqc0LVpr_isekSOk49tLUrECBa64TsE06DBhXn_i7PaPKo122pT_iE06winmdzVMyJzUpAQePZO4GlnSummfsGS1F7_fS6hA7EOxmkuewhPuxm1Noy-35lhTtmEmUVZkIDqXzDUpX4yAopDtYgHsoJIf9ndic40q7_dk1SjTcaRHlQa13OgwNDuXravCS4MnIc3y-szzKr6EPqvFy2hE5548_z7bIOi4UvKslCG5HVwtTiKpDEnI_-Mks5_4aIS_29tzb1oedqWpYPMzAWQ4prOCylruUQjWppgppL0oAxR_ulGnE6CtvZCbAIlkKHePs2whH-kJUtEQZZJzRfu_g1omds4nQbD00t_ESw&sai=AMfl-YSb3hWFSI_jC0NzJK7Q1vJbSdINUbTOXAJqbTgyxH9pBIYxkKbs2CjXxS8vCBRReCdc5yGKz2d8isZAcuA8UCj3BQ6LPMEnEwWCfRGC3-gR6TT-1BkUdBUjZGnBNYmbeJi_Zc_93EjWrBiBxSZG&sig=Cg0ArKJSzNa2v1U1tlxREAE&uach_m=[UACH]&adurl=

Requested by

Host: www.swissadserver.ch
URL: https://www.swissadserver.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 27 Sep 2023 10:40:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame D2A6 3 KB
1 KB 85ms
31ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:16:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D2A6 182 KB
57 KB 201ms
148ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695641553523962"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 10:40:21 GMT

GET
H2 200 11290582864390218883
tpc.googlesyndication.com/simgad/ Frame D2A6 64 KB
64 KB 188ms
135ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11290582864390218883

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8354bdfdb2a18dedbc7ddad38214c0040df96d89863a789cfe680ff88863a554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:21 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65497
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 12:59:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Sep 2024 10:40:21 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8924 0
0 67ms
67ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUaVNECq47y6EFMkfgirhX76_T55pVDDTdpgsAGIsOHRltLn6RMVREZu9AeOAAjUrXVmHmFRgjEyNJGHZ7udVxW2ihyWhUcodVC8veobZD622HMAgAkrTKRO3HF_aIVVMc6q12KXCvDuW530PxBZR5LN328nUxau47tvQwgRwirVcNMMYFlfEtgplPySqjl0U-N-YBKQIJgv8dBccIvAMeo_XUh-J2fUqb0drB630ygO3t8VaE16T3Xl0RjHnexiJIKU6FtPciImd1hv9aBM5XnZ2YzboG6NPYMj6eQ4IT5LMeujVN7sVNayJJ5F07cwakHGqlO7CNbe7lQ1DJzLgonj5t2ZziJJlTJD7nXg&sai=AMfl-YRlvBiFOUU_8U4fBmHBl999qH3N1qeMbrAcm7jOxpkF-3p7fnSq_subp3nl3K5JwDqo4f7N3Ywojs7a74_znbRts9u-Uc4xh_EiIvMJLKqPxhYtW82nTM5LvoFEB9PwwMGIL2tvJBzeV_llXA0&sig=Cg0ArKJSzNZZJPbp60d-EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.swissadserver.ch
URL: https://www.swissadserver.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 27 Sep 2023 10:40:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 8924 3 KB
1 KB 75ms
32ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:16:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8924 182 KB
57 KB 186ms
143ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695641553523962"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 10:40:21 GMT

GET
H2 200 14836456987434781709
tpc.googlesyndication.com/simgad/ Frame 8924 77 KB
77 KB 122ms
80ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14836456987434781709

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2454bf88ea3827dfa1f996ee0b0788b3eb5271b225ec4ff48d82336e55f0ec1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:20 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78823
x-xss-protection: 0
last-modified: Thu, 24 Nov 2022 09:36:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Sep 2024 10:40:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4BAE 0
0 67ms
67ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspPuy0a2evHeAsgvuK2GuclD6IA9ypPJJMHzgcAAYsLhf08iNy5isXMxL92hL9JMc9AigDFpcCfwR2N4rzMCTyaNrfmp7-MqqvS93dpRLDvPI_eA9o44ywAhOnDnuRLmXZQFpwQHzA0kZg2HUlTwRRc8UiytvzxzQhalyKeNaBRmWAkCB3DWLqniTdXKpkdB5GjxXK0qDqv-Wt0IIbWWpOh4FfaxcDXn4lqbr9WgDcIZMVc-iDuyKGZ2SYDQuIjkWZMAmpZt_TJbi6_w2-ma2RqDwOH4xToZOVB3coYItUocKXbjAcNLZaI_TJAfuInC06-81Q4tpq6Kt9whXyzFngNh5fOGjwFNdx1cz6tA&sai=AMfl-YTu6eCiLJSJ2a2Jop4j4l-ni3iN_c_SQ31S-vE8zcd1YZ1i5ZfcHItpQvjiEEv7u8S-42ysEKCbGYIL0YNIAFhacsU4TNBOCYgEey3aVUlmci6-ikaISGv9oGD3826bfFJObIJ3s1fMK3C61J34&sig=Cg0ArKJSzFhqnlG2YZtlEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.swissadserver.ch
URL: https://www.swissadserver.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 27 Sep 2023 10:40:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/ Frame 4BAE 3 KB
1 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230925/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 09:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 Oct 2023 09:16:01 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BAE 182 KB
57 KB 217ms
184ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1695641553523962"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 10:40:21 GMT

GET
H2 200 2388509978313696413
tpc.googlesyndication.com/simgad/ Frame 4BAE 42 KB
42 KB 236ms
205ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2388509978313696413

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f98de31795901b326856dfcaaa67c4a541d6bb5a1e37c1d0a1b60b9743cad4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:21 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42653
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 15:02:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Sep 2024 10:40:21 GMT

GET
DATA 200
OK truncated
/ Frame D2A6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00da2348f3d58635e923448c268929fdb485686a85a4209964868ec3be5b49cf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8924 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6775aa194b16913626847c794815f64920d7528c7744569af109d433fe04d1e3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4BAE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a10d7274245c2f72b725f109a98a2e21335582be2a7127db612dc93023674cd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 130ms
130ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 10:40:20 GMT

GET jload
pixel.adsafeprotected.com/ Frame 4B2F 0
0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 79B5 13 KB
5 KB 36ms
35ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.swissadserver.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

accept-ranges: bytes
age: 5040
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 09:16:21 GMT
expires: Thu, 26 Sep 2024 09:16:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C066 829 B
1 KB 109ms
42ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

51170c852799630d48c408bc118e0fe57226df2b7b021cc2d266bb516ebf0d61

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sTo5ywU6VIPhy30edsoopg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.swissadserver.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sTo5ywU6VIPhy30edsoopg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Sep 2023 10:40:21 GMT
expires: Wed, 27 Sep 2023 10:40:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D2A6 0
0 67ms
67ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfS8SADXJ7aYt92SHi70iQDoF-R1J-Xy8tUnp-lLvsO555e6GGm8AOQRi_10zUpx4gwXiObWQbPlMXqm4UCEnqCmKsQJfD9-epIwzmA7_kEP8-4x9tz-qoEct7FpJd6b_caSNolfJ_MSiOuUb0ulBczG1Z8OCbVfa46DVGjOjIW-TZVgDeeio_2okFCkHgTadqevtrRoMQf4QN91mGzudc3Wb1odUC1GD4R4l7XLfnnZI2cGDUkeuuHjpj9MMBDN5sI-dJ4UY4FKscxk0DXx6H8Ja-hgCkC9JJrnBeVBSL0DJjigQK4EWf3p_KdGFiztsDEOXQbtl6iaQfObQ8c8WuJG_pGX6Zi6K1lI3-Mwy8&sai=AMfl-YTJxn2kiurdPglvk8agZdLtPHPP7_ZXZADKbApUwlOy3VnncPMFd8dmZ2QgQlnkc8kqXeGXvIQYkhdIRtFlWfR0uLuypdMnxTqKtWgNwHfu29sNaXCe3haR8nF-IBZys2cmHRNWm7tCBjqHKvd7&sig=Cg0ArKJSzI8zsIk8h0GKEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 27 Sep 2023 10:40:21 GMT

GET jload
pixel.adsafeprotected.com/ Frame 3029 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8924 0
0 66ms
66ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssq0Nez1G3g8xq2Vc2MwtPw-A8eZw83mAe9mWTuJsBAiZRhH2QOPqc86lAAGk4dRMxq2cmS6n5vERGZp9mN-1pEyQdKnTjkhEdVObFCGNh4bki6OLPHubcCrl8BalyM3H7qAhf-viGu2yntPpqlGxD0GMpIFimy4xVEKrWlrN0W5w5rSEmA-_x3-oqG_7MoyLiKLh4Xd2x3_Io-L-e-MO-K84Vw2DI0yP9iDhfA5NGl2UK8JtQfTRLYoD-jShX1RC2gpkiCK_B9uebfyy1QeWzItdlXcQp5UCVzCiBnpFKC4esUVLd0hjRWKhq8S5bybMLZNYcGfsUjoggKp3U8Ul_Btv-F0Cc8a5suADcM_Mev&sai=AMfl-YTqlaw-jo_5pSkdsrtYBXpXzgCxZ2nlqLqRJbLFUQC2RiBBzIg4RqJeuF9LPivlHNItky9gKyNBmnpnOkz1H2BHrJyHbo1mQd2hpfGrKbvg4xXKCN2i1MoFUrWVGZYzFUwI_yMgcLgjA8qHxms&sig=Cg0ArKJSzM7kI99pJ4UeEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 27 Sep 2023 10:40:21 GMT

GET jload
pixel.adsafeprotected.com/ Frame 9433 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3C59 0
0 68ms
67ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3cPdToLvvQHo4BFzIix1ZC3TG3o20YEJp4MpylgX4aeenZuS42WiXWIzBbOmMEZqZCULtKDQmpfA-hvmX_5uLG9x8wUBPUQ7eB9VTHUoIs6Boz2czaTZ5lJbtUbXRiEYyhPhwxvRIJmRG0x1Q1k0njrfmJOvjMTlF1FwWmlPf3ttqCEotAe3uOzSscPN7yGnmqQnFwsFenJJ0ZYHuanh4saksojWMWLsrXnXP9RA9q53vG5jp0HVy9i7qoRBEmi84RSCvfM--v-ZdvM3Hf-H9EN_A4jNlxbaC8jb3l4EBUOPs1qGDBe7vD0j3Zh7UUdzFNXJX4N6Os9029GIBMi-KX89aXMdmwkLg3RWrBHi3&sai=AMfl-YSrlBFuFjUhx4BXMXzFhv2hXQcK7MNO2lmw_JwhttVOxnKiFmQJvEsRsGh7k54lU6xG8NGoZ5VI16dHHmYqOoX_T383dl73-lpqbeoTscU_jTWYCwCU48cYGw5vF9ZQ_wHWAbhnBK-D1mJu41Ji&sig=Cg0ArKJSzKwz00LVwrPiEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 27 Sep 2023 10:40:21 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4BAE 0
0 68ms
67ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv89nGRxMtO7RAeydKB3f9ZXz1q3y7zCSiZBzby4wEl-igeDk8zJ-9hvGaZEAzsgp0BtKpQD0RwH3e7CicMJDAUlTMeyJYuBD5RuaMjLAIHK2lUMmBJKf8hk_hxLVmNC3XB9j4rhRZcOcpIOKGjoyC2D4LJCoHeB5lqGbC96GCrI-X8NCjYC9MoRGxInyCOkIWzm7wuOwhEV-muTQRpw33rqzfcT3RwdJISx3BEvqaSJbPU05NqqAMzA8tyfwiQpEohOuy7s8sHGkErtpRAPiXSg3cxemQjyoMg_-CCJ8NOR2OZD_9sRmJfIzk4Z6JcFuoHdrfYkuLVnCojGoJpsforkh86UcHSDHAGJSbwNy1x&sai=AMfl-YRZ5-wno5pe4KE-NpopZ3S_w9PZtxZMKFyVhpj_q7Ru5GtJTex32ogFZyjzGu3xmkexauVNVfIytJggJIEga5gK52KXVUM5ZkCU_0hBgXtcZBFtBNz7oajBHT_ZaAQPBr7r55pNT7qP-psH5nvc&sig=Cg0ArKJSzC9umYnm_ojwEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 27 Sep 2023 10:40:21 GMT

GET jload
pixel.adsafeprotected.com/ Frame F927 0
0

GET
H3 200 tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js Show response
pagead2.googlesyndication.com/bg/ Frame 79B5 37 KB
14 KB 91ms
31ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 08:08:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14772
x-xss-protection: 0
last-modified: Mon, 18 Sep 2023 15:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Sep 2024 08:08:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C066 0
0 117ms
66ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309210101&jk=23495494249868&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 79B5 0
10 B 29ms
29ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?d5ULAw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 10:40:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
66ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309210101&jk=23495494249868&bg=!WlmlWRbNAAYrDsWMCw47ADQBe5WfOKet_9cw2vrACGUAZBG92NynkK1JNik3fjCpssSQYvWS63kvn1Fb3es87RW9LZjwAgAAADxSAAAACGgBBwoAcADxCoT251lhzsneTJk_zCcCTug34mAc0feflcI6WFgakFSziPwHlqTtLNO2cN_BsuYGI8y78uDlB_0LM-oPCQiKUynt5c-JUpsx7U1uKnDQ_oEswtI-t2uITMWXZhdU383p_nC33ejb2mkYjvUK7g6ZAswrJ5dQYrL2_uZmWEzAYzD2xMghpqygfCzom_WSpddWJWcLm82zLXEKVFQeIyIYR6R6dE1oNdic_foz8wWXwpUCIGd9MXIkWQ6dIYZVz12BPqyQcD9th62OJqfm8ph486V7iKhWHg07ZvKVQfhEdSBsFTkuBBZEjpYiLRTNBF7mt8MsKx5ZzEc9HDqPr8k8F_UDGvqcjs1BxXRu-czAIJc1s5x3aLFAYgLMICQqTgty9gWWJBPKpPTYzxQqqJRzvBebwN3Ru8Ixc4Q6l9maXrdo0DJeQd7o5aGc8gkbQCtWUQ0Tke89I2X7Fzb4HqMJstHc_omPkDQRH6gCesiyNxjsfwt903pbhuJJuntkYjHjOok8PcAiKapTCO_nKvKCa7ylnH4CjZWcfiWiBkgH0vKh78MMITivOTNVy_FJH5KYgHei9f2ArdQlHV2ZoLZADuRDpN8fvLF7yYZf4V70XbDQNnltFqD0BsAVqaoJjyVnFb58KJTIF8WrO26rO6Tw2fb_Sav27zO4YcBEMcbT0xOEJ0sMLkzATWpkkZ79GaeqlKdp7g75W5_De-B_ErrJXg8XZ6syp6GDKaq-TPnbOXzJdNph-mE7TCM173io7og5wWKEyZ4RoBoDk9lXr4_YABR0J2F4nvxf_A_yg0SU-5g4Cgl5MQErwwOkJIdBsJgGezJWbAoCh4AprGbH9axnREakKXSdt09_7hZBAEvsnGwInu_W2GZgEOFqFd3rVRz1Q4raMfyhcJqhIUDNrDgrE_zgtJHqf2HictBgQa9LtdxAZcPSXS42Yl-lH4EN_E3uniRdBaeGj_QMRs_lXUcpR3f-CBBn7UHbE2HGau23zCYf0GrjVGi80vw0iPyrMjfidTCeTKLr2Rv9KpetJJWpqomvWj_pujOz5pxCKRCENZON2sZ-Klcwm7b6hU6Z8-4aJ-qyKcw3H7-ivf31lw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8924 42 B
174 B 136ms
135ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsva-wW0580JWY6sU7nZYC7XeDs5a03URW9IgVzotmk6yq2hcC_V5CIxCC5McL_SsSeKGpUNwhwV0xejIjFQk9pvlX-alzbO4Khn8vQUZyZcrGeFwg_kQ7qDmSA0FHRM&sig=Cg0ArKJSzBaY7ivLlW8VEAE&id=lidar2&mcvt=1000&p=46,802,296,1096&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230925&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2674425955&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695811220868&rpt=274&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:40:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D2A6 42 B
108 B 136ms
136ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsueuDeaWtafdnMtf4zL7HWMn5kTFZBTB_6U6pCxxwuuoolb8oA3pfKKWXjoodCsTSECX0E9VVXdNi0-zc5cDtg31yeYnhEgeDHkKx7ZNHkDMldfMRPRyF9gkRoImyKV&sig=Cg0ArKJSzDf2tv8wvAf7EAE&id=lidar2&mcvt=1001&p=46,504,296,798&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230925&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=793892471&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695811220856&rpt=260&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:40:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4BAE 42 B
108 B 141ms
141ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2cc5_Fj65x-H5Ez76HIEzV5UVf8q6HfTir7WUR1jFiLklg79eK_iyuXqmHpRm7YMNUWJLoiwOLIh4bSjOVru1bP7PIc0fmGZ5jxN2P_EPXabxqRuZn4P2CEwr9K3v&sig=Cg0ArKJSzH2uJhN8VNPPEAE&id=lidar2&mcvt=1000&p=46,1100,296,1394&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230925&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2034361088&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695811220878&rpt=303&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:40:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3C59 42 B
108 B 139ms
139ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsui9r3WCw7erkV3Vumhkr-CedMe4okFLon7AhrsznU1q_VmprIKQ3gEbsVOSwIJeIbmqvwZa-97ykSs0mDiotTyWzRXAD-hb73h_gG2Gilxt7z9JGGz4cz2gXir5xJV&sig=Cg0ArKJSzEHIaLH8A_O_EAE&id=lidar2&mcvt=1002&p=46,206,296,500&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230925&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3463513121&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1695811220839&rpt=327&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Sep 2023 10:40:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930546&campId=294x250&pubId=5232675802&chanId=22841513681&placementId=6162740628&pubCreative=138413924432&pubOrder=3113356528&cb=1199254632&adsafe_par&impId=

Domain: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930546&campId=294x250&pubId=5232675802&chanId=22843542539&placementId=6177682547&pubCreative=138416550673&pubOrder=3121627673&cb=580663893&adsafe_par&impId=

Domain: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930546&campId=294x250&pubId=5232675802&chanId=22843243390&placementId=6162524040&pubCreative=138413982666&pubOrder=3113356528&cb=284574072&adsafe_par&impId=

Domain: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930546&campId=294x250&pubId=5232675802&chanId=22843530983&placementId=6167291467&pubCreative=138414202847&pubOrder=3117053208&cb=448247584&adsafe_par&impId=

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.swissadserver.ch/	1970-01-21 00:25:07	Name: __gads Value: ID=f3b531a9996b8cc9:T=1695811220:RT=1695811220:S=ALNI_MZFK-Aiyrny1EwRB5zld_qK1MmR_Q
.swissadserver.ch/	1970-01-21 00:25:07	Name: __gpi Value: UID=00000cb1dfb898ad:T=1695811220:RT=1695811220:S=ALNI_MZBGPYWKoxpAdE_VxdgbnZ5XLjjSQ
.doubleclick.net/	1970-01-21 00:25:07	Name: IDE Value: AHWqTUm0wyJHKXPiKPi-FJpfk5PUt2wwIWk5D-ErgqVKLrRh9ATSnC9H-1ygSyW7MNM

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.swissadserver.ch/BatonTurboWeb-Medium.34b36a55.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.swissadserver.ch/BatonTurboWeb-Medium.10714ed3.woff Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0be138296f514d669d519301dfd5094c.safeframe.googlesyndication.com
files.publishing.tamedia.ch
pagead2.googlesyndication.com
pixel.adsafeprotected.com
securepubads.g.doubleclick.net
swissadserver.ch
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.swissadserver.ch
pixel.adsafeprotected.com
185.46.59.235
2600:9000:223c:e800:e:5a66:ac0:93a1
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2002
2a00:1450:4001:829::2001
2a00:1450:4001:830::2002
00da2348f3d58635e923448c268929fdb485686a85a4209964868ec3be5b49cf
0f751fddc13ff4ccdb45026ad21389931565198efee5935e84a9d3325537687a
17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c
2454bf88ea3827dfa1f996ee0b0788b3eb5271b225ec4ff48d82336e55f0ec1e
2a10d7274245c2f72b725f109a98a2e21335582be2a7127db612dc93023674cd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3f98de31795901b326856dfcaaa67c4a541d6bb5a1e37c1d0a1b60b9743cad4b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
51170c852799630d48c408bc118e0fe57226df2b7b021cc2d266bb516ebf0d61
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5bcbf642872664a570a6067ce6a5bffe4f99c26138d886b03a5f10ecf344a103
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6775aa194b16913626847c794815f64920d7528c7744569af109d433fe04d1e3
8354bdfdb2a18dedbc7ddad38214c0040df96d89863a789cfe680ff88863a554
88fede8c1dd00518cfea1edf245d424e44e964c6d3a83f65b6f77d2b7c2dc017
8cf4b446acf445d89bcbd00a0121b9028a0175c0501fc43b1e603c7ddeacf465
b255fec3530462b92005c536eccaa958b6ed126823d6a0dae4daa52189ec47d6
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
c4a0b262c74c7466a00144f49c346951b39e35ca464f6cdc3160f8c103810a3f
c5ee3310b2019826e8368a4ba0b56af6d7953a3a416cb1cf94e454300c6e2e98
c9265f36ca4a2e2e3d4a91253d00159fb92f3027009d3ec877e22e3ff955463f
d0de35029eda2bb34ece2b5b82ebc942bbfdb4dd6b6c6598a89d5d6c321436e8
d8cf9c099210d35a81ecaa76fa79748cf99d5435a3e8d469dc964cea4faac124
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1db2f8b6c3803dadb4c562031b0bccd11b48e9dcf64f1ac7fa99b56111435b5
ff18e273fc7f233bf924108949a94f34e0587ed1cdfaa6820ba90be9cb739720

www.swissadserver.ch Open in urlscan Pro 185.46.59.235 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

92 %HTTPS

88 %IPv6

7 Domains

10 Subdomains

9 IPs

3 Countries

747 kBTransfer

1766 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.swissadserver.ch Open in urlscan Pro
185.46.59.235 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

92 %
HTTPS

88 %
IPv6

7
Domains

10
Subdomains

9
IPs

3
Countries

747 kB
Transfer

1766 kB
Size

3
Cookies

48 HTTP transactions
4 data transactions