urlscan.io logo urlscan.io
SecurityTrails logo

www.onlinepc.ch Open in urlscan Pro
208.82.75.19  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Submission: On February 23 via manual from CH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 78 IPs in 14 countries across 67 domains to perform 394 HTTP transactions. The main IP is 208.82.75.19, located in Germany and belongs to BOREUS, DE. The main domain is www.onlinepc.ch.
TLS certificate: Issued by R3 on February 21st 2023. Valid for: 3 months.
This is the only time www.onlinepc.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
45 208.82.75.19 205411 (BOREUS)
2 2a03:2880:f08... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
1 95.217.0.30 24940 (HETZNER-AS)
1 3.19.54.139 16509 (AMAZON-02)
4 92.123.36.4 16625 (AKAMAI-AS)
4 23.203.125.62 16625 (AKAMAI-AS)
5 23.206.208.114 16625 (AKAMAI-AS)
34 2a00:1450:400... 15169 (GOOGLE)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 188.40.114.52 24940 (HETZNER-AS)
3 65.9.66.21 16509 (AMAZON-02)
1 23.35.229.181 16625 (AKAMAI-AS)
16 2a00:1450:400... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 146.75.118.132 54113 (FASTLY)
1 69.192.161.152 16625 (AKAMAI-AS)
1 23.203.125.36 16625 (AKAMAI-AS)
1 199.232.196.134 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
4 52.21.182.101 14618 (AMAZON-AES)
8 151.139.128.10 20446 (STACKPATH...)
3 2.18.79.139 20940 (AKAMAI-ASN1)
5 5 52.28.194.209 16509 (AMAZON-02)
2 2 185.29.134.248 30419 (MEDIAMATH...)
1 52.59.131.191 16509 (AMAZON-02)
1 9 185.89.210.82 29990 (ASN-APPNEX)
2 13.225.84.104 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 23.35.229.56 16625 (AKAMAI-AS)
7 146.20.132.205 27357 (RACKSPACE)
17 2600:9000:211... 16509 (AMAZON-02)
4 151.101.0.134 54113 (FASTLY)
1 70.42.32.223 22075 (AS-OUTBRAIN)
5 5 35.214.223.115 15169 (GOOGLE)
20 146.20.128.170 27357 (RACKSPACE)
5 5 46.228.164.11 56396 (AMOBEE)
5 5 34.193.119.217 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
17 146.20.128.189 27357 (RACKSPACE)
15 2a00:1450:400... 15169 (GOOGLE)
4 185.89.210.244 29990 (ASN-APPNEX)
3 23.203.124.180 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 199.232.192.134 54113 (FASTLY)
2 52.222.174.62 16509 (AMAZON-02)
2 52.58.40.157 16509 (AMAZON-02)
25 2.18.36.193 16625 (AKAMAI-AS)
2 2600:9000:201... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 199.232.192.64 54113 (FASTLY)
1 5 185.64.190.78 62713 (AS-PUBMATIC)
3 4 37.157.5.141 198622 (ADFORM)
9 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.165 1299 (TWELVE99 ...)
4 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.1.9 44788 (ASN-CRITE...)
3 3 142.251.39.66 15169 (GOOGLE)
2 2 35.201.96.126 396982 (GOOGLE-CL...)
1 185.64.190.87 62713 (AS-PUBMATIC)
1 35.204.74.118 396982 (GOOGLE-CL...)
1 3.33.220.150 16509 (AMAZON-02)
1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
1 185.64.190.81 62713 (AS-PUBMATIC)
3 185.64.190.75 62713 (AS-PUBMATIC)
7 185.64.189.221 62713 (AS-PUBMATIC)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 2 52.94.220.185 16509 (AMAZON-02)
2 2 151.101.66.49 54113 (FASTLY)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
1 1 141.95.97.231 16276 (OVH)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 98.98.134.241 21859 (ZEN-ECN)
3 52.76.1.245 16509 (AMAZON-02)
1 52.38.109.236 16509 (AMAZON-02)
4 3.222.50.168 14618 (AMAZON-AES)
1 195.5.165.20 ()
1 35.186.193.173 ()
1 157.90.40.26 ()
1 52.208.76.249 ()
1 1 134.209.207.35 ()
394 78
45    208.82.75.19 (Germany)

ASN205411 (BOREUS, DE)
PTR: developer-com.de.dns.boreus.de
www.onlinepc.ch
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    95.217.0.30 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.0.217.95.clients.your-server.de
cdn.onthe.io
1    3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
ads.vidoomy.com
4    92.123.36.4 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-4.deploy.static.akamaitechnologies.com
a.teads.tv
4    23.203.125.62 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-62.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
5    23.206.208.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-114.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
34    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2400:52e0:1e00::1079:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)
widgets.getsitecontrol.com
2    2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
65ca03a27a67da26bde4694b729e8ad8.safeframe.googlesyndication.com
9f905641ea9cf2112ec71d0125f9622c.safeframe.googlesyndication.com
4    188.40.114.52 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.52.114.40.188.clients.your-server.de
tt.onthe.io
3    65.9.66.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-21.fra56.r.cloudfront.net
images.intellitxt.com
1    23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
16    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
12    2606:4700:20::ac43:44e1 (United States)

ASN13335 (CLOUDFLARENET, US)
adnz.co
xd.adnz.co
api.adnz.co
6    2606:4700::6813:a960 (United States)

ASN13335 (CLOUDFLARENET, US)
js.srvtrck.com
search.srvtrck.com
hades.srvtrck.com
i.srvtrck.com
1    146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
1    69.192.161.152 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-161-152.deploy.static.akamaitechnologies.com
z.moatads.com
1    23.203.125.36 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com
at.teads.tv
1    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
onlinepc.disqus.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    52.21.182.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-182-101.compute-1.amazonaws.com
k.intellitxt.com
8    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
ad.lkqd.net
3    2.18.79.139 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-139.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
5    52.28.194.209 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-194-209.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    52.59.131.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-131-191.eu-central-1.compute.amazonaws.com
a.vidoomy.com
9    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
2    13.225.84.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-104.fra2.r.cloudfront.net
dnlgm0m0r44nl.cloudfront.net
5    2a00:1450:400d:808::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
2    23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com
t.teads.tv
7    146.20.132.205 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
17    2600:9000:211a:e200:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.disquscdn.com
4    151.101.0.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
1    70.42.32.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
5    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
20    146.20.128.170 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
5    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
5    34.193.119.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-119-217.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
17    146.20.128.189 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
15    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    185.89.210.244 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ams3-ib.adnxs.com
3    23.203.124.180 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-180.deploy.static.akamaitechnologies.com
crcdn01.adnxs.com
acdn.adnxs.com
1    2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    199.232.192.134 (United States)

ASN54113 (FASTLY, US)
referrer.disqus.com
2    52.222.174.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-62.cdg50.r.cloudfront.net
cdn.viglink.com
2    52.58.40.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-40-157.eu-central-1.compute.amazonaws.com
optimized-by.rubiconproject.com
25    2.18.36.193 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-193.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
2    2600:9000:2017:5200:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)
vpaid.springserve.com
1    2606:4700::6813:a860 (United States)

ASN13335 (CLOUDFLARENET, US)
hades.srvtrck.com
3    199.232.192.64 (United States)

ASN54113 (FASTLY, US)
links.services.disqus.com
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.5.141 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
9    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
4    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    142.251.39.66 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net
cm.g.doubleclick.net
2    35.201.96.126 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2a05:d018:d29:3601:d295:c4e8:8fc9:991a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
3    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
7    185.64.189.221 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
st.pubmatic.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    77.243.60.138 (Norresundby, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    141.95.97.231 (France)

ASN16276 (OVH, FR)
PTR: haproxy-eu-002.roqad.pl
ws.rqtrk.eu
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
3    52.76.1.245 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-1-245.ap-southeast-1.compute.amazonaws.com
vid-io-sin.springserve.com
1    52.38.109.236 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-109-236.us-west-2.compute.amazonaws.com
vid-io-cle.springserve.com
4    3.222.50.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-50-168.compute-1.amazonaws.com
vid-io-iad.springserve.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    157.90.40.26 (None, )

ASN- ()
matching.truffle.bid
1    52.208.76.249 (None, )

ASN- ()
sync.crwdcntrl.net
1    134.209.207.35 (None, )

ASN- ()
match.adsby.bidtheatre.com
Apex Domain
Subdomains		 Transfer
55 pubmatic.com
vpaid.pubmatic.com — Cisco Umbrella Rank: 4660
ads.pubmatic.com — Cisco Umbrella Rank: 457
image6.pubmatic.com — Cisco Umbrella Rank: 725
simage2.pubmatic.com — Cisco Umbrella Rank: 668
image2.pubmatic.com — Cisco Umbrella Rank: 846
aud.pubmatic.com — Cisco Umbrella Rank: 4167
image4.pubmatic.com — Cisco Umbrella Rank: 938
vid.pubmatic.com — Cisco Umbrella Rank: 7491
st.pubmatic.com — Cisco Umbrella Rank: 1003
302 KB
52 lkqd.net
ad.lkqd.net — Cisco Umbrella Rank: 23952
v.lkqd.net — Cisco Umbrella Rank: 16972
cs.lkqd.net — Cisco Umbrella Rank: 2872
t.lkqd.net — Cisco Umbrella Rank: 19712 Failed
220 KB
45 onlinepc.ch
www.onlinepc.ch
1 MB
38 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 202
553 KB
35 googlesyndication.com
ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
65ca03a27a67da26bde4694b729e8ad8.safeframe.googlesyndication.com
9f905641ea9cf2112ec71d0125f9622c.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
318 KB
17 disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 4888
567 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6738
crcdn01.adnxs.com — Cisco Umbrella Rank: 11710
acdn.adnxs.com — Cisco Umbrella Rank: 542
secure.adnxs.com Failed
193 KB
12 adnz.co
adnz.co — Cisco Umbrella Rank: 60322
xd.adnz.co — Cisco Umbrella Rank: 133805
api.adnz.co — Cisco Umbrella Rank: 66181
217 KB
10 springserve.com
vpaid.springserve.com — Cisco Umbrella Rank: 9421
vid-io-sin.springserve.com — Cisco Umbrella Rank: 8815
vid-io-cle.springserve.com — Cisco Umbrella Rank: 8768
vid-io-iad.springserve.com — Cisco Umbrella Rank: 8213
179 KB
9 disqus.com
onlinepc.disqus.com
disqus.com — Cisco Umbrella Rank: 1226
referrer.disqus.com — Cisco Umbrella Rank: 7028
links.services.disqus.com — Cisco Umbrella Rank: 13981
70 KB
9 google.com
adservice.google.com — Cisco Umbrella Rank: 73
www.google.com — Cisco Umbrella Rank: 2
3 KB
7 srvtrck.com
js.srvtrck.com — Cisco Umbrella Rank: 494189
search.srvtrck.com — Cisco Umbrella Rank: 962063
hades.srvtrck.com — Cisco Umbrella Rank: 549764
i.srvtrck.com — Cisco Umbrella Rank: 232146
24 KB
7 intellitxt.com
images.intellitxt.com — Cisco Umbrella Rank: 56987
k.intellitxt.com — Cisco Umbrella Rank: 42489
78 KB
7 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1329
at.teads.tv — Cisco Umbrella Rank: 4546
t.teads.tv — Cisco Umbrella Rank: 2658
136 KB
6 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1404
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3312
odb.outbrain.com — Cisco Umbrella Rank: 1596
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6045
90 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
266 KB
5 gstatic.com
fonts.gstatic.com
81 KB
5 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 644
2 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 755
2 KB
5 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 879
1 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 277
2 KB
5 onthe.io
cdn.onthe.io — Cisco Umbrella Rank: 17710
tt.onthe.io — Cisco Umbrella Rank: 14389
22 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 590
2 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8947
940 B
4 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 1580
m.addthis.com — Cisco Umbrella Rank: 1550
142 KB
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24172
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27395
897 B
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439
ups.analytics.yahoo.com — Cisco Umbrella Rank: 265
1 KB
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 624
2 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1141
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 591
740 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 940
2 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 3661
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4426
562 B
2 rubiconproject.com
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 4681
1 KB
2 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 9027
773 B
2 cloudfront.net
dnlgm0m0r44nl.cloudfront.net
16 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 459
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
20 KB
2 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 24917
a.vidoomy.com — Cisco Umbrella Rank: 2665
10 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
87 KB
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 truffle.bid
matching.truffle.bid
1 ctnsnet.com
ipac.ctnsnet.com
369 B
1 iprom.net
core.iprom.net
279 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 596
191 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2777
104 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3920
338 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 2435
382 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 654
589 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 296
265 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 730
612 B
1 crwdcntrl.net
sync.crwdcntrl.net Failed
266 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 686
363 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 1748
345 B
1 moatads.com
z.moatads.com — Cisco Umbrella Rank: 433
1 KB
1 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 9335
464 B
1 getsitecontrol.com
widgets.getsitecontrol.com — Cisco Umbrella Rank: 15376
874 B
0 erne.co Failed
green.erne.co Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 unrulymedia.com Failed
sync.targeting.unrulymedia.com Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 audrte.com Failed
a.audrte.com — Cisco Umbrella Rank: 2469 Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 adition.com Failed
dsp.adfarm1.adition.com Failed
0 wemfbox.ch Failed
onlinepc-ssl.wemfbox.ch Failed
394 67
Domain Requested by
45 www.onlinepc.ch www.onlinepc.ch
cdn.onthe.io
34 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.onlinepc.ch
adnz.co
ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
20 cs.lkqd.net ad.lkqd.net
17 t.lkqd.net ad.lkqd.net
17 c.disquscdn.com onlinepc.disqus.com
disqus.com
c.disquscdn.com
16 vpaid.pubmatic.com ad.lkqd.net
vpaid.springserve.com
blank
16 tpc.googlesyndication.com securepubads.g.doubleclick.net
ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
tpc.googlesyndication.com
15 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
www.onlinepc.ch
9 simage2.pubmatic.com ads.pubmatic.com
9 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
9 ib.adnxs.com 1 redirects adnz.co
acdn.adnxs.com
8 ad.lkqd.net www.onlinepc.ch
ad.lkqd.net
7 st.pubmatic.com
7 v.lkqd.net ad.lkqd.net
6 www.googletagservices.com www.onlinepc.ch
securepubads.g.doubleclick.net
ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
5 image6.pubmatic.com 1 redirects ads.pubmatic.com
5 fonts.gstatic.com fonts.googleapis.com
5 sync.srv.stackadapt.com 5 redirects
5 ad.turn.com 5 redirects
5 csync.loopme.me 5 redirects
5 www.google.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 x.bidswitch.net 5 redirects
4 vid-io-iad.springserve.com
4 image2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 hades.srvtrck.com js.srvtrck.com
hades.srvtrck.com
4 api.adnz.co adnz.co
4 ams3-ib.adnxs.com www.onlinepc.ch
4 disqus.com onlinepc.disqus.com
c.disquscdn.com
4 xd.adnz.co adnz.co
xd.adnz.co
4 k.intellitxt.com images.intellitxt.com
k.intellitxt.com
www.onlinepc.ch
4 adnz.co securepubads.g.doubleclick.net
ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
adnz.co
4 tt.onthe.io cdn.onthe.io
4 adservice.google.com securepubads.g.doubleclick.net
4 adservice.google.de securepubads.g.doubleclick.net
4 a.teads.tv www.onlinepc.ch
a.teads.tv
3 vid-io-sin.springserve.com
3 vid.pubmatic.com vpaid.pubmatic.com
3 cm.g.doubleclick.net 3 redirects
3 links.services.disqus.com c.disquscdn.com
3 ads.stickyadstv.com www.onlinepc.ch
ad.lkqd.net
3 images.intellitxt.com www.onlinepc.ch
k.intellitxt.com
images.intellitxt.com
3 s7.addthis.com www.onlinepc.ch
s7.addthis.com
3 widgets.outbrain.com www.onlinepc.ch
widgets.outbrain.com
2 cr.frontend.weborama.fr 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 sync-tm.everesttech.net 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 ups.analytics.yahoo.com 2 redirects
2 visitor.fiftyt.com 2 redirects
2 d5p.de17a.com 2 redirects
2 vpaid.springserve.com ad.lkqd.net
2 optimized-by.rubiconproject.com ad.lkqd.net
2 cdn.viglink.com www.onlinepc.ch
2 crcdn01.adnxs.com adnz.co
2 t.teads.tv www.onlinepc.ch
2 dnlgm0m0r44nl.cloudfront.net js.srvtrck.com
2 sync.mathtag.com 2 redirects
2 ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.onlinepc.ch
www.google-analytics.com
2 connect.facebook.net www.onlinepc.ch
connect.facebook.net
1 match.adsby.bidtheatre.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 vid-io-cle.springserve.com
1 pixel-sync.sitescout.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ws.rqtrk.eu 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 match.adsrvr.org ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 i.srvtrck.com
1 search.srvtrck.com js.srvtrck.com
1 referrer.disqus.com www.onlinepc.ch
1 fonts.googleapis.com client
1 acdn.adnxs.com adnz.co
1 9f905641ea9cf2112ec71d0125f9622c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 65ca03a27a67da26bde4694b729e8ad8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 a.vidoomy.com www.onlinepc.ch
1 stats.g.doubleclick.net www.google-analytics.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 onlinepc.disqus.com www.onlinepc.ch
1 at.teads.tv a.teads.tv
1 z.moatads.com s7.addthis.com
1 odb.outbrain.com widgets.outbrain.com
1 js.srvtrck.com www.onlinepc.ch
1 widget-pixels.outbrain.com www.onlinepc.ch
1 tcheck.outbrainimg.com widgets.outbrain.com
1 widgets.getsitecontrol.com www.onlinepc.ch
1 ads.vidoomy.com www.onlinepc.ch
1 cdn.onthe.io www.onlinepc.ch
0 green.erne.co Failed ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 secure.adnxs.com Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 sync.targeting.unrulymedia.com Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 a.audrte.com Failed ads.pubmatic.com
0 bh.contextweb.com Failed ads.pubmatic.com
0 dsp.adfarm1.adition.com Failed ads.pubmatic.com
0 onlinepc-ssl.wemfbox.ch Failed www.onlinepc.ch
394 111
Subject Issuer Validity Valid
com-professional.de
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-12-02 -
2023-03-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.onthe.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-02 -
2023-07-02		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
*.getsitecontrol.com
Go Daddy Secure Certificate Authority - G2		 2022-03-05 -
2023-04-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
images.intellitxt.com
Amazon		 2022-10-10 -
2023-11-07		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-04 -
2023-06-03		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-20 -
2023-04-20		 a year crt.sh
k.intellitxt.com
Amazon RSA 2048 M02		 2023-02-11 -
2024-03-11		 a year crt.sh
ad.lkqd.net
R3		 2023-01-28 -
2023-04-28		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-27 -
2023-07-18		 a year crt.sh
a.disquscdn.com
Amazon		 2022-09-30 -
2023-10-29		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
viglink.com
Amazon		 2022-10-13 -
2023-11-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.springserve.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-04-29		 2 months crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-04 -
2023-12-06		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.iprom.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
truffle.bid
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh

This page contains 72 frames:

Primary Page: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Frame ID: 1B680FBEBCDE031D22BCB80E6EB0E852
Requests: 143 HTTP requests in this frame

Frame: https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6B81ACEAB6E55923ABD85573584B6D65
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthjCJ0JK9yqSYw2j0iXmJY4OeJpXeEhCJzOqy4MnjS3NdFBlOxAVqgjBnN96daT09-4VYk9K63aC4LXBTklLgrvNc0sdUNWvUXUJ2fjduFhmw5xD-L4tBo2V-qHsimTmKA87xdf8cMeDsZI0wR_0xu5s2Qq76MdIG2M02CyLH-IDst4kUH6CSpWgh7b_kV6HP5cEXeP70JC5cKzu7icXyTkVKYu2D_Fn52hcBh_zxQi2W5AvYfUMGv_YOwyOV7UCfwJ3QX2p9NvNEPiXTTv4agPgLuLWTcQUInKBYvv3CfwlSej8JvERi21jUCspde8y0He87U2tXSPpHMeXXYJw&sai=AMfl-YQfhyeI7J-M0Xfgt8p50zFPksIC_X0WWAmHikToFo3ZTr6fQ4s7qj-xvMVSI3J8UNk-9ax1QcD8zaT1vRkDyHJOcR00OgxM5jHEpJcyEiePVPzQFdCbshk9EmWVqvJfsDNr13Kx7XRNjP7mrpGU&sig=Cg0ArKJSzECrvhJjsH9kEAE&uach_m=[UACH]&adurl=
Frame ID: F9B6633ACEA13CA44B192C170FB6ED28
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssafSFZrOPTi0Kf2vjQ2Ivzg2neE7iit9LjGMx1E1u2Y803-mz78Ao_dCVdh6bFGETPAsts5M7SVA6F_Fl7hXBu1cb1mM7FU5S9dIzd7asE0KXGQR1Td4PCGbGgpndAZe3kuJ4DpUutPZJBr2_kv0feDkU2or0fariRy4pqwUr-Q9P0ZIGc_knlP72N_tnD4TVc0EjeVyOM6Nnx3pkL92esPBXVhrUgzAVCpXGd2iP-6pE4ky6bq3i-jTmCt2_6lriN2-k-1aPGafPJPLXt-LcpVajcqw_J-RRg5yGvVtPFY2cAxZFXmeUqMdJ_56x-KBXb3c2Llo_pFO93k7Ou&sai=AMfl-YTFiCuV_-CFTzZ3pYYzeSzM_8DiLgwIcDjbIqWGvizY4Ke_dhu5CgP6pHWDnSeGHLXIkUgnzchhpA1XeYRrpVRq66GNWwtRXcjDdrMbgNfcp2IrXZDYSflhh2RLnzlKzrknzzVMajWQOen1lAx5&sig=Cg0ArKJSzC9DoyaGf-u4EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A50C634E370FD61370719547B43BDED4
Requests: 8 HTTP requests in this frame

Frame: https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E2A132307A3EF7512CA21ACE5477C086
Requests: 15 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 08A9DB714F70E9232E1EDA2EE1F034F2
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 66F655EBBDA65EB23F09093BD6A1D8C6
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: CC9C64836AB96C0DCEDB7423029C07A4
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: B2A2F7912BC3C38306369F0819E774DF
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 082AF2E9E3479424764B920C31CDD629
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmm9M7nZfrWxnwOB2SgN19DhIzNlgJK3x-8wC4i9Mjag0jGtK3TgxizFpCMjD4YLasPxzdwO7jfE-PGes9UzG3MazKdOBYoN1I5D9tY5UIgFX9wGN-vdCcWqfkCc6tapskCLje_c7kRjeO6Er0sB592YxIBuD_yrfInygbzrpz2ZbGXeN17Jx5MxanAmxkTznwVT5JdQ3f4JnAgZYUAf5Mww48uHIO2XGl3GT16oFcHk0IdTZChFApAxyEiN6ouyvFqgAE5Hg3G-Yx9UdEmRbxzLeJmbKzJ0n4ey6BlwlvTiy3-75gAJr7jCL278uP1qOoM25NlIsi09s&sai=AMfl-YQDS9M3CoEazI5YuD5CvTNYQiTqzhXrHwfqhzSi1c4UhilfqVh_3fvfWBGkCFhP7Gf6ss8Q7FoNNJ6Cbz0Yn-P0pENCwcdI6h0NOQfJY7JBAW13NDPFlIwRPl89Tw&sig=Cg0ArKJSzFZu3BQWje_6EAE&uach_m=[UACH]&adurl=
Frame ID: A4365DE132B8A4FCEA104A6DAF1F819B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssi6WXs_eeLma8KUipXAhJAbSEEBMOXnjko8lN3oWztTa1BLSlYbP3S9dA_1lxEgDpgWb4U2z4IJg6iHm8HdZXteLGNVGSvX8DyljhrCPlRi73Py9QGo8QaRBYQSmH6UWsb7jazYCVRniYU1pI9bWGM8SG6T5XIQrTvoeqAhY9UOjYBwm6QHY9nnDnn3JQXvuSjqpSdFzY3JO2VfSsx_c-kS2AmhvGQOiIbL3gW3wZXHOKGHJTkkYoL8VH3v_cmmoxjS-6IE_MzjeW8QAFMMxJ8y0gzKzeGBPuuMG4ZyJkyq2UnT71_cmISu0xDfCw3tFqpVF6G2IZFq4A&sai=AMfl-YTLJYUhQsaTIU1l9mJTavXaWZpPEFZn62SPoWSYQVH_DPmiZ2QhYvQvP1jqbq6HHYvS2IM1mCaC2NKY7ewTpkyh-rRAP76Nt3t1B-sbvTJjJgb-8kVqlZ6Gwi4vZA&sig=Cg0ArKJSzMo-Owp7tp2uEAE&uach_m=[UACH]&adurl=
Frame ID: 0753722D865CBD8A947DD945107999AE
Requests: 7 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: F831F73CED37EE6F38354281B9868FEF
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 75CD7AB4E6AB1B592F1840BBD2097967
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 4F85D69AD63B431B65910F9430F1B4EC
Requests: 9 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: 0C7A4B0E3D616AC1C26F8F2086AD7623
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=onlinepc&t_i=1700867&t_u=https%3A%2F%2Fwww.pctipp.ch%2Fnews%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842616.html&t_e=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_d=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_t=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&s_o=default
Frame ID: 64CAF793BFF7E0F047D41F8410F71FAB
Requests: 22 HTTP requests in this frame

Frame: https://65ca03a27a67da26bde4694b729e8ad8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 0A7530AA7447699C29754BE4C7259B4A
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: C82BFDE513201AD223A4A942A6391E22
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 5A5644E5B0064D1DF8E0B23001E69FA7
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 133553654C93C958486B5363AB4501EB
Requests: 2 HTTP requests in this frame

Frame: https://9f905641ea9cf2112ec71d0125f9622c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: A492A8447CA15D6C6D21727EC3C6B008
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 12C20A556173BC21AAD1E7BBFF596B67
Requests: 6 HTTP requests in this frame

Frame: https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.onlinepc.ch%2F&e=wqT_3QLiA3ziAQAAAwDWAAUBCMCj3Z8GENzFgYm86t7EUxgAKjYJAA0BABENCAQAGQkJCERAIQkJCAAAKREJADEJCfD1REAwrL3KBjjXHkDXHkgCUJ3WkYEBWJasYGAAaPrwVHim9wWAAQGKAQCSAQNDSEaYAawCoAHYBKgBAbABALgBAcABAsgBANABANgBAOABAPABANgC_oEB4AKmiVHqAhhodHRwczovL3d3dy5vbmxpbmVwYy5jaC-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APQ3mXgAwDoAwD4AwKABACSBAYvdXQvdjOYBACiBAo4MS45NS41LjM2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggA4AQB8ASd1pGBAYgFAZgFAKAFAMAFAMkFCfwU8D_SBQkJCQxwAADYBQHgBQDwBQD6BQQIABAAkAYAmAYAuAYAwQYRIxDaBhYKEBENEQFwEAAYAOAGAPIGAggAgAcBiAcAoAcAyAem9wXSBw0VXgEmCNoHBgFZcBgA4AcA6gcCCADwB-z2A4oIAhAAlQgAAIA_mAgB&s=630eeea532391f0d48aaf8ebb7cbfd5d2775598e&bdref=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html,https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html,https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&
Frame ID: 6A96D28F3236E1D9EF444E9468165BC6
Requests: 2 HTTP requests in this frame

Frame: https://xd.adnz.co/xdomain_cookie.html
Frame ID: BB5ED3C5FF77FB027753380D07F353BF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3927&pub_id=1255598
Frame ID: CC61DECBDD5DCF09EB683A92B99C3449
Requests: 3 HTTP requests in this frame

Frame: https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com%2F&e=wqT_3QKbBKAbAgAAAwDWAAUBCMCj3Z8GEKKu5rLpzJCxJxjw_rzZ9Ozns0oqNgkAAAkCABEJBwgAABkJCQjgPyEJCQgAACkRCQAxCQn0NAHgPzCtvcoGONceQNceSAJQ-9aRgQFYlqxgYABo-vBUeMn1BYABAYoBAJIBA0NIRpgB4gegAfoBqAEBsAEAuAEBwAECyAEA0AEA2AEA4AEA8AEA2AL-gQHgAqaJUeoCSWh0dHBzOi8vZWEzZDBjMzg1NDUzZWEzN2M2ZDgxNmJhZWM5ZDMzOTQuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOs-QbgAwDoAwD4AwKABACSBAYvdXQvdjOYBACiBAo4MS45NS41LjM2qAQAsgQQCAAQARjiByD6ASgAMAA4ArgEAMAEAMgEANoEAggA4AQB8AT71pGBAYgFAZgFAKAFAMAFAMkFAAAAAAAA8D_SBQkJAAApO2jYBQHgBQDwBQD6BQQIABAAkAYAmAYAuAYAwQYJIRgAANoGFgoQEQ0RAXQQABgA4AYA8gYCCACABwGIBwCgBwDIB8n1BdIHDQkuJgAI2gcGAVlwGADgBwDqBwIIAPAH7PYDiggCEACVCAAAgD-YCAE.&s=42d32de08aded95c4e63c97dcc7cfb12a3162ef6&bdref=https%3A%2F%2Fwww.onlinepc.ch%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.onlinepc.ch%2F,https%3A%2F%2Fea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2Fea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&
Frame ID: 9C895187311673220D104CC43ECB5419
Requests: 2 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 9F9D50788E983AEA4E0AA4BE7C8724C4
Requests: 4 HTTP requests in this frame

Frame: https://xd.adnz.co/xdomain_cookie.html
Frame ID: 8823A5D6AB3A4B611A284232962C04AC
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: FEF64CE9FBFD0A6863899B9D7C1827B5
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Frame ID: 55F51467171B90C9579318C4298D3B78
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9EDF65F2D65078A767FD860F4D2F28C8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4D86C960836A6284F0541E52761CCC37
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B0E137834D818EDDB550332512999D10
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB92CFC9C5DAF35E5BE54788792AFE6D
Requests: 2 HTTP requests in this frame

Frame: https://hades.srvtrck.com/v2/uuid.html
Frame ID: A818E5470283D6E957EFB5F953CE9327
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2af1ccba.js
Frame ID: 59A5C7BCBA3349441EFCE9E2708BC884
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9DACB0A89CBB339A6F0EA1E23791CB33
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D0917DA9A8AC7542488D5100B910F88D
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152705483,,
Frame ID: C60983BC844BB080431E02B5848D038B
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: FA771F7E4D2B6243F16AE9B0912D8D9C
Requests: 12 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&gdpr=0&gdpr_consent=
Frame ID: C09ECBDCC93AD73ACF79F3F8EA7830E9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f26263f7-51c0-4500-819d-04b3237daec0&gdpr=0&gdpr_consent=
Frame ID: 497E161947713D3CC5EDCF6FF163EC00
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6963015184779666125
Frame ID: 514548D1C801216FE2BDF8C79DC1CDAF
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 33048BA1E22BAD51BA83862496278835
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152705483,,
Frame ID: 3E223BDDB0FA3536E53F057D791801FA
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 6D672CD24630E920C0582C1DB60F7378
Requests: 9 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NiFcjTUjWYktJl_eZnQX2WVzDoItJwyIOSBzgHxi
Frame ID: 9B0C2B9A44762E2A20A7B311E07188AF
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: D092908017C9E829BEC343D7FBD4D59E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5361429147399700336&gdpr=0&gdpr_consent=
Frame ID: 952A6C2DE20F1A91BCBF2EAAB3B6373B
Requests: 1 HTTP requests in this frame

Frame: https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
Frame ID: F6203D943E8DC3DE6C731941D30BB7A5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WQSRHpcoSjJ-bEmIiYCmplFfBSQ&gdpr=0&gdpr_consent=
Frame ID: EFC5192D984EF3D137C6F30B9A6BA3E5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-dRwwAJG9ktRAAb&gdpr=1&gdpr_consent=&_test=Y-dRwwAJG9ktRAAb
Frame ID: 30BCE215DC56CEA33338D766DC34A56E
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABkZ07H7qQAACLi7BpYAw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Frame ID: 40038DD02329CF12AFDFECA4BF41AE6D
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 82ABCF8E76739431D62C8133550E0C3E
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 5025F033EA47D64B4108351F892CF6A4
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: D537553585AD8F4B4F4A915256FA2931
Requests: 3 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_2af1ccba.js
Frame ID: 97C70B2C756EA420CF10D0EDAEB290D0
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152709773,,
Frame ID: 763300495906F8FD163F6360B579F48F
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E354E69CAAB3B70FDC61F78E27041A0B
Requests: 6 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 84D50BEDCC440AD043C77A086C76F2EA
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 7C897108CD6AE52C01503D8775FC59F5
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 0EF8A2BD7D34D59661EF272138802E44
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: F3C6C6D8DEB4D9B12D5AD8D79F78A5AB
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: E8C790EEB6557C98E87C6813982B0289
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-43855d9c-8a77-423d-8e28-eac1cff793a6-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-43855d9c-8a77-423d-8e28-eac1cff793a6-003
Frame ID: 59525917EE3B8FB12EAE4B91795DE28F
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 8033BA07027EEF231B8857D4D7D52CD9
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152709773,,
Frame ID: F19432C9C02BC84A6C40BFDB40BC287D
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E0FEDF924A5FE4F83A65EEA2F1305049
Requests: 2 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 103D239CE5AF0F7120E76F3521BF27CE
Requests: 1 HTTP requests in this frame

Frame: https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
Frame ID: B75FBF63B21F0A35FD834180F85DE72F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FEBE5E88D0C843DE8AD00049B4C96925&gdpr=0&gdpr_consent=
Frame ID: 304CF90F20C9603045AB72E51E8263EC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fake-Website der AHV will Kreditkartendaten - onlinepc.chFacebookLinkedInTwitterXing

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

394
Requests

90 %
HTTPS

26 %
IPv6

67
Domains

111
Subdomains

78
IPs

14
Countries

4692 kB
Transfer

11441 kB
Size

78
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=67157373.702299011261973607.49676624 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=67157373.702299011261973607.49676624 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3D0accbe7a-1bb8-4173-a569-36cabf0998ca&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=f26263f7-51c0-4500-819d-04b3237daec0&expires=30&ssp=vidoomy&bsw_param=0accbe7a-1bb8-4173-a569-36cabf0998ca&gdpr=&gdpr_consent= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=0accbe7a-1bb8-4173-a569-36cabf0998ca
Request Chain 156
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=4718608e-83be-44da-921f-9eeaad9d9375
Request Chain 159
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3024092999750677697
Request Chain 160
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=fQPgLkZsQON_EoKPrp-06FFfBSQ
Request Chain 161
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=843d277b-b620-48ec-9b7b-001820c6cfb0
Request Chain 164
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2952035405712749761
Request Chain 165
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=RAIzISAMRxV-phAPzQnu0lFfBSQ
Request Chain 198
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f47a7eaf-5945-4e50-b187-76e9aa7d8ec3
Request Chain 201
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3168208187826533569
Request Chain 202
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WQSRHpcoSjJ-bEmIiYCmplFfBSQ
Request Chain 295
  • https://c1.adform.net/serving/cookie/match?party=14&cid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&gdpr=0&gdpr_consent=
Request Chain 296
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f26263f7-51c0-4500-819d-04b3237daec0&gdpr=0&gdpr_consent=
Request Chain 297
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6963015184779666125
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6NjlcLm0TvKn4iyM0wVHTQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 300
  • https://pixel.onaudience.com/?partner=214&mapped=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5779c00b3844f4d9411e074805dab2e0&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b512174030938010/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Request Chain 301
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&addseg=19,36,42
Request Chain 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RThEOEU1NzAtQjlCNC00RUYyLUE3RTItMkM4Q0QzMDU0NzRE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 303
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC41hO-fBeqGcIDqrv8s00I&google_cver=1
Request Chain 305
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1772418508129252778
Request Chain 308
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-dgRGEV1E2uUlAJz6kaLYIk3.1el0UFk-~A&gdpr=0
Request Chain 322
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NiFcjTUjWYktJl_eZnQX2WVzDoItJwyIOSBzgHxi
Request Chain 323
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 324
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5361429147399700336&gdpr=0&gdpr_consent=
Request Chain 326
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WQSRHpcoSjJ-bEmIiYCmplFfBSQ&gdpr=0&gdpr_consent=
Request Chain 327
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Y-dRwwAJG9ktRAAb HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-dRwwAJG9ktRAAb&gdpr=1&gdpr_consent=&_test=Y-dRwwAJG9ktRAAb
Request Chain 328
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCa1owN0g3cVFBQUNMaTdCcFlBdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABkZ07H7qQAACLi7BpYAw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Request Chain 329
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 331
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D HTTP 302
  • https://a.audrte.com/p
Request Chain 332
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=263422443 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D
Request Chain 333
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0accbe7a-1bb8-4173-a569-36cabf0998ca&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 356
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=7045801d-afea-4f8b-9c8e-fc47d5ee27bb
Request Chain 359
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3168208187826533569
Request Chain 360
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WQSRHpcoSjJ-bEmIiYCmplFfBSQ
Request Chain 381
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 386
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1677152711345 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2115861727 HTTP 302
  • https://sync.1rx.io/usersync/turn/3168208187826533569?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-43855d9c-8a77-423d-8e28-eac1cff793a6-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-43855d9c-8a77-423d-8e28-eac1cff793a6-003
Request Chain 389
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8919b7d8-78e1-4a67-aee4-30876089e014&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 390
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3168208187826533569&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 391
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 401
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FEBE5E88D0C843DE8AD00049B4C96925&gdpr=0&gdpr_consent=

394 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fake-website-ahv-kreditkartendaten-2842631.html
www.onlinepc.ch/internet/sicherheit/ 		74 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b0cc2a9df3dab3ff559d1a7e874b75d4bb70acc216c5cc6582be1acb2ac7be66

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
15948
content-type
text/html; charset=UTF-8
date
Thu, 23 Feb 2023 11:45:03 GMT
server
Apache/2.4.41 (Ubuntu)
server-timing
intid;desc=212c2dffdb3981b3
vary
Accept-Encoding
opc-bootstrap-3.0.0.scss
www.onlinepc.ch/static/serverside/css.php/ 		102 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/static/serverside/css.php/opc-bootstrap-3.0.0.scss?timestamp=1644595648
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9e66ee7919e7d3433bfa7abc394f914a6daef71b0877468ed92c8c0b04d5902e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 10:43:16 +0000
server
Apache/2.4.41 (Ubuntu)
etag
"42d09647512aac3576ae7ddadd7b4bd6"
x-scss-cache
true
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
server-timing
intid;desc=c0722444c1963323
opc-fonts.scss
www.onlinepc.ch/static/serverside/css.php/ 		6 KB
672 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
24004a5afee4a93d03dc240e348b9b61a46e8e2758a8a47bb8051596140c862c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
gzip
last-modified
Fri, 26 Nov 2021 10:42:55 +0000
server
Apache/2.4.41 (Ubuntu)
etag
"bf006d1b5bd79248b77b2f2cc6084d58"
x-scss-cache
true
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
content-length
526
opc.scss
www.onlinepc.ch/static/serverside/css.php/ 		263 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/static/serverside/css.php/opc.scss?timestamp=1644595648
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
113a1911ede3f6ac77fc3bb8de06c25cb88b9064d30283d5dbab4a39d7058501

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
gzip
last-modified
Wed, 15 Feb 2023 13:06:39 +0000
server
Apache/2.4.41 (Ubuntu)
etag
"5736876dacaded8c09a8ad3329a8461c"
x-scss-cache
true
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
server-timing
intid;desc=e1c59de3a53475b8
jquery.min.js
www.onlinepc.ch/static/all/javascript/jquery/1.8.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/static/all/javascript/jquery/1.8.2/jquery.min.js
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
gzip
last-modified
Tue, 03 Apr 2018 12:44:09 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"16cfb-568f110093840-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
33397
jquery-ui.min.js
www.onlinepc.ch/static/all/javascript/jquery-ui/1.10.0/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/static/all/javascript/jquery-ui/1.10.0/jquery-ui.min.js
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
853a5b7955e180299f3bb9c6716a7d77590898a6f363a80dd15a39bb9c0bbacb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
gzip
last-modified
Tue, 03 Apr 2018 12:44:09 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"37777-568f110093840-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
60258
js.php
www.onlinepc.ch/static/serverside/ 		138 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/static/serverside/js.php?timestamp=1644320424&g=opc
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
901c17727aad1ff7e38a0024de2517084acfe7c88c120af008d8364cc0eb7988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 09:37:14 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"pub1622194634;gz"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=1800
content-length
38068
expires
Thu, 23 Feb 2023 12:15:03 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
518ae679102e86f7f239e7520c3cfa186bca295dd019714befcdf45d4b2038d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Feb 2023 11:45:03 GMT
content-md5
VrI6F7Tt3G5JWvOsosfFFA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
MqUDmW0SD5MWtp3O+qrzgekWW8DaF2xjtqiUaywfgFKNdncSrUgw4h1j6h0HSwfxUPk7h7WTDCckHE1hwwJLUg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
3070459b443c22c7471ab272177018ee
cross-origin-opener-policy
same-origin-allow-popups
etag
"3f7fd7078436cb7cccf3c1e40de9344b"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Thu, 23 Feb 2023 11:48:41 GMT
gpt.js
www.googletagservices.com/tag/js/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c76dd3af34e60ee39478311c7a8091bc60e114b2b2f4542e4b9ad1888eed2a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26578
x-xss-protection
0
server
sffe
etag
"1491 / 390 of 1000 / last-modified: 1677107213"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Feb 2023 11:45:03 GMT
oLDUTwtgFj1C
cdn.onthe.io/io.js/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onthe.io/io.js/oLDUTwtgFj1C
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.217.0.30 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.30.0.217.95.clients.your-server.de
Software
nginx /
Resource Hash
14dbf9aba8c4d30029eef850b19a3f9527bc781404d7ca6b83d935d892161cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 23 Feb 2023 11:45:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Aug 2017 21:26:05 GMT
Server
nginx
ETag
W/"598394ed-109bd"
Transfer-Encoding
chunked
Content-Type
text/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Fri, 24 Feb 2023 11:45:03 GMT
showads.js
www.onlinepc.ch/static/all/javascript/showads/ 		153 B
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/static/all/javascript/showads/showads.js
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f88d44454463290f5126b50e973b6c32b5e340e5d2717d8da0677e035a4d8924

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
gzip
last-modified
Tue, 03 Apr 2018 12:44:09 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"99-568f110093840-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
149
onlinepc.ch_15738.js
ads.vidoomy.com/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/onlinepc.ch_15738.js
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
032847763403de7c70cd79ece6446ca463e3228f171a92a285da989ea9d19971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:03 GMT
Server
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
tag
a.teads.tv/page/90032/ 		720 B
788 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/90032/tag
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6dea4d5b3cac05a417c5a1f855bda842303ab1467932ba4c605473f42dc9b46f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
446
expires
Thu, 23 Feb 2023 12:45:03 GMT
opc-logo-klein.png
www.onlinepc.ch/img/1/0/6/6/1/7/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/0/6/6/1/7/opc-logo-klein.png
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2e62701a8960993b59b03e6845015081a12abe943bd2f1d08fed0260b0765a91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Wed, 29 Dec 2021 16:52:06 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"814-5d44bc2007980"
content-length
2068
content-type
image/png
opc-logo-mobile.png
www.onlinepc.ch/img/1/0/6/6/1/7/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/0/6/6/1/7/opc-logo-mobile.png
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5cd2e99083b8c16e96511189af9bd4e2aaf771ea3d62ffe756105c765019c243

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Wed, 29 Dec 2021 16:52:05 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"998-5d44bc1f13740"
content-length
2456
content-type
image/png
ahvfake_w960_h769.jpg
www.onlinepc.ch/img/1/7/0/0/8/6/7/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/7/0/0/8/6/7/ahvfake_w960_h769.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
47a8dfabca2f8d1e2ec019f70dec67f914c4b5d8b392c4ac63610346b5f02f82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Thu, 23 Feb 2023 10:11:18 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"11453-5f55b3bd1fd80"
content-length
70739
content-type
image/jpeg
ahvfake_w915_h365.jpg
www.onlinepc.ch/img/1/7/0/0/8/6/7/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/7/0/0/8/6/7/ahvfake_w915_h365.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6d47ea57f6215c107b29113e794fb0c1246cf9a9684dc42df06e0037d9075b51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Thu, 23 Feb 2023 10:11:18 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"a797-5f55b3bd1fd80"
content-length
42903
content-type
image/jpeg
foto1_w57_h57.jpg
www.onlinepc.ch/img/5/3/5/4/2/6/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/5/3/5/4/2/6/foto1_w57_h57.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4cf72a9925ae071c1bf2a8ae662d3921f3bcaff6c8f8dc9578a8faba28ead7aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Thu, 16 Jun 2022 07:42:16 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"449-5e18bc6d36600"
content-length
1097
content-type
image/jpeg
outbrain.js
widgets.outbrain.com/ 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
89123b6cafaa1881ad98a6602abd22a285be12889815b7494c53bbce73f1cd42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
gzip
last-modified
Wed, 22 Feb 2023 11:49:44 GMT
etag
"13-0KZegIqto12UPMZ/GMrF/XPtTqM"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14500
access-control-allow-credentials
false
x-traceid
ec29e1a89a0496d96a9fb1c70c2a6c36
timing-allow-origin
*, *
content-length
71692
access-control-request-headers
X-OB-STG,X-OB-PRD
Internet_Archive_Teaser_w170_h140.jpg
www.onlinepc.ch/img/1/7/0/0/6/5/4/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/7/0/0/6/5/4/Internet_Archive_Teaser_w170_h140.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2be2329c944bd20bcab9ef7ca1c4e1d3acf16f0599bcb5f759a20f99fe70c40e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Wed, 22 Feb 2023 11:14:37 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1031-5f548006ac140"
content-length
4145
content-type
image/jpeg
Drohne_Echo-fd1d302e5e0cddee_w170_h140.jpg
www.onlinepc.ch/img/1/7/0/0/1/0/7/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/7/0/0/1/0/7/Drohne_Echo-fd1d302e5e0cddee_w170_h140.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b17d52df8e06d73030e2a943fde2da8e84ef0dd36bcf478110974c66fd9190c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Mon, 20 Feb 2023 10:41:26 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"14a4-5f51f4e0fc180"
content-length
5284
content-type
image/jpeg
Adobe_Logo_Teaser_w170_h140.jpg
www.onlinepc.ch/img/1/7/0/0/4/8/6/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/7/0/0/4/8/6/Adobe_Logo_Teaser_w170_h140.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
bf642ca9c8b984b1a730c8f26428a17f4688c1f153a0d054873abe8eff5e6041

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Tue, 21 Feb 2023 17:32:16 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"be3-5f53929284800"
content-length
3043
content-type
image/jpeg
Microsoft_Satya_Nadella_w170_h140.jpg
www.onlinepc.ch/img/1/7/0/0/7/8/1/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/7/0/0/7/8/1/Microsoft_Satya_Nadella_w170_h140.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a935d6e6d77125e243d726875fc3e321f9df7f8b2a6a47b9555993e89a65ccf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Wed, 22 Feb 2023 16:29:11 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"fc1-5f54c656523c0"
content-length
4033
content-type
image/jpeg
Vetterli-Markus-iWay-CEO_w170_h140.jpg
www.onlinepc.ch/img/1/7/0/0/7/8/3/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/7/0/0/7/8/3/Vetterli-Markus-iWay-CEO_w170_h140.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c1c15ca7bbcfae21c26ce996b8669d92b4f5b0a12ba9713389ebd0eea4722a8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Wed, 22 Feb 2023 16:29:10 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"d74-5f54c6555e180"
content-length
3444
content-type
image/jpeg
newsletter_test.png
www.onlinepc.ch/img/1/0/6/6/1/7/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/0/6/6/1/7/newsletter_test.png
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a205b7c9729e477a3e2f20c2f7b1380da03176c008161d1cf61862cfdca21979

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Wed, 29 Dec 2021 16:52:05 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1742c-5d44bc1f13740"
content-length
95276
content-type
image/png
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116332
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
J9836AY29PB26ZR1
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
dPwF5MuiEQ1QjfWkP88qT6juCQvdRMsJ9NYniEuoRAcKe4AD4MXnrMnmVZvwK4/5PR2qccLMZJ0=
sdk.js
connect.facebook.net/en_US/ 		300 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=1ef0734f3fcb224b32a3391ddb082f5f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
05512b3243270ffb35d8964b37293eb62b7ad4dcc79494555160eb37a690f8a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.onlinepc.ch/
Origin
https://www.onlinepc.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Feb 2023 11:45:03 GMT
content-md5
IVRrE1VgicuReXX62lE1Dw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87022
x-fb-rlafr
0
x-fb-debug
2MC3K5mc3WOyQ1/Y3PQhnlaTMwt/xDas79bB6l7hXIEcGY9RERhVqiP6nOS0JuWGTeBunu7Yl5Xia8UhOi85Tg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
c3f83d2580619c7f3b369157ace372a9
cross-origin-opener-policy
same-origin-allow-popups
etag
"21486dd0e2d3ac5d82dbbc2654dc6c18"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Fri, 23 Feb 2024 10:01:34 GMT
pubads_impl_2023022102.js
securepubads.g.doubleclick.net/gpt/ 		383 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
657ce65f87e54b2a6c1bc0db7a92f6c8a5dfa40906a7da8b7a897741ff32d3bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinepc.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 22 Feb 2023 15:05:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74372
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132325
x-xss-protection
0
last-modified
Tue, 21 Feb 2023 21:18:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Feb 2024 15:05:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		92 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.onlinepc.ch
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23604d207127f6b1cb6b56f6a49b343f30dc1305e84db3f72e922008693b6d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65
x-xss-protection
0
expires
Thu, 23 Feb 2023 11:45:03 GMT
script.js
widgets.getsitecontrol.com/190585/ 		52 B
874 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.getsitecontrol.com/190585/script.js
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
54456556640a2a051e8222dc7e15f43dad3c80560b704b291bb2596d7c0be418

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
br
cdn-edgestorageid
860
x-amz-request-id
NT2678TH7S6YE952
cdn-cachedat
02/22/2023 20:43:13
cdn-pullzone
44619
x-amz-id-2
r1MAzOOr5TB+O7stSeQzf2o70K7x5R64JTQ+27U9L5DJHv/R2tqBT3KYzGJJDkXFGlqhvhG1Y3BBtZ/nb/ewog==
last-modified
Sat, 08 May 2021 12:00:32 GMT
server
BunnyCDN-DE1-1079
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"93f9ee5edf5c91b9205e916cb4d6ddc7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
cdn-requestid
2ae9b96d127a1e5bc85f0e4be4809a7f
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
internet
onlinepc-ssl.wemfbox.ch/cgi-bin/ivw/CP/ 		0
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Feb 2023 11:12:19 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1964
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 23 Feb 2023 13:12:19 GMT
AnonymousPro-Regular.ttf
www.onlinepc.ch/static/fonts/Anonymous_Pro/ 		154 KB
155 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/static/fonts/Anonymous_Pro/AnonymousPro-Regular.ttf
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6a3502f45cd580a77e61ac5eec75a7ea699c27e295596806b514d3a04d89165b

Request headers

Referer
https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Origin
https://www.onlinepc.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Tue, 20 Jun 2017 06:25:16 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"26980-5525e50968b00"
content-length
158080
content-type
font/ttf
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.onlinepc.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.onlinepc.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		795 B
959 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681621976889299&correlator=1062550628688452&eid=31072020%2C31072028%2C31072517%2C31072624&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=21615746714%2COPC_D_Artikel_Leaderboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C960x90%7C728x90%7C468x60&ifi=1&adks=3145639237&sfv=1-0-40&cust_params=URL%3D%252Finternet%252Fsicherheit%252Ffake-website-ahv-kr%26CATEGORY%3DInternet%26TAGS%3DSicherheit%252CSchweiz&sc=1&cookie_enabled=1&abxe=1&dt=1677152703686&lmt=1677152703&dlt=1677152703360&idt=277&adxs=315&adys=55&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&frm=20&vis=1&psz=970x0&msz=970x0&fws=4&ohw=1600&ga_vid=59556593.1677152704&ga_sid=1677152704&ga_hid=1469000496&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dfdf868102c3fd3d0d63cb7076e38e485389ea096873f44a0a6ce1ae82dec5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
449
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B81 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinepc.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Feb 2023 11:45:03 GMT
expires
Fri, 23 Feb 2024 11:45:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681621976889299&correlator=1062550628688452&eid=31072020%2C31072028%2C31072517%2C31072624&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=21615746714%2COPC_D_Artikel_Skyrechts&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600%7C160x600%7C300x600%7C300x1050&ifi=2&adks=3321520152&sfv=1-0-40&cust_params=URL%3D%252Finternet%252Fsicherheit%252Ffake-website-ahv-kr%26CATEGORY%3DInternet%26TAGS%3DSicherheit%252CSchweiz&sc=1&cookie_enabled=1&abxe=1&dt=1677152703708&lmt=1677152703&dlt=1677152703360&idt=277&adxs=1320&adys=70&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&frm=20&vis=1&psz=120x0&msz=120x0&fws=4&ohw=1600&ga_vid=59556593.1677152704&ga_sid=1677152704&ga_hid=1469000496&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0ece19f34d050ad12d9ae4268b8f6ae6603207e0189b9b72d38ce2c7b762795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12797
x-xss-protection
0
google-lineitem-id
4979038978
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138263805427
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681621976889299&correlator=1062550628688452&eid=31072020%2C31072028%2C31072517%2C31072624&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=21615746714%2COPC_D_Artikel_Skylinks&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600%7C160x600%7C300x600&ifi=3&adks=3249536413&sfv=1-0-40&cust_params=URL%3D%252Finternet%252Fsicherheit%252Ffake-website-ahv-kr%26CATEGORY%3DInternet%26TAGS%3DSicherheit%252CSchweiz&sc=1&cookie_enabled=1&abxe=1&dt=1677152703716&lmt=1677152703&dlt=1677152703360&idt=277&adxs=160&adys=71&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&frm=20&vis=1&psz=120x0&msz=120x0&fws=4&ohw=1600&ga_vid=59556593.1677152704&ga_sid=1677152704&ga_hid=1469000496&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa95d7059d288444480c0a93416bab60c0263a5cf39762c564404749872e05d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9438
x-xss-protection
0
google-lineitem-id
4897124331
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138254907588
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
OpenSans-Light.ttf
www.onlinepc.ch/static/fonts/OpenSans/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/static/fonts/OpenSans/OpenSans-Light.ttf
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2289b94b0f245d3078128fbdd2a5c59648ddd94ac1a7dd749b2375596ac8d562

Request headers

Referer
https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Origin
https://www.onlinepc.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Fri, 18 Jan 2019 06:57:18 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"6bd4-57fb605954f80"
content-length
27604
content-type
font/ttf
/
tt.onthe.io/uniques/ 		33 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/uniques/?current=23&holding=6360bc465d234fd64f819d34a25bf7ff&hash_user=598b2d04d.30400843e_1677152703733
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/oLDUTwtgFj1C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.52.114.40.188.clients.your-server.de
Software
nginx /
Resource Hash
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:04 GMT
Server
nginx
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
33
Expires
Thu, 01 Jan 1970 00:00:01 GMT
opc-logo-gross.png
www.onlinepc.ch/img/1/0/6/6/1/7/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/0/6/6/1/7/opc-logo-gross.png
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a2e448fdefe983611c04c00698403d210ee20e53f388f4446f15300fd5fcea5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Wed, 29 Dec 2021 16:52:06 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"2229-5d44bc2007980"
content-length
8745
content-type
image/png
fontawesome-webfont.woff2
www.onlinepc.ch/static/fonts/FontAwesome/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/static/fonts/FontAwesome/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/static/serverside/css.php/opc.scss?timestamp=1644595648
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://www.onlinepc.ch/static/serverside/css.php/opc.scss?timestamp=1644595648
Origin
https://www.onlinepc.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Tue, 20 Jun 2017 06:25:17 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"118d8-5525e50a5cd40"
content-length
71896
content-type
font/woff2
OpenSans-Semibold.ttf
www.onlinepc.ch/static/fonts/OpenSans/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/static/fonts/OpenSans/OpenSans-Semibold.ttf
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
74461248f0a3edd43acbe67fbd98bb8bc6f26bb6b2e8b948c4757724717bde5c

Request headers

Referer
https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Origin
https://www.onlinepc.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Fri, 18 Jan 2019 06:57:18 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"6b68-57fb605954f80"
content-length
27496
content-type
font/ttf
OpenSans-Bold.ttf
www.onlinepc.ch/static/fonts/OpenSans/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/static/fonts/OpenSans/OpenSans-Bold.ttf
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0782a52179d0e25f19c39b43253795b25787d65abdbd8bfa38be0f21a4512748

Request headers

Referer
https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Origin
https://www.onlinepc.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Fri, 18 Jan 2019 06:57:18 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"6e20-57fb605954f80"
content-length
28192
content-type
font/ttf
OpenSans-Italic.ttf
www.onlinepc.ch/static/fonts/OpenSans/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/static/fonts/OpenSans/OpenSans-Italic.ttf
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5bb89190761d74983e9c9f7984657e05929702c0332f2ed5a5b4b6fd8ce067a4

Request headers

Referer
https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Origin
https://www.onlinepc.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Fri, 18 Jan 2019 06:57:18 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"6220-57fb605954f80"
content-length
25120
content-type
font/ttf
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681621976889299&correlator=1062550628688452&eid=31072020%2C31072028%2C31072517%2C31072624&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=21615746714%2COPC_D_Artikel_Wideboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C940x250%7C994x250%7C728x90%7C940x90%7C940x300&ifi=4&adks=2838881479&sfv=1-0-40&cust_params=URL%3D%252Finternet%252Fsicherheit%252Ffake-website-ahv-kr%26CATEGORY%3DInternet%26TAGS%3DSicherheit%252CSchweiz&sc=1&cookie_enabled=1&abxe=1&dt=1677152703761&lmt=1677152703&dlt=1677152703360&idt=277&adxs=315&adys=272&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&frm=20&vis=1&psz=970x0&msz=970x0&fws=4&ohw=1600&ga_vid=59556593.1677152704&ga_sid=1677152704&ga_hid=1469000496&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
354d430ec0c10e1f936f1b49e7330c05577194ff48af3e74ea82b87d6630a6cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9800
x-xss-protection
0
google-lineitem-id
4897124331
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138254935412
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
OpenSans-LightItalic.ttf
www.onlinepc.ch/static/fonts/OpenSans/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/static/fonts/OpenSans/OpenSans-LightItalic.ttf
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7c49e7ed12bb0f16ebb5801e3f43d5fd20bb69a5b94f61dea1efebe37f6b53be

Request headers

Referer
https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Origin
https://www.onlinepc.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Fri, 18 Jan 2019 06:57:18 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"6170-57fb605954f80"
content-length
24944
content-type
font/ttf
OpenSans-Regular.ttf
www.onlinepc.ch/static/fonts/OpenSans/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/static/fonts/OpenSans/OpenSans-Regular.ttf
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
927658fe940c899225567ad7885c40a7871dee09c2b9f00d31f7ca62d1f424fc

Request headers

Referer
https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Origin
https://www.onlinepc.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Fri, 18 Jan 2019 06:57:18 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"6778-57fb605954f80"
content-length
26488
content-type
font/ttf
AnonymousPro-Italic.ttf
www.onlinepc.ch/static/fonts/Anonymous_Pro/ 		141 KB
142 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.onlinepc.ch/static/fonts/Anonymous_Pro/AnonymousPro-Italic.ttf
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4edf8bccd2b5a6eac4427ca26047da43d47ea268483e7b06d4e870eff33f1123

Request headers

Referer
https://www.onlinepc.ch/static/serverside/css.php/opc-fonts.scss?timestamp=1644595648
Origin
https://www.onlinepc.ch
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Tue, 20 Jun 2017 06:25:16 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"23484-5525e50968b00"
content-length
144516
content-type
font/ttf
ads
securepubads.g.doubleclick.net/gampad/ 		584 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681621976889299&correlator=1062550628688452&eid=31072020%2C31072028%2C31072517%2C31072624&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=21615746714%2COPC_D_Artikel_Content&enc_prev_ius=%2F0%2F1&prev_iu_szs=600x300%7C300x250%7C336x280&ifi=5&adks=43290140&sfv=1-0-40&cust_params=URL%3D%252Finternet%252Fsicherheit%252Ffake-website-ahv-kr%26CATEGORY%3DInternet%26TAGS%3DSicherheit%252CSchweiz&sc=1&cookie_enabled=1&abxe=1&dt=1677152703802&lmt=1677152703&dlt=1677152703360&idt=277&adxs=330&adys=2396&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&frm=20&vis=1&psz=619x0&msz=619x0&fws=4&ohw=1600&ga_vid=59556593.1677152704&ga_sid=1677152704&ga_hid=1469000496&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62decd6acca41ca95c6424e00f62f9955d4a1a1ab0696d73fba05eef988c19eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
304
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Vetterli-Markus-iWay-CEO_w300_h250.jpg
www.onlinepc.ch/img/1/7/0/0/7/8/3/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/7/0/0/7/8/3/Vetterli-Markus-iWay-CEO_w300_h250.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f180cac1d519ddf64ea6f43c0f00d7eef60fa90ee9ecd6664f2e0f0c5ae82e37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Wed, 22 Feb 2023 16:29:10 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"2097-5f54c6555e180"
content-length
8343
content-type
image/jpeg
twint_onlineshopping_de_w300_h250.jpg
www.onlinepc.ch/img/1/7/0/0/4/0/7/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/7/0/0/4/0/7/twint_onlineshopping_de_w300_h250.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
46e0e1da2207bbe6cd03d6f56eab64723dc872d00ad2b59f28994e0acb383d53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Tue, 21 Feb 2023 13:11:09 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"3acd-5f5358354d540"
content-length
15053
content-type
image/jpeg
FraunhoferQuantID_w300_h250.jpg
www.onlinepc.ch/img/1/7/0/0/4/9/6/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/7/0/0/4/9/6/FraunhoferQuantID_w300_h250.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
afe9372ec3e19170c0cf096cc7dbb08dc0bdd348aaa90e70f4f49d43f3a65c31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Tue, 21 Feb 2023 19:46:02 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"2d62-5f53b078b5280"
content-length
11618
content-type
image/jpeg
Bildschirmfoto_2023-02-20_um_10.55.05_w300_h250.jpg
www.onlinepc.ch/img/1/7/0/0/4/2/3/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/7/0/0/4/2/3/Bildschirmfoto_2023-02-20_um_10.55.05_w300_h250.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5dcac0dfeb8ab048f8021531edaaf36ecb0a881dc0bd7ba88a15c85019a65b73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Tue, 21 Feb 2023 13:19:49 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a2a-5f535a2536740"
content-length
6698
content-type
image/jpeg
ads
securepubads.g.doubleclick.net/gampad/ 		553 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681621976889299&correlator=1062550628688452&eid=31072020%2C31072028%2C31072517%2C31072624&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=21615746714%2COPC_D_Artikel_Content2&enc_prev_ius=%2F0%2F1&prev_iu_szs=600x300%7C300x250%7C336x280&ifi=6&adks=2194113323&sfv=1-0-40&cust_params=URL%3D%252Finternet%252Fsicherheit%252Ffake-website-ahv-kr%26CATEGORY%3DInternet%26TAGS%3DSicherheit%252CSchweiz&sc=1&cookie_enabled=1&abxe=1&dt=1677152703850&lmt=1677152703&dlt=1677152703360&idt=277&adxs=330&adys=3101&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&frm=20&vis=1&psz=619x0&msz=619x0&fws=4&ohw=1600&ga_vid=59556593.1677152704&ga_sid=1677152704&ga_hid=1469000496&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f35d82c36940b3e266b727d736ade6f815e8ae991bf4cceae7f33c3cad0c837a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
nmgz_cs.js
images.intellitxt.com/ast/js/PID_20526/ 		689 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.intellitxt.com/ast/js/PID_20526/nmgz_cs.js
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcf7f04d906c56a68263fc6bb670d2cd427a6bfeed6e7d7f39d09a7e85644496

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 04:27:08 GMT
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified
Mon, 10 Feb 2020 09:29:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
201328
etag
"2fa5f444704c8acd370b7c78f51a6b63"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
689
x-amz-cf-id
GaFly9AG-61sh-VQR_WMfTFCaISSNgK2S7ihiUUgdKZPGoB8Pwk1HQ==
ads
securepubads.g.doubleclick.net/gampad/ 		549 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681621976889299&correlator=1062550628688452&eid=31072020%2C31072028%2C31072517%2C31072624&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=21615746714%2COPC_D_Artikel_MPU1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=7&adks=2401145336&sfv=1-0-40&cust_params=URL%3D%252Finternet%252Fsicherheit%252Ffake-website-ahv-kr%26CATEGORY%3DInternet%26TAGS%3DSicherheit%252CSchweiz&sc=1&cookie_enabled=1&abxe=1&dt=1677152703858&lmt=1677152703&dlt=1677152703360&idt=277&adxs=970&adys=292&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=59556593.1677152704&ga_sid=1677152704&ga_hid=1469000496&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddc8e721a8d1bc70e6be80f2439d0df0f16d8d2a0021bb6c0467a46a2ff71d70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
283
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		551 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681621976889299&correlator=1062550628688452&eid=31072020%2C31072028%2C31072517%2C31072624&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=21615746714%2COPC_D_Artikel_MiniAd1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C300x140&ifi=8&adks=4212805186&sfv=1-0-40&cust_params=URL%3D%252Finternet%252Fsicherheit%252Ffake-website-ahv-kr%26CATEGORY%3DInternet%26TAGS%3DSicherheit%252CSchweiz&sc=1&cookie_enabled=1&abxe=1&dt=1677152703868&lmt=1677152703&dlt=1677152703360&idt=277&adxs=970&adys=312&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=59556593.1677152704&ga_sid=1677152704&ga_hid=1469000496&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e553520f6bdde8f4edfd998cce3583a4d4999de51e9b24208116b84b1a20fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
282
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
opc-newsletter.png
www.onlinepc.ch/static/images/opc/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/static/images/opc/opc-newsletter.png
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/static/serverside/css.php/opc.scss?timestamp=1644595648
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6816996e2b893f613c4e559569fef68d6e04597871446f3f2e42f80ba58c3765

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/static/serverside/css.php/opc.scss?timestamp=1644595648
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Thu, 26 Apr 2018 21:16:00 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"2d21-56ac6e4e78400"
content-length
11553
content-type
image/png
OPPO_Find_N2_Flip_triple_black_purple_w67_h56.jpg
www.onlinepc.ch/img/1/6/9/9/4/7/8/ 		923 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/6/9/9/4/7/8/OPPO_Find_N2_Flip_triple_black_purple_w67_h56.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
25aaad467cdcdd392c18289996c11934f2f75ad69cd6dbb445c3d0d27da469d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Wed, 15 Feb 2023 21:20:32 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"39b-5f4c3a6746800"
content-length
923
content-type
image/jpeg
Changelog_w67_h56.jpg
www.onlinepc.ch/img/1/6/9/9/5/9/6/ 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/6/9/9/5/9/6/Changelog_w67_h56.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
78e28273ea4d562d76e1af653c76f12e919bb7e2062c372e8e8008dafd4bf8de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Thu, 16 Feb 2023 10:44:45 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"3a2-5f4cee28ec140"
content-length
930
content-type
image/jpeg
phishing-3390518_1920_w67_h56.jpg
www.onlinepc.ch/img/1/7/0/0/1/2/5/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/7/0/0/1/2/5/phishing-3390518_1920_w67_h56.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d09f84c34ab4d374f53db08a7081622db98d8b6a287598d8a0fe577ff9277fc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Mon, 20 Feb 2023 10:54:30 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"499-5f51f7ccaa580"
content-length
1177
content-type
image/jpeg
20160420WordDatumSerienbriefTeas_w67_h56.jpg
www.onlinepc.ch/img/9/8/4/3/3/6/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/9/8/4/3/3/6/20160420WordDatumSerienbriefTeas_w67_h56.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
848e123a2428512f3fad3be4d8a358fc01962f4913f35607db6513acfa04073a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Wed, 29 Dec 2021 17:10:25 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"789-5d44c0381e240"
content-length
1929
content-type
image/jpeg
FTTS_FTTC_FTTB_FTTH_Prinzip_web_w67_h56.jpg
www.onlinepc.ch/img/1/6/9/8/9/9/5/ 		892 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/6/9/8/9/9/5/FTTS_FTTC_FTTB_FTTH_Prinzip_web_w67_h56.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a99083f6af7e983130c6040b095527906ed69db5bb7ed29bd5476ec7612906cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Mon, 13 Feb 2023 21:01:11 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"37c-5f49b259233c0"
content-length
892
content-type
image/jpeg
Handy_googeln_w67_h56.jpg
www.onlinepc.ch/img/9/6/3/0/2/5/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/9/6/3/0/2/5/Handy_googeln_w67_h56.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7e562d1a87f2d91f6e06f6f1361d282f934370dab3e5984b9daf04b37d9253d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Wed, 29 Dec 2021 14:10:52 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"917-5d4498162f300"
content-length
2327
content-type
image/jpeg
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1469000496&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&ul=en-us&de=UTF-8&dt=Fake-Website%20der%20AHV%20will%20Kreditkartendaten%20-%20onlinepc.ch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=1124935860&gjid=382984444&cid=59556593.1677152704&tid=UA-28032870-1&_gid=796581085.1677152704&_r=1&_slc=1&cd1=inactive&cm1=0&z=1276748913
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onlinepc.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.onlinepc.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
d3d3Lm9ubGluZXBjLmNo
tcheck.outbrainimg.com/tcheck/check/ 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3Lm9ubGluZXBjLmNo
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 23 Feb 2023 11:45:04 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=14001
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
fe0025188b80df727f1a95ff09a24ee3
Content-Length
16
Expires
Thu, 23 Feb 2023 15:38:25 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Sat, 25 Mar 2023 11:45:03 GMT
date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
Packshot-MS-DOS-6-22-493x370-4d5a17fd69b3c13d_w67_h56.jpg
www.onlinepc.ch/img/1/6/9/9/1/1/0/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/6/9/9/1/1/0/Packshot-MS-DOS-6-22-493x370-4d5a17fd69b3c13d_w67_h56.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2425c78aad6b94782694a0e7d68d09a11cf06bdd7d1481c1ea7dfbd00e4e9171

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Tue, 14 Feb 2023 10:44:13 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"6df-5f4a6a4f7b940"
content-length
1759
content-type
image/jpeg
IKEA_VINDSTYRKA_PE882694-82b51d65-potm-desktop_w67_h56.jpg
www.onlinepc.ch/img/1/6/9/9/5/8/7/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/6/9/9/5/8/7/IKEA_VINDSTYRKA_PE882694-82b51d65-potm-desktop_w67_h56.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
950fd46d2bc2bcd090e764e0c17e43c2704caff2d3cb626d7f08eca854e7c19a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Thu, 16 Feb 2023 10:51:22 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"560-5f4cefa387e80"
content-length
1376
content-type
image/jpeg
iPhone_X_Teaser_w67_h56.jpg
www.onlinepc.ch/img/9/8/6/6/0/1/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/9/8/6/6/0/1/iPhone_X_Teaser_w67_h56.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0960280b6290ce6f7efc642d34e8fa7e6e3d297ff0c2199ccb4a594269275b27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Wed, 29 Dec 2021 13:35:57 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"77a-5d4490483c940"
content-length
1914
content-type
image/jpeg
TELKO_w67_h56.jpg
www.onlinepc.ch/img/1/6/9/9/9/7/2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/6/9/9/9/7/2/TELKO_w67_h56.jpg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
19692a61dcf1339eb382161e3b77b69a2987d652e202a16ee929eadeab190be1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
last-modified
Sun, 19 Feb 2023 19:06:52 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"536-5f5123fca6b00"
content-length
1334
content-type
image/jpeg
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.onlinepc.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.onlinepc.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		329 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681621976889299&correlator=1062550628688452&eid=31072020%2C31072028%2C31072517%2C31072624&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=21615746714%2COPC_D_Artikel_MiniAd2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C300x140&ifi=9&adks=1473151802&sfv=1-0-40&cust_params=URL%3D%252Finternet%252Fsicherheit%252Ffake-website-ahv-kr%26CATEGORY%3DInternet%26TAGS%3DSicherheit%252CSchweiz&sc=1&cookie=ID%3D4a2439012ab9d2f1%3AT%3D1677152703%3AS%3DALNI_MbFuON-niYqJsOZIJS9_EgXr07EvQ&gpic=UID%3D00000bbb09587311%3AT%3D1677152703%3ART%3D1677152703%3AS%3DALNI_Mb1puwCWpqREm2JTOKOOuvJU8OS_A&abxe=1&dt=1677152703967&lmt=1677152703&dlt=1677152703360&idt=277&adxs=970&adys=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&psts=AD37Y7uGmguu-rBLIJdnxHEVabf5rD2_yL05q3LEa77KfO5-pyVHEA&ga_vid=59556593.1677152704&ga_sid=1677152704&ga_hid=1469000496&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91e5a0a7c3792065844c3a20b2ca8cf782439b8cc526c9f99f785b679288768a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681621976889299&correlator=1062550628688452&eid=31072020%2C31072028%2C31072517%2C31072624&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=21615746714%2COPC_D_Artikel_MPU2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=10&adks=2008573479&sfv=1-0-40&cust_params=URL%3D%252Finternet%252Fsicherheit%252Ffake-website-ahv-kr%26CATEGORY%3DInternet%26TAGS%3DSicherheit%252CSchweiz&sc=1&cookie=ID%3D4a2439012ab9d2f1%3AT%3D1677152703%3AS%3DALNI_MbFuON-niYqJsOZIJS9_EgXr07EvQ&gpic=UID%3D00000bbb09587311%3AT%3D1677152703%3ART%3D1677152703%3AS%3DALNI_Mb1puwCWpqREm2JTOKOOuvJU8OS_A&abxe=1&dt=1677152703979&lmt=1677152703&dlt=1677152703360&idt=277&adxs=970&adys=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&psts=AD37Y7uGmguu-rBLIJdnxHEVabf5rD2_yL05q3LEa77KfO5-pyVHEA&ga_vid=59556593.1677152704&ga_sid=1677152704&ga_hid=1469000496&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7980b26081745422d7913a06f939c1a2e4ccf1732eafac2e0ab903c9bc8a7d06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12706
x-xss-protection
0
google-lineitem-id
4897265500
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138254971955
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681621976889299&correlator=1062550628688452&eid=31072020%2C31072028%2C31072517%2C31072624&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=21615746714%2COPC_D_Artikel_MPU3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&ifi=11&adks=244544352&sfv=1-0-40&cust_params=URL%3D%252Finternet%252Fsicherheit%252Ffake-website-ahv-kr%26CATEGORY%3DInternet%26TAGS%3DSicherheit%252CSchweiz&sc=1&cookie=ID%3D4a2439012ab9d2f1%3AT%3D1677152703%3AS%3DALNI_MbFuON-niYqJsOZIJS9_EgXr07EvQ&gpic=UID%3D00000bbb09587311%3AT%3D1677152703%3ART%3D1677152703%3AS%3DALNI_Mb1puwCWpqREm2JTOKOOuvJU8OS_A&abxe=1&dt=1677152703987&lmt=1677152703&dlt=1677152703360&idt=277&adxs=970&adys=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&psts=AD37Y7uGmguu-rBLIJdnxHEVabf5rD2_yL05q3LEa77KfO5-pyVHEA&ga_vid=59556593.1677152704&ga_sid=1677152704&ga_hid=1469000496&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a72a5cf4f07413230cea927558111132bf84b2b51b51df62cd182cc53fb4d61a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12684
x-xss-protection
0
google-lineitem-id
4602537324
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138227346023
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		329 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681621976889299&correlator=1062550628688452&eid=31072020%2C31072028%2C31072517%2C31072624&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=21615746714%2COPC_D_Artikel_MiniAd3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C300x140&ifi=12&adks=2194918816&sfv=1-0-40&cust_params=URL%3D%252Finternet%252Fsicherheit%252Ffake-website-ahv-kr%26CATEGORY%3DInternet%26TAGS%3DSicherheit%252CSchweiz&sc=1&cookie=ID%3D4a2439012ab9d2f1%3AT%3D1677152703%3AS%3DALNI_MbFuON-niYqJsOZIJS9_EgXr07EvQ&gpic=UID%3D00000bbb09587311%3AT%3D1677152703%3ART%3D1677152703%3AS%3DALNI_Mb1puwCWpqREm2JTOKOOuvJU8OS_A&abxe=1&dt=1677152704001&lmt=1677152704&dlt=1677152703360&idt=277&adxs=970&adys=1344&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&psts=AD37Y7uGmguu-rBLIJdnxHEVabf5rD2_yL05q3LEa77KfO5-pyVHEA&ga_vid=59556593.1677152704&ga_sid=1677152704&ga_hid=1469000496&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a6fe34be8aedc6af3845f58ceb3771cf294ce86ee852cd787356a853b5963e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F9B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthjCJ0JK9yqSYw2j0iXmJY4OeJpXeEhCJzOqy4MnjS3NdFBlOxAVqgjBnN96daT09-4VYk9K63aC4LXBTklLgrvNc0sdUNWvUXUJ2fjduFhmw5xD-L4tBo2V-qHsimTmKA87xdf8cMeDsZI0wR_0xu5s2Qq76MdIG2M02CyLH-IDst4kUH6CSpWgh7b_kV6HP5cEXeP70JC5cKzu7icXyTkVKYu2D_Fn52hcBh_zxQi2W5AvYfUMGv_YOwyOV7UCfwJ3QX2p9NvNEPiXTTv4agPgLuLWTcQUInKBYvv3CfwlSej8JvERi21jUCspde8y0He87U2tXSPpHMeXXYJw&sai=AMfl-YQfhyeI7J-M0Xfgt8p50zFPksIC_X0WWAmHikToFo3ZTr6fQ4s7qj-xvMVSI3J8UNk-9ax1QcD8zaT1vRkDyHJOcR00OgxM5jHEpJcyEiePVPzQFdCbshk9EmWVqvJfsDNr13Kx7XRNjP7mrpGU&sig=Cg0ArKJSzECrvhJjsH9kEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Feb 2023 11:45:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame F9B6 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 20:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
56203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Mar 2023 20:08:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F9B6 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676996822105882"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Feb 2023 11:45:04 GMT
10056872245911694329
tpc.googlesyndication.com/simgad/ Frame F9B6 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10056872245911694329
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d33e3cdb43e5161aa88e911d45d5206b1f0b5cb5840dcfe262e5fa92504ec07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 06:30:46 GMT
x-content-type-options
nosniff
age
18858
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48253
x-xss-protection
0
last-modified
Wed, 06 Mar 2019 10:21:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 23 Feb 2024 06:30:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A50C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssafSFZrOPTi0Kf2vjQ2Ivzg2neE7iit9LjGMx1E1u2Y803-mz78Ao_dCVdh6bFGETPAsts5M7SVA6F_Fl7hXBu1cb1mM7FU5S9dIzd7asE0KXGQR1Td4PCGbGgpndAZe3kuJ4DpUutPZJBr2_kv0feDkU2or0fariRy4pqwUr-Q9P0ZIGc_knlP72N_tnD4TVc0EjeVyOM6Nnx3pkL92esPBXVhrUgzAVCpXGd2iP-6pE4ky6bq3i-jTmCt2_6lriN2-k-1aPGafPJPLXt-LcpVajcqw_J-RRg5yGvVtPFY2cAxZFXmeUqMdJ_56x-KBXb3c2Llo_pFO93k7Ou&sai=AMfl-YTFiCuV_-CFTzZ3pYYzeSzM_8DiLgwIcDjbIqWGvizY4Ke_dhu5CgP6pHWDnSeGHLXIkUgnzchhpA1XeYRrpVRq66GNWwtRXcjDdrMbgNfcp2IrXZDYSflhh2RLnzlKzrknzzVMajWQOen1lAx5&sig=Cg0ArKJSzC9DoyaGf-u4EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Feb 2023 11:45:04 GMT
ad-tag.js
adnz.co/ Frame A50C 		79 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adnz.co/ad-tag.js?tagId=ee98dc33-2999-4f79-84b3-895596089fdc&ts=1863207956
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d5a7cc696cc787ac4e83b82730b8a1a3bd961c29a2d13f52d224b8e3103d5b0e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4WXrvt7gw%2FP6QNnn2mPr%2B0XCDG3RFMzY%2Fipy44A4xFbZ9gRRDMFJUGBesbKu9ZwJciQyxmOyvKJ%2B5N0IObtfQSOD5dl8B06bc9GIQmG11a4q%2FgVmtdcn6siOgBnHA7SZ0LGgTk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
79dfb690cf742c5f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A50C 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676996822105882"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Feb 2023 11:45:04 GMT
container.html
ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E2A1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinepc.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Feb 2023 11:45:03 GMT
expires
Fri, 23 Feb 2024 11:45:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		326 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681621976889299&correlator=1062550628688452&eid=31072020%2C31072028%2C31072517%2C31072624&output=ldjh&gdfp_req=1&vrg=2023022102&ptt=17&impl=fif&iu_parts=21615746714%2COPC_D_Artikel_OoP&enc_prev_ius=%2F0%2F1&prev_iu_szs=400x400%7C300x250%7C1x1&ifi=13&adks=156902172&sfv=1-0-40&cust_params=URL%3D%252Finternet%252Fsicherheit%252Ffake-website-ahv-kr%26CATEGORY%3DInternet%26TAGS%3DSicherheit%252CSchweiz&sc=1&cookie=ID%3D3c0add707058747a%3AT%3D1677152703%3AS%3DALNI_Mb4dRVK0_hjzExxGXotKUECCuIrPg&gpic=UID%3D00000bbb0a1dab65%3AT%3D1677152703%3ART%3D1677152703%3AS%3DALNI_Mb8JrEhTQS4qPmRF-3r3uQ8aQwLTw&abxe=1&dt=1677152704081&lmt=1677152704&dlt=1677152703360&idt=277&adxs=600&adys=4527&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&psts=AD37Y7uGmguu-rBLIJdnxHEVabf5rD2_yL05q3LEa77KfO5-pyVHEA%2CAD37Y7uICcumgUm8JFR9XKepsfo9Av9aBKfUEFoYT1_uhz9vvDw9p9-fOJsciBAfJ2ooEw1ADPAaAIgdFJCaU0lOQg%2CAD37Y7tBnePS5T78m7KG8avfFMEYkH3jdOEI5yXygPyAJmgCf_Q1C-7MMIJfJyKC8yJv5neeAOlo3BPtcJFTSiZrTw%2CAD37Y7sI7t6NFZIRo8N6c6IECx4CZB5Yq1OouKCQVXagQvsvz_W2NnUQ7asFxc_2h30ZYZDiVXsscYWsMGSREF-7sw&ga_vid=59556593.1677152704&ga_sid=1677152704&ga_hid=1469000496&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ab347aba2bf89f1539fe9955ff85b7c7c98a3f3c9d3a5c288532104a72ebb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
js.srvtrck.com/v1/ 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.srvtrck.com/v1/js?api_key=87e36c1e9cd662d5ec3aa45fe0d2a1ee&site_id=da052b551cc54f92b4459bc211dcbb54
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05de4162e6f9e62152d9f1d28e0dcaf05bf73cadd468867c179fe6f02979d34b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 14:32:04 GMT
server
cloudflare
age
76313
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
p3p
CP="CAO PSA OUR"
cache-control
public, max-age=86400
cf-ray
79dfb690d81237f7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 24 Feb 2023 11:45:04 GMT
truncated
/ Frame F9B6 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3acdcd78319f96c517838464e5e5ea8a2c2450c288f15193f82965cc2a8541ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
teads-format.min.js
a.teads.tv/media/format/v3/ 		596 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/90032/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
890d2445f0a2caf29cf055260df394568f3e6db3fa4b4c87481220420dccf8a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
br
last-modified
Wed, 22 Feb 2023 15:07:44 GMT
x-amz-request-id
49X08MVM38ZQQJD8
etag
"d3042400db308ce8123b0aec94fb2cda"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
c
accept-ranges
bytes
content-length
133231
x-amz-id-2
+KOuWjGUp59QFk+cQrR7ippL4q5+FFVfQgZfG2En6Ym7jvtZua7d+d3rr9/aJL4voUNmqcADtqE=
expires
Thu, 23 Feb 2023 12:15:04 GMT
get
odb.outbrain.com/utils/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&idx=0&rand=43332&key=NANOWDGT01&widgetJSId=SF_1&va=true&et=true&format=html&adblck=false&abwl=false&px=330&py=2816&vpd=1616&cw=620&activeTab=true&ab=0&wl=0&obRecsAbtestVars=1174:3820&settings=true&recs=true&version=2010189&sig=AhHw6ZQ7&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
72f0e247d50e9e97c2a112df8121a8d0ba1ddfe40212fd43228c8b7d3553de1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-timer
S1677152704.147712,VS0,VE195
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21970-LGA, cache-fra-eddf8230034-FRA
x-traceid
47b363cebdcae9a0c4781834ff252902
accept-ranges
bytes
content-length
2963
expires
Thu, 01 Jan 1970 00:00:00 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-152.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=58323
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
fpc
at.teads.tv/ 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_16801&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:04 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.onlinepc.ch
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 23 Feb 2023 11:45:04 GMT
embed.js
onlinepc.disqus.com/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onlinepc.disqus.com/embed.js
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
2d3070eab0ce8f9c67b132be48b896e97135fe9e881aba5064baa2cc5e8588e6
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 23 Feb 2023 11:45:04 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
Server
openresty
Age
0
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
25637
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-555c601305acbe13/ 		198 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-555c601305acbe13/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
023293746b599197936dc1c12fabc1f310c697a4cb330d3eea652468b9c322e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
gzip
etag
-1075060170
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=8, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
173
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=63f751c058d5b55b&bkl=0&bl=1&pdt=253&sid=63f751c058d5b55b&pub=ra-555c601305acbe13&rev=v8.28.8-wp&ln=de&pc=men&cb=0&ab=-&dp=www.pctipp.ch&fp=news%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842616.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1677152704177&jsl=129&uvs=63f751c0a4235a47000&skipb=1&callback=addthis.cbs.jsonp__76114553615204180
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9d47b67180b8ba638f81b41f51e77b970860ca5a6a86055a392c77f0a3ac71dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:04 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 08A9 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 66F6 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.onlinepc.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Thu, 23 Feb 2023 11:45:04 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
client.de.min.json
s7.addthis.com/l10n/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/l10n/client.de.min.json
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-114.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
14884600e50a1b1674027761700ee08ef921fc9fed8e76945e73b5ff9b69b34e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Thu, 23 Feb 2023 11:45:04 GMT
last-modified
Tue, 10 Sep 2019 15:15:17 GMT
server
nginx/1.15.8
etag
W/"5d77be05-df3"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, s-maxage=604800
x-host
s7.addthis.com
timing-allow-origin
*
content-length
1751
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-28032870-1&cid=59556593.1677152704&jid=1124935860&gjid=382984444&_gid=796581085.1677152704&_u=YAhAAEAAAAAAACAAI~&z=837212104
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.onlinepc.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 23 Feb 2023 11:45:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.onlinepc.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
front.asp
k.intellitxt.com/intellitxt/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k.intellitxt.com/intellitxt/front.asp?ipid=91850
Requested by
Host: images.intellitxt.com
URL: https://images.intellitxt.com/ast/js/PID_20526/nmgz_cs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.182.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-182-101.compute-1.amazonaws.com
Software
/ Kormorant
Resource Hash
4bc8764e5970ae09d2e44535e34c70b69ab9046004024182363f0dc4563aa92e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:04 GMT
x-powered-by
Kormorant
vary
*
content-type
application/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
content-length
2025
expires
Fri, 08 Jan 2016 00:00:00 GMT
formats.js
ad.lkqd.net/vpaid/ Frame CC9C 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1677152704.cds258.fr8.hn,1677152704.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame B2A2 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1677152704.cds258.fr8.hn,1677152704.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
auto-user-sync
ads.stickyadstv.com/ 		43 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:04 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1677152704515066-550
Expires
Thu, 23 Feb 2023 11:45:04 GMT
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=67157373.702299011261973607.49676624
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=67157373.702299011261973607.49676624
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3D0accbe7a-1bb8-4173-a569-36cabf0998c...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=f26263f7-51c0-4500-819d-04b3237daec0&expires=30&ssp=vidoomy&bsw_param=0accbe7a-1bb8-4173-a569-36cabf0998ca&gdpr=&gdpr_consent=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=0accbe7a-1bb8-4173-a569-36cabf0998ca
43 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=0accbe7a-1bb8-4173-a569-36cabf0998ca
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Server
52.59.131.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-131-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=0accbe7a-1bb8-4173-a569-36cabf0998ca
date
Thu, 23 Feb 2023 11:45:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E2A1 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
URL: https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:11:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
23593
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Feb 2024 05:11:51 GMT
ad-tag.js
adnz.co/ Frame E2A1 		79 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adnz.co/ad-tag.js?tagId=7a1156e8-3cb0-4a5b-ab42-f70dbef590c9&ts=152021379
Requested by
Host: ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
URL: https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d7fe52725ee90b6c03583a1f2bfb702392fe73adb6c86e7e4760ae7c74f2e662
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XArgwsSVy0pQDRMtbhV%2Bi8vid4idzz5nu%2BlkXeXyrI58r8ZObibkOJsUkk8Nj1kLxenDeMSZZv4tXzE%2FsoSjlOAlQqpXXXoTx2X2ZCa2K6vnHMo914HHao1B%2BOqfVq9wPARRu%2Fo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
79dfb691685a2c5f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E2A1 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
URL: https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676996822105882"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Feb 2023 11:45:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F9B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9m42Hs8gePn-nKnkMpGVovUm_B-X2yATkfZVJUiPz8kgAASlUEjxd6Tm7q7BXDBQ67IFpKucBII3DBMg9Pk89RbVfO8fYwOiRhQ0SssJ6iEW-VfzTzD1JVGtUJx6iMQYAj1bFD76SdsdmRpR8b3n-AEHNgaoiaDdA-J0BAyV5gYaFQnXEz6MJquDkqKVCRxK5RQKVhCm2RgoSJiPoYhRN9hWCykfOQrQqs3sqXgPnyg_PNZjEqlgCOiY8Jb09vbG60NJrFP6tnqIN26GYkFoPjUe4a9PpMka8Rx9kiDg709lwQqPG62oUps2MPpZP6Nj4-5uYv-7QDHBfXlco9c6l&sai=AMfl-YSRXVHftCf001ufjwm-h1PazZ5-4JUk80OYurX59ZuFr5cEBBIVpQK04i48M3_sHcZKfjGwgrv-az_bHPcIJWBxwrCQddjwnGvOpkA5XBL-_uH6MFcCPPlv027ZTIKpxMVlD96ojVpJ45m6OFlB&sig=Cg0ArKJSzH772tW_CMMyEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Feb 2023 11:45:04 GMT
publisher.js
adnz.co/dmp/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adnz.co/dmp/publisher.js
Requested by
Host: adnz.co
URL: https://adnz.co/ad-tag.js?tagId=ee98dc33-2999-4f79-84b3-895596089fdc&ts=1863207956
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5599c90089f624e931b62e736d3d8d5026e3303b92e76fb17d0030c8b905c2ef
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx000008fad54d5ba862521-0063f338f5-10d01bd-default
age
1979
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Feb 2023 13:12:16 GMT
server
cloudflare
etag
W/"3e1c9b1599a628b70eed6af1c8013e6e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vN9DV8fVkOZpYzgjXhGdEPWXbiWfY%2FQnkgEoBlDjnaEe5ZJ1SBPY78lBlPQBeGjhBnWCJnWNhaj8SD%2FnOUs3pq5vIjLJczPzdY04%2B1RoGwwxRxBIdm24gWdEcPhgfyBt6%2F9Gx%2Fw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
x-rgw-object-type
Normal
cache-control
public, max-age=1800
access-control-allow-credentials
true
cf-ray
79dfb691b91b9a2d-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
v3
ib.adnxs.com/ut/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,pragma,x-is-test
Access-Control-Request-Method
POST
Origin
https://www.onlinepc.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

AN-X-Request-Uuid
3db3bea1-856b-4435-bfa2-cabffe61b14b
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
cache-control,content-type,pragma,x-is-test
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
https://www.onlinepc.ch
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Thu, 23 Feb 2023 11:45:04 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 082A 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adnz.co
URL: https://adnz.co/ad-tag.js?tagId=ee98dc33-2999-4f79-84b3-895596089fdc&ts=1863207956
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b58adfc8c469954318cf589569676e6affe4a2813307810803e4c361d0454427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26491
x-xss-protection
0
server
sffe
etag
"1491 / 800 of 1000 / last-modified: 1677107120"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Feb 2023 11:45:04 GMT
v3
ib.adnxs.com/ut/ Frame A50C 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3
Requested by
Host: adnz.co
URL: https://adnz.co/ad-tag.js?tagId=ee98dc33-2999-4f79-84b3-895596089fdc&ts=1863207956
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7c0f42ef8bd048760af925d3e49a45f9d2c37493ad339388579b325aca098e8b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

pragma
no-cache
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
cache-control
no-cache
Referer
https://www.onlinepc.ch/
X-Is-Test
0

Response headers

Date
Thu, 23 Feb 2023 11:45:04 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f9c31e87-678c-4483-9eb0-19508ab58cab
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.onlinepc.ch
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame A50C 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e11ff4994eb834c21f0fdc5d36cf8f570938db856c84e28febd1598b54b84cfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame A50C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGAwO76eAnKQStXCev7MxX56xCN6ZsGkq_ezqIJO4YI7xLaJh2pYvTYltkHY2M-Ol1TiB-uVbV0rVSLsJmo2sb7-7tU9pqJRhZmTUMhvFq1MhEPRcrrEeH1DQR7XwSB_d44DNQlHfjoM5fsxGwmQHiI5XUt7mHCKcb1dpZKI0iMeZq58gCwIPsOtPnlJqVodbF2gJrIo7F8o4Ipvg_wzLtZMdXRwQx3RbW5XXfctrwhLrwNj8JDiNtH4BUow57XwRp6yoMDEX0LlsBNDnso7A-qCf_VeKFFQQiAxwllg-RnkXQO0LM8thjVje7uySDK2jCjjIYLNNEE_2Nrtujep0&sai=AMfl-YRptCPXGuB0SkNdRb8SwzqyjsRAOpy46faGbKfW2tAWDJ9DprwZtqY8Gtq9oTOniiz9cTmMDmYBh8DtVnDcdEmjgyECfZvpKVWgh84x_OyM84JzjeIRXq__zMc86aqyOQdduWL5XSzWF5kdSn91&sig=Cg0ArKJSzB4aDibUPj6jEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Feb 2023 11:45:04 GMT
hjdebh67699dwnjldw00.js
dnlgm0m0r44nl.cloudfront.net/abp/ 		20 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dnlgm0m0r44nl.cloudfront.net/abp/hjdebh67699dwnjldw00.js
Requested by
Host: js.srvtrck.com
URL: https://js.srvtrck.com/v1/js?api_key=87e36c1e9cd662d5ec3aa45fe0d2a1ee&site_id=da052b551cc54f92b4459bc211dcbb54
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-104.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7516842ff556ff708e84893bf1006bf21e38f04a3374d64b64fb4db461b8c49c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 23 Feb 2023 05:17:25 GMT
Via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
Last-Modified
Mon, 24 Nov 2014 16:56:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
23260
ETag
"1db728e2d3216682f555d0c1e5b1127c"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20
X-Amz-Cf-Id
_uovp4KNRAmT4W1iqLNSHU3MubJOssHLPDRr4X7unf8jTiwcLVmfkQ==
view
securepubads.g.doubleclick.net/pcs/ Frame A436 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmm9M7nZfrWxnwOB2SgN19DhIzNlgJK3x-8wC4i9Mjag0jGtK3TgxizFpCMjD4YLasPxzdwO7jfE-PGes9UzG3MazKdOBYoN1I5D9tY5UIgFX9wGN-vdCcWqfkCc6tapskCLje_c7kRjeO6Er0sB592YxIBuD_yrfInygbzrpz2ZbGXeN17Jx5MxanAmxkTznwVT5JdQ3f4JnAgZYUAf5Mww48uHIO2XGl3GT16oFcHk0IdTZChFApAxyEiN6ouyvFqgAE5Hg3G-Yx9UdEmRbxzLeJmbKzJ0n4ey6BlwlvTiy3-75gAJr7jCL278uP1qOoM25NlIsi09s&sai=AMfl-YQDS9M3CoEazI5YuD5CvTNYQiTqzhXrHwfqhzSi1c4UhilfqVh_3fvfWBGkCFhP7Gf6ss8Q7FoNNJ6Cbz0Yn-P0pENCwcdI6h0NOQfJY7JBAW13NDPFlIwRPl89Tw&sig=Cg0ArKJSzFZu3BQWje_6EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame A436 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 20:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
56203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Mar 2023 20:08:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A436 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676996822105882"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Feb 2023 11:45:04 GMT
4600244153708025467
tpc.googlesyndication.com/simgad/ Frame A436 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4600244153708025467
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a226a94f169eabff113e070c5638dd8ac7697830a89ddc38cdd78a5c1a9e5ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 13:29:12 GMT
x-content-type-options
nosniff
age
80152
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46021
x-xss-protection
0
last-modified
Thu, 20 Dec 2018 14:53:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 22 Feb 2024 13:29:12 GMT
l
www.google.com/ads/measurement/ Frame A436 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGA19VocoAsNMWMjoovwARus3SdRspaj9_Alsr5RpnJa3ps75mUibreIzzprLRparB3sP0X5UzPAOwssaMRQjjo6LWXg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=b7c44190-0d04-4938-acf3-c87f460d177a&pageId=90032&pid=97468&debug_metadata=4bbFASNb1f&fv=1146&ts=1677152704557&f=1&referer=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=b7c44190-0d04-4938-acf3-c87f460d177a&pageId=90032&pid=97468&slot=native&fv=1146&ts=1677152704567&f=1&referer=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-56.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Thu, 23 Feb 2023 11:45:04 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
truncated
/ Frame A436 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae12ea01455d3d812da0b713afbe3d129cfb9e890e2525fdadaa06208ec3bb05

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0753 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssi6WXs_eeLma8KUipXAhJAbSEEBMOXnjko8lN3oWztTa1BLSlYbP3S9dA_1lxEgDpgWb4U2z4IJg6iHm8HdZXteLGNVGSvX8DyljhrCPlRi73Py9QGo8QaRBYQSmH6UWsb7jazYCVRniYU1pI9bWGM8SG6T5XIQrTvoeqAhY9UOjYBwm6QHY9nnDnn3JQXvuSjqpSdFzY3JO2VfSsx_c-kS2AmhvGQOiIbL3gW3wZXHOKGHJTkkYoL8VH3v_cmmoxjS-6IE_MzjeW8QAFMMxJ8y0gzKzeGBPuuMG4ZyJkyq2UnT71_cmISu0xDfCw3tFqpVF6G2IZFq4A&sai=AMfl-YTLJYUhQsaTIU1l9mJTavXaWZpPEFZn62SPoWSYQVH_DPmiZ2QhYvQvP1jqbq6HHYvS2IM1mCaC2NKY7ewTpkyh-rRAP76Nt3t1B-sbvTJjJgb-8kVqlZ6Gwi4vZA&sig=Cg0ArKJSzMo-Owp7tp2uEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/ Frame 0753 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230221/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 22 Feb 2023 20:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
56203
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Mar 2023 20:08:21 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0753 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49018
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676996822105882"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Feb 2023 11:45:04 GMT
5979506729878892681
tpc.googlesyndication.com/simgad/ Frame 0753 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5979506729878892681
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f07bf754fbb69653c3c8a65cac3b0205421acff8cd7902e169fca07ffd5c7517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 09:55:44 GMT
x-content-type-options
nosniff
age
6560
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95903
x-xss-protection
0
last-modified
Fri, 09 Mar 2018 08:52:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 23 Feb 2024 09:55:44 GMT
l
www.google.com/ads/measurement/ Frame 0753 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaROYGSUUANdXtZ2wWK2FSVgLcKqtNhrT06Uu9IMHHmkVfuCqK8B8iPjuzZrv6L0vFgNoW-HN7-Y2ZuPxuvBW33nqJXnpw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
/
tt.onthe.io/ 		0
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=28225:uniques_holding&s=c87b9d010dbc36f1c2f824e707e8cb2d&_v=1&__io=598b2d04d.30400843e_1677152703733&1677152704599
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/oLDUTwtgFj1C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.52.114.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:04 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E2A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJ2N3SVCP5aTppJPtOfyRyDNeClOoTWIzPASKnEHAs9ZYMhcJA1zLnOBi0jENCUE8scBsGlR4n-lUgyGUeGC1tyBdgCKnzR35KxIcSb9vPP58_dXUMTiEjY4iQVHrBF9HGspYFdDTvrsl15FxxBFawNsMZLuqLW68N-79UBGRZZhqYUMur8xiRFi39iqcTMtgF35nMDt5RfZEAzgMEi0YNUcVN8lR57v9ZIz5hqaEolFZQjV9DvE6o-1ozgs16PCg0jv4rwLXFoZKAaZHKu_0SDyxBAvrvm0sGcsgNk5_EGoGbpy5qI6rkxtiXFJOR4p3Bie5WK7MR4dkG8-v_-Q&sai=AMfl-YRZjy0JLGXUP5J_ZJS48PUWnntc0EFAlDkbd6gragoOAzGYPFfHu3PUrxDB9LqAl1vGDHKEvZKNeRCrUfwnwd3FkD76qbpnf9o__bYGJV-G4ZAEWS9X2yCKnqpv2ncG7Kc2F02u0oLviFhM9oU&sig=Cg0ArKJSzA9359LPj1U8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
URL: https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ad
a.teads.tv/page/90032/ 		538 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/90032/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&auctid=b7c44190-0d04-4938-acf3-c87f460d177a&formatVersion=1146&env=js-web&netBw=10&ttfb=129
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d543bebac225aada07ce7e39ad3027d47d7d158a57867d826998e58c8591736e

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.onlinepc.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
368
expires
Thu, 23 Feb 2023 11:45:04 GMT
truncated
/ Frame 0753 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7e836296db02afbb8a92958babed03e9bccfee2463ca07f5c365ed2f2acae0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
usync.html
ad.lkqd.net/cookie-sync/ Frame F831 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 23 Feb 2023 11:45:04 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1677152704.cds258.fr8.hn,1677152704.cds288.fr8.c
ad
v.lkqd.net/ Frame CC9C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1138444&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60390%2C1%2C&c4=true&c5=&c6=60390&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=6486989&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
ff002f929ce2e6c925b18bdc1de8cdfb2894f77a1e48cf4fc318f0ddb7efe63c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1472
usync.html
ad.lkqd.net/cookie-sync/ Frame 75CD 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 23 Feb 2023 11:45:04 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1677152704.cds258.fr8.hn,1677152704.cds288.fr8.c
ad
v.lkqd.net/ Frame B2A2 		180 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1138446&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60390%2C1%2C&c4=true&c5=&c6=60390&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=8828478&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
publisher.js
adnz.co/dmp/ Frame E2A1 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adnz.co/dmp/publisher.js
Requested by
Host: adnz.co
URL: https://adnz.co/ad-tag.js?tagId=7a1156e8-3cb0-4a5b-ab42-f70dbef590c9&ts=152021379
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5599c90089f624e931b62e736d3d8d5026e3303b92e76fb17d0030c8b905c2ef
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx000008fad54d5ba862521-0063f338f5-10d01bd-default
age
1979
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Feb 2023 13:12:16 GMT
server
cloudflare
etag
W/"3e1c9b1599a628b70eed6af1c8013e6e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjr5cNqXguLWBfmvCbsZe%2FrUfb017ZED9XARYwdqm0jNPFc7RjtyUklpRWSQWaPyYtDfl06xoL91VEt9CjXcbgpS5Ye0zzkv15KhcoAEDyAEuwF8EcDfYio08orvcLuoRFKrsXs%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
x-rgw-object-type
Normal
cache-control
public, max-age=1800
access-control-allow-credentials
true
cf-ray
79dfb6943c4b9a2d-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4F85 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adnz.co
URL: https://adnz.co/ad-tag.js?tagId=7a1156e8-3cb0-4a5b-ab42-f70dbef590c9&ts=152021379
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b58adfc8c469954318cf589569676e6affe4a2813307810803e4c361d0454427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26491
x-xss-protection
0
server
sffe
etag
"1491 / 561 of 1000 / last-modified: 1677107120"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Feb 2023 11:45:04 GMT
v3
ib.adnxs.com/ut/ Frame E2A1 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3
Requested by
Host: adnz.co
URL: https://adnz.co/ad-tag.js?tagId=7a1156e8-3cb0-4a5b-ab42-f70dbef590c9&ts=152021379
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0db01a75a1aad08076ca94c9e2569a65fc90de3413a309ee9f995349a63a6233
Security Headers
Name Value
X-Xss-Protection 0

Request headers

pragma
no-cache
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
cache-control
no-cache
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
X-Is-Test
0

Response headers

Date
Thu, 23 Feb 2023 11:45:04 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
66896b0b-8649-4b02-b0d0-41999673fc73
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v3
ib.adnxs.com/ut/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control,content-type,pragma,x-is-test
Access-Control-Request-Method
POST
Origin
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

AN-X-Request-Uuid
3ad91f28-f33e-4359-aa78-39faba0156b9
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
cache-control,content-type,pragma,x-is-test
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
Access-Control-Max-Age
86400
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=utf-8
Date
Thu, 23 Feb 2023 11:45:04 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
getuidj
ib.adnxs.com/ 		29 B
984 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
21d7d499dee467b8317128fe33793e161f695df069b16cb69ba94208dc337f49
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:04 GMT
AN-X-Request-Uuid
3c91fb5e-f796-4ab0-baba-7f0a4ac4d053
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.onlinepc.ch
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
29
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xdomain_cookie.js
xd.adnz.co/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xd.adnz.co/xdomain_cookie.js
Requested by
Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1afabdbc9ffd54173ee5d42ffafe4026965be1c28143570c7d32e6cfa46cdd7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx00000770a18041336bf80-0063f338f5-109c754-default
age
2028
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 06 Feb 2023 12:15:19 GMT
server
cloudflare
etag
W/"21a9dc60217182683a8388843f5a4c30"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k49wrdHVSoKDZywIkvWw9mtS8K0dhCCHm3wpBvQWLv05MEVVcwOOypoBKH7xU75w4aJGzjD7Cr9LAVpVQUiZvZ43QbmbdL0%2BJZoyxZJ6SnjmyFCe6m6yNBt9nKKEN%2FmP7kXqDPwtack%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
x-rgw-object-type
Normal
cache-control
public, max-age=1800
access-control-allow-credentials
true
cf-ray
79dfb6948dd12c5f-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
truncated
/ Frame E2A1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77069383f7e84d1f76a6ff76b379121f39ac3bedc190cc0ed764c36b5daea6e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
c.disquscdn.com/next/embed/styles/ 		0
33 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Requested by
Host: onlinepc.disqus.com
URL: https://onlinepc.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 15 Feb 2023 19:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
664511
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
33270
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 15 Feb 2023 18:40:44 GMT
server
nginx
etag
"63ed272c-81f6"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
AkxrKs9u2jVQ5pkJ08fa2A3jX9EOPEOKmE0jesOxHLV8MSW6RrZv-w==
expires
Thu, 15 Feb 2024 19:09:53 GMT
common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js
c.disquscdn.com/next/embed/ 		0
93 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js
Requested by
Host: onlinepc.disqus.com
URL: https://onlinepc.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 18 Jan 2023 17:45:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
3088769
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94186
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 18 Jan 2023 17:40:51 GMT
server
nginx
etag
"63c82f23-16fea"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
1hn1Klm_UtCvffq1KWiV3f2BpFRrjL9pTUoT-cZBFywc-GUmE-dpDQ==
expires
Thu, 18 Jan 2024 17:45:34 GMT
lounge.bundle.e73bf6551fb0e2f4df3fc3aacda15afa.js
c.disquscdn.com/next/embed/ 		0
127 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.e73bf6551fb0e2f4df3fc3aacda15afa.js
Requested by
Host: onlinepc.disqus.com
URL: https://onlinepc.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 21 Feb 2023 20:11:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
142400
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
129738
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 21 Feb 2023 19:20:50 GMT
server
nginx
etag
"63f51992-1faca"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
_SsoeKk3Nr4ld2c-3KIb2TUdBiRGiWKHXhApo-8i5v_XGERDOLQMSw==
expires
Wed, 21 Feb 2024 20:11:44 GMT
config.js
disqus.com/next/ 		0
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: onlinepc.disqus.com
URL: https://onlinepc.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 23 Feb 2023 11:45:04 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
15
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
17116
X-XSS-Protection
1; mode=block
ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires
Sat, 25 Mar 2023 11:45:04 GMT
date
Thu, 23 Feb 2023 11:45:04 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"af7be0711fb1cf2f41bb793256c8f148:1673369412.559449"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13687
access-control-request-headers
X-OB-STG,X-OB-PRD
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=c4b1dfcd4ca25c611340ca8c36b6d991_52270_1677152704284&tm=847&eT=0&widgetWidth=620&widgetHeight=95&widgetX=330&widgetY=2828&wRV=2010189&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=680&oo=true&lo=678&odbreq=995&odbres=1675&cet=4g&to=1677152703112&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Feb 2023 11:45:05 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
59480474b6667b4e3799e04320a20449
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
monitor.html
widgets.outbrain.com/widgetMonitor/ Frame 0C7A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e74aad7eedeb94eab0fbb3d4435ff67c95dee259361fd21effd45bcd64424c24

Request headers

Referer
https://www.onlinepc.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-request-headers
X-OB-STG,X-OB-PRD
cache-control
max-age=604800
content-encoding
gzip
content-length
1602
content-type
text/html
date
Thu, 23 Feb 2023 11:45:04 GMT
etag
"9e7d58ad34c85761770fc947d9bee792:1617096471.391057"
expires
Thu, 02 Mar 2023 11:45:04 GMT
last-modified
Tue, 30 Mar 2021 09:27:46 GMT
server
AkamaiNetStorage
timing-allow-origin
* *
vary
Accept-Encoding
/
tt.onthe.io/ 		0
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=28225:pageviews_instant[depth:1,url:%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html,browser:Chrome,referrer:direct,device:desktop,lifetime:0,browser_version:Chrome%20110,user_type:new,returned:new,domain:www.onlinepc.ch,cdn_version:5,user_agent:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML_%20like%20Gecko)%20Chrome/110.0.5481.177%20Safari/537.36]&/?k[]=28225:visits_instantly[depth:1,url:%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html,browser:Chrome,referrer:direct,device:desktop,lifetime:0,browser_version:Chrome%20110,user_type:new,returned:new,domain:www.onlinepc.ch,cdn_version:5,user_agent:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML_%20like%20Gecko)%20Chrome/110.0.5481.177%20Safari/537.36]&/?k[]=28225:uniques_instantly[url:%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html,browser:Chrome,referrer:direct,device:desktop,lifetime:0,browser_version:Chrome%20110,user_type:new,returned:new,domain:www.onlinepc.ch,cdn_version:5,user_agent:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML_%20like%20Gecko)%20Chrome/110.0.5481.177%20Safari/537.36]&s=c87b9d010dbc36f1c2f824e707e8cb2d&__io=598b2d04d.30400843e_1677152703733&1677152704808
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/oLDUTwtgFj1C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.52.114.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:04 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0753 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukMCp69ym1v40htErmYCM8yjB4sDUNbwf4Q3VW9-_36P4YRqXiWDDsxB0W7WRPDDbjrA8fzRA3BV0hh1W1xG95kc0byGBMyWlNKq0JglHDBfC_N6wqqgWkR1hAEIQUIXdBootq8ZgXocN9YecQYbMV3-Y0HwFVlw4cp2emvHxW4Q70iy2rXN8Mw1jOkIxK9oS4RtT5tDns9HQ2pf-pb3I5xgKdfbC7-UEQMN82NQyyX1aQLXg5PBpl6x0Hu6O8KxReKYwPMiGeEBuBXg_hjedg7rveZxPXjWEH-SA4pRfxxbCqFEctvkgWX0mL9qPBikdW-UFoddLVs4rsxA&sai=AMfl-YSYWh2c06s6Z9HCzBx4llQnCK1Wz96Qj4A5Kvu_1pfo7RLT4FNRR_ioOZlJeI9dcNkM9F-HL5LmeAyWa9Z9RAxebWnp2rckom-cnKDAshxC1PSmNMR6SM6o03ZYsg&sig=Cg0ArKJSzNs2PwnXoIckEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Feb 2023 11:45:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A436 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssXQPg_L247HJsFXuvJX2UDhCcW05vIomK504oeDmufWzI5a5jkae1EsJgKBKUmUE7Rlsd5ZbVOM7_vDGTNBbGWdBztWfjnCOQLSNYKp2lzhopWITwKHA0OgM5RYEt3TjpdiNIQu5Tq3ny_1G-n2UwPkF26cMemGkn6YiLr3yzwcTn5WOA8GQ398wDZvP-58vax4XNDDTq-QIFE5JW6FDtcxaCK1j-nK-Kmd_vB6jtgVFNDl3jbUIyfW59-IQsh_vSVkFkDrFeT95YAFeiW1WcGa688zcChQa8GMlQDzS7ic80SOrpUVDYpVQH_isgRebIRr5yPO4ZXbDwVw&sai=AMfl-YRzqhl1rk0df6nsnVYrBDVRn_d8X-9iAan4-Yr8GJKUk73rB6GEhOHffCxe63ntaAFo_rp_VItXPKSFX03MFhNnw18ji_HvZeNo7GKL8IcbgKIzJMoRHkGvXTUdNw&sig=Cg0ArKJSzCE-EihcOk-yEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Feb 2023 11:45:04 GMT
/
k.intellitxt.com/go/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k.intellitxt.com/go/?ipid=91850&consentstr=&consenttype=&referer=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&script=c
Requested by
Host: k.intellitxt.com
URL: https://k.intellitxt.com/intellitxt/front.asp?ipid=91850
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.182.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-182-101.compute-1.amazonaws.com
Software
/ Kormorant
Resource Hash
d965d2bdfa49e5e8c3b14f0a35de81108e842a56fed012f2b19daa9ee1c581f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:04 GMT
x-powered-by
Kormorant
vary
*
content-type
text/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
content-length
4664
expires
Fri, 08 Jan 2016 00:00:00 GMT
cs
cs.lkqd.net/ Frame F831
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=4718608e-83be-44da-921f-9eeaad9d9375
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=4718608e-83be-44da-921f-9eeaad9d9375
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=4718608e-83be-44da-921f-9eeaad9d9375
date
Thu, 23 Feb 2023 11:45:04 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame F831 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame F831 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame F831
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3024092999750677697
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3024092999750677697
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3024092999750677697
pragma
no-cache
date
Thu, 23 Feb 2023 11:45:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame F831
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=fQPgLkZsQON_EoKPrp-06FFfBSQ
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=fQPgLkZsQON_EoKPrp-06FFfBSQ
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=fQPgLkZsQON_EoKPrp-06FFfBSQ
Date
Thu, 23 Feb 2023 11:45:05 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame 75CD
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=843d277b-b620-48ec-9b7b-001820c6cfb0
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=843d277b-b620-48ec-9b7b-001820c6cfb0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=843d277b-b620-48ec-9b7b-001820c6cfb0
date
Thu, 23 Feb 2023 11:45:04 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 75CD 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 75CD 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 75CD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2952035405712749761
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2952035405712749761
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2952035405712749761
pragma
no-cache
date
Thu, 23 Feb 2023 11:45:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 75CD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=RAIzISAMRxV-phAPzQnu0lFfBSQ
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=RAIzISAMRxV-phAPzQnu0lFfBSQ
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=RAIzISAMRxV-phAPzQnu0lFfBSQ
Date
Thu, 23 Feb 2023 11:45:05 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
getuidj
ib.adnxs.com/ Frame E2A1 		29 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
21d7d499dee467b8317128fe33793e161f695df069b16cb69ba94208dc337f49
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:04 GMT
AN-X-Request-Uuid
29166cd5-5a2a-446c-b09e-054bc96ae37f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
29
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xdomain_cookie.js
xd.adnz.co/ Frame E2A1 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xd.adnz.co/xdomain_cookie.js
Requested by
Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1afabdbc9ffd54173ee5d42ffafe4026965be1c28143570c7d32e6cfa46cdd7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx000002fdc84ab2da28ed1-0063f338f5-10d1633-default
age
1868
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 06 Feb 2023 12:15:19 GMT
server
cloudflare
etag
W/"21a9dc60217182683a8388843f5a4c30"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFR93XLfLfaKoCulyDbAfB0Jr4uVW47sUUZ3f8WugPuXasQPBLjz73BmB8aytUmYY3uWKJvQHZnRV6MZJjZJmaFYEiRaxUsx1ybaz9lp3CJk0O86jjLr6DBWmYEeekJdL16sJy5b1Rw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
Content-Length,Content-Range
x-rgw-object-type
Normal
cache-control
public, max-age=1800
access-control-allow-credentials
true
cf-ray
79dfb6957dce9a2d-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
/
disqus.com/embed/comments/ Frame 64CA 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=onlinepc&t_i=1700867&t_u=https%3A%2F%2Fwww.pctipp.ch%2Fnews%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842616.html&t_e=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_d=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_t=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&s_o=default
Requested by
Host: onlinepc.disqus.com
URL: https://onlinepc.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b7d180b9d0b2c1d1dbba77463d37f9cf96b7a1bd8c5792baad131d2ecda3e58f
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onlinepc.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection
keep-alive
Content-Encoding
gzip
Content-Length
2767
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Thu, 23 Feb 2023 11:45:05 GMT
ETag
W/"lounge:view:9590357760.670ecefb0047af936fcce2c08da8c9f4.2"
Last-Modified
Thu, 23 Feb 2023 10:14:30 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=300; includeSubdomains
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
pubads_impl_2023021601.js
securepubads.g.doubleclick.net/gpt/ Frame 082A 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 10:11:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5603
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132097
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 09:35:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Feb 2024 10:11:41 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 082A 		92 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.onlinepc.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23604d207127f6b1cb6b56f6a49b343f30dc1305e84db3f72e922008693b6d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65
x-xss-protection
0
expires
Thu, 23 Feb 2023 11:45:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 082A 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adnz.co
URL: https://adnz.co/ad-tag.js?tagId=ee98dc33-2999-4f79-84b3-895596089fdc&ts=1863207956
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b58adfc8c469954318cf589569676e6affe4a2813307810803e4c361d0454427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26491
x-xss-protection
0
server
sffe
etag
"1491 / 791 of 1000 / last-modified: 1677107120"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Feb 2023 11:45:04 GMT
pubads_impl_2023021601.js
securepubads.g.doubleclick.net/gpt/ Frame 4F85 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 10:11:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5603
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132097
x-xss-protection
0
last-modified
Thu, 16 Feb 2023 09:35:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 23 Feb 2024 10:11:41 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4F85 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adnz.co
URL: https://adnz.co/ad-tag.js?tagId=7a1156e8-3cb0-4a5b-ab42-f70dbef590c9&ts=152021379
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b58adfc8c469954318cf589569676e6affe4a2813307810803e4c361d0454427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26491
x-xss-protection
0
server
sffe
etag
"1491 / 680 of 1000 / last-modified: 1677107120"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Feb 2023 11:45:04 GMT
integrator.js
adservice.google.de/adsid/ Frame 082A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.onlinepc.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 082A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.onlinepc.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 082A 		883 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3448252764412873&correlator=1771756975647673&eid=31072564&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fif&iu_parts=96628199%2Conlinepc.ch_3rd_party_ee98dc33-2999-4f79-84b3-895596089fdc&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1x1%7C300x600%7C160x600&fluid=height&ifi=1&adks=734889266&sfv=1-0-40&prev_scp=hb_pb%3D0.10&sc=1&cookie=ID%3D3683e23af55ac4b0%3AT%3D1677152703%3AS%3DALNI_MYH3HqVoPuXGUVuIBdxAOcdviypew&gpic=UID%3D00000bbb0a1323e7%3AT%3D1677152703%3ART%3D1677152703%3AS%3DALNI_MblSB6sVsR5zWuO9X_IkE6bQV7hwQ&abxe=1&dt=1677152705004&lmt=1677152705&dlt=1677152704278&idt=689&adxs=-20&adys=71&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=17hdtafuueqb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&ref=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&top=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&frm=23&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=59556593.1677152704&ga_sid=1677152705&ga_hid=1430333449&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
291f0bb62ad54d73908d72fada48a6cda614652f9060b4ab5e881abe34cc6822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
461
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
65ca03a27a67da26bde4694b729e8ad8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0A75 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://65ca03a27a67da26bde4694b729e8ad8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinepc.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Feb 2023 11:45:05 GMT
expires
Fri, 23 Feb 2024 11:45:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
t
t.lkqd.net/ Frame C82B 		0
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.onlinepc.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.onlinepc.ch
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.onlinepc.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.onlinepc.ch
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
t
t.lkqd.net/ Frame 5A56 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.onlinepc.ch
date
Thu, 23 Feb 2023 11:45:05 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame 1335 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1677152705.cds258.fr8.hn,1677152705.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
kormorant-1.33.19.min.js
images.intellitxt.com/k/ 		215 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://images.intellitxt.com/k/kormorant-1.33.19.min.js
Requested by
Host: k.intellitxt.com
URL: https://k.intellitxt.com/go/?ipid=91850&consentstr=&consenttype=&referer=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&script=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5aeccd2ca34fb7ba2049ac9a11d28598674c3edde575433bc28eb9ee70fe5180

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 03:30:27 GMT
content-encoding
gzip
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 15:51:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
548079
etag
W/"5d84636ff2d30d38c8dbd7bb846afa33"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
SU_FRE2CLzsyu6nGx01_ifad7pLXJTVZbFTxcBJk-bAFKlnG7fbo4Q==
lounge.load.9f2653a98c92ec14e69e9df2f8422e71.js
c.disquscdn.com/next/embed/ Frame 64CA 		958 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.load.9f2653a98c92ec14e69e9df2f8422e71.js
Requested by
Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=onlinepc&t_i=1700867&t_u=https%3A%2F%2Fwww.pctipp.ch%2Fnews%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842616.html&t_e=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_d=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_t=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&s_o=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1687b46329e28a6afe7bad32f34e753b276dd268e0679784b4da7fb8e00e465c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/embed/comments/?base=default&f=onlinepc&t_i=1700867&t_u=https%3A%2F%2Fwww.pctipp.ch%2Fnews%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842616.html&t_e=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_d=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_t=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&s_o=default
Origin
https://disqus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 21 Feb 2023 20:11:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
142400
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
494
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 21 Feb 2023 19:20:49 GMT
server
nginx
etag
"63f51991-1ee"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
ovSsjFRPnR1JNv_DChvhFV76C-sAZ_RmR4tRfTkIX8VDwweP2N_u6w==
expires
Wed, 21 Feb 2024 20:11:45 GMT
integrator.js
adservice.google.de/adsid/ Frame 4F85 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4F85 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4F85 		803 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1793815776289450&correlator=3277621522843931&eid=31071976&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fif&iu_parts=96628199%2Conlinepc.ch_3rd_party_7a1156e8-3cb0-4a5b-ab42-f70dbef590c9&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1x1%7C994x250%7C970x250%7C800x250%7C994x118%7C728x90&fluid=height&ifi=1&adks=1958029034&sfv=1-0-40&prev_scp=hb_pb%3D0.10&sc=1&abxe=1&dt=1677152705064&lmt=1677152705&dlt=1677152704688&idt=365&adxs=0&adys=0&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=6xlpsdkt1hzs&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ref=https%3A%2F%2Fea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&top=https%3A%2F%2Fwww.onlinepc.ch%2F&frm=24&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=1290662739.1677152705&ga_sid=1677152705&ga_hid=453522112&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
543abeef28a44ee51ddf1544f0f97cc6d1f6167b5e5ed2d487f1046c72f6f5d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
396
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9f905641ea9cf2112ec71d0125f9622c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A492 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9f905641ea9cf2112ec71d0125f9622c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Feb 2023 11:45:05 GMT
expires
Fri, 23 Feb 2024 11:45:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.html
ad.lkqd.net/cookie-sync/ Frame 12C2 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 23 Feb 2023 11:45:05 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1677152705.cds258.fr8.hn,1677152705.cds288.fr8.c
ad
v.lkqd.net/ Frame 1335 		66 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1138444&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60390%2C1%2C&c4=true&c5=&c6=60390&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=6486989&m=&rtv=1&thost=www.onlinepc.ch
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e4b238270008352130b042f35d5c2cda566b4d6ce975704d6cea1eac5a9938ce

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4858
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1138444&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60390%2C1%2C&c4=true&c5=&c6=60390&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=6486989&m=&rtv=1&thost=www.onlinepc.ch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.onlinepc.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.onlinepc.ch
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/png
kormorant-1.33.19.min.css
images.intellitxt.com/k/ 		26 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://images.intellitxt.com/k/kormorant-1.33.19.min.css
Requested by
Host: images.intellitxt.com
URL: https://images.intellitxt.com/k/kormorant-1.33.19.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-21.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
acf59fc0c783f301c9c29c076ed1dffb35db7d8748b696074087ca30e2e672e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 09:10:46 GMT
content-encoding
gzip
via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 15:51:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
268460
etag
W/"273bddccdb5d252b47417a3fd907d0c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
Ux38ptlbK7Xkt2M1YtiI3BJckT2yhg04J2ZQQ4Jtd5iW0ntO3fnLow==
context
k.intellitxt.com/ 		2 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://k.intellitxt.com/context?ipid=91850&contextKey=3fbb758eaf59d00984651116fa3f0999ad698b9b&pvu=306ace36-0dbf-4dbb-ad8d-b0bfab496b8d
Requested by
Host: images.intellitxt.com
URL: https://images.intellitxt.com/k/kormorant-1.33.19.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.182.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-182-101.compute-1.amazonaws.com
Software
/ Kormorant
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:05 GMT
x-content-type-options
nosniff
x-powered-by
Kormorant
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
*
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
content-length
2
expires
Fri, 08 Jan 2016 00:00:00 GMT
aHR0cHM6Ly93d3cub25saW5lcGMuY2gvaW50ZXJuZXQvc2ljaGVyaGVpdC9mYWtlLXdlYnNpdGUtYWh2LWtyZWRpdGthcnRlbmRhdGVuLTI4NDI2MzEuaHRtbA%253D%253D
k.intellitxt.com/log/ptr/3fbb758eaf59d00984651116fa3f0999ad698b9b/91850/306ace36-0dbf-4dbb-ad8d-b0bfab496b8d/ 		0
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k.intellitxt.com/log/ptr/3fbb758eaf59d00984651116fa3f0999ad698b9b/91850/306ace36-0dbf-4dbb-ad8d-b0bfab496b8d/aHR0cHM6Ly93d3cub25saW5lcGMuY2gvaW50ZXJuZXQvc2ljaGVyaGVpdC9mYWtlLXdlYnNpdGUtYWh2LWtyZWRpdGthcnRlbmRhdGVuLTI4NDI2MzEuaHRtbA%253D%253D
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.182.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-182-101.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 23 Feb 2023 11:45:05 GMT
cache-control
no-cache, no-store, must-revalidate
x-powered-by
Express
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
expires
0
common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js
c.disquscdn.com/next/embed/ Frame 64CA 		280 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.9f2653a98c92ec14e69e9df2f8422e71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9c72aa9048dc4cb5f976e7b1a5be738cdc5429f35291261fab0036d077afaa51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=onlinepc&t_i=1700867&t_u=https%3A%2F%2Fwww.pctipp.ch%2Fnews%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842616.html&t_e=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_d=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_t=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 18 Jan 2023 17:45:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
3088770
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94186
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Wed, 18 Jan 2023 17:40:51 GMT
server
nginx
etag
"63c82f23-16fea"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
8qoyvaVpfBNEQRkl6Ublm3WxbsrAthxw7U58q1M9mkqlVLA1_Zod_A==
expires
Thu, 18 Jan 2024 17:45:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 082A 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b869d28bed42c678d881d46cedd0793596a19877f31cb24ccf8feb1d5604c2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11221
x-xss-protection
0
cs
cs.lkqd.net/ Frame 12C2
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f47a7eaf-5945-4e50-b187-76e9aa7d8ec3
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f47a7eaf-5945-4e50-b187-76e9aa7d8ec3
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f47a7eaf-5945-4e50-b187-76e9aa7d8ec3
date
Thu, 23 Feb 2023 11:45:05 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 12C2 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 12C2 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 12C2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3168208187826533569
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3168208187826533569
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3168208187826533569
pragma
no-cache
date
Thu, 23 Feb 2023 11:45:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 12C2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WQSRHpcoSjJ-bEmIiYCmplFfBSQ
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WQSRHpcoSjJ-bEmIiYCmplFfBSQ
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WQSRHpcoSjJ-bEmIiYCmplFfBSQ
Date
Thu, 23 Feb 2023 11:45:05 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
rd_log
ams3-ib.adnxs.com/ Frame 6A96 		0
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.onlinepc.ch%2F&e=wqT_3QLiA3ziAQAAAwDWAAUBCMCj3Z8GENzFgYm86t7EUxgAKjYJAA0BABENCAQAGQkJCERAIQkJCAAAKREJADEJCfD1REAwrL3KBjjXHkDXHkgCUJ3WkYEBWJasYGAAaPrwVHim9wWAAQGKAQCSAQNDSEaYAawCoAHYBKgBAbABALgBAcABAsgBANABANgBAOABAPABANgC_oEB4AKmiVHqAhhodHRwczovL3d3dy5vbmxpbmVwYy5jaC-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APQ3mXgAwDoAwD4AwKABACSBAYvdXQvdjOYBACiBAo4MS45NS41LjM2qAQAsgQQCAAQARisAiDYBCgAMAA4ArgEAMAEAMgEANoEAggA4AQB8ASd1pGBAYgFAZgFAKAFAMAFAMkFCfwU8D_SBQkJCQxwAADYBQHgBQDwBQD6BQQIABAAkAYAmAYAuAYAwQYRIxDaBhYKEBENEQFwEAAYAOAGAPIGAggAgAcBiAcAoAcAyAem9wXSBw0VXgEmCNoHBgFZcBgA4AcA6gcCCADwB-z2A4oIAhAAlQgAAIA_mAgB&s=630eeea532391f0d48aaf8ebb7cbfd5d2775598e&bdref=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html,https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html,https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:05 GMT
AN-X-Request-Uuid
69e98faa-10c5-4a33-962d-b8bead6ebf04
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
11ca6fb0-792a-4fae-8022-b54a8acf0e0f.jpg
crcdn01.adnxs.com/creative/p/3927/2021/2/1/23767827/ Frame 6A96 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs.com/creative/p/3927/2021/2/1/23767827/11ca6fb0-792a-4fae-8022-b54a8acf0e0f.jpg
Requested by
Host: adnz.co
URL: https://adnz.co/ad-tag.js?tagId=ee98dc33-2999-4f79-84b3-895596089fdc&ts=1863207956
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
1cbf531b6b3aba1915e36df8341335686691fb510c35172f087d251da8b0fc58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 23 Feb 2023 11:45:05 GMT
Last-Modified
Mon, 01 Feb 2021 09:45:42 GMT
Server
nginx/1.21.3
x-amz-request-id
48776be8-5bfb-4a49-a238-18f6068b5abc
ETag
"37c88a88cbfe07cb2e8561ef5fff9ed6"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Clv-Request-Id
48776be8-5bfb-4a49-a238-18f6068b5abc
Cache-Control
max-age=3888000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108694
X-Clv-S3-Version
2.5
Expires
Sun, 09 Apr 2023 11:45:05 GMT
it
ams3-ib.adnxs.com/ Frame A50C 		0
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.onlinepc.ch%2F&e=wqT_3QLgA3zgAQAAAwDWAAUBCMCj3Z8GENzFgYm86t7EUxgAKjYJAA0BABENCAQAGQkJCERAIQkJCAAAKREJADEJCfD1REAwrL3KBjjXHkDXHkgCUJ3WkYEBWJasYGAAaPrwVHgAgAEBigEAkgEDQ0hGmAGsAqAB2ASoAQGwAQC4AQHAAQLIAQDQAQDYAQDgAQDwAQDYAv6BAeACpolR6gIYaHR0cHM6Ly93d3cub25saW5lcGMuY2gvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD0N5l4AMA6AMA-AMCgAQAkgQGL3V0L3YzmAQAogQKODEuOTUuNS4zNqgEALIEEAgAEAEYrAIg2AQoADAAOAK4BADABADIBADaBAIIAOAEAfAEndaRgQGIBQGYBQCgBQDABQDJBQAAAfwU8D_SBQkJAQoBAWjYBQHgBQDwBQD6BQQIABAAkAYAmAYAuAYAwQYBHyAAAPC_2gYWChAJDRkBcBAAGADgBgDyBgIIAIAHAYgHAKAHAMgHpvcF0gcNFV4BJgjaBwYBWXAYAOAHAOoHAggA8Afs9gOKCAIQAJUIAACAP5gIAQ..&s=e22143f0c6f12277a55765e609c470cc5fee39a5
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:05 GMT
AN-X-Request-Uuid
50bbb260-95e2-4caa-8f97-1755222b8c4b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4F85 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bf8226d2ae09da4f68db26eaf731fab661bff16b1282d1f7c07bf460565fba6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11529
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame E2A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQ9lynI7MROXuK9lgG1OwLiLVN5vATsGeimpId747zAsAfYGjMm3Iuvp_buHUNjgXVqr0TncFxGa7l8ZOuc7s3ra9oNesnx3SzZfiW-zrytCB263P26lJD-ia59t_-pg97VWBKfGJc7j_XIBLjiw3gqEhwOxH-yoKL30pGtJeHtQ8USVzuESPDeXYMlIuRvu1hvjTzY0gerqTZbq33Si1InTpGZNFlFLW_oMVtEOCV0YAtP0B_RO5AJFE_Qvc5z6b9QUzVszfYgfKebWMTwCmpGJi3Cy8nJSwu_8ZL7AoaA11HW2p6Kbj7Hi8piPw6QfBK45n0kwekHSRuLf_NqSAi&sai=AMfl-YRKcPICWw_sO54Pnf-djS-tIMgw-AxGeFgcssxWODIpPmy7eR8-5lrqgLrxPpqIRK6sQNE8nyamz8SvG2u8C0GkQmEPIIud4zaQxe80R_Cf0NpPIgoY1KRBK4UvyBaC0-ORb6ORtB3xDQdylRo&sig=Cg0ArKJSzCWSebb75NGWEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Feb 2023 11:45:05 GMT
lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
c.disquscdn.com/next/embed/styles/ Frame 64CA 		233 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
98c5d085af0203422d443dce1c737ac861630fe6aada284508ca1db3558bde8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=onlinepc&t_i=1700867&t_u=https%3A%2F%2Fwww.pctipp.ch%2Fnews%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842616.html&t_e=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_d=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_t=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 15 Feb 2023 19:09:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
664512
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
33270
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Wed, 15 Feb 2023 18:40:44 GMT
server
nginx
etag
"63ed272c-81f6"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
_iiON8XtWtA7gpjKgLcEosj-TSvZjYEiPT2iHQdyvbtksJWMy8mTpw==
expires
Thu, 15 Feb 2024 19:09:53 GMT
xdomain_cookie.html
xd.adnz.co/ Frame BB5E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xd.adnz.co/xdomain_cookie.html
Requested by
Host: xd.adnz.co
URL: https://xd.adnz.co/xdomain_cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd2717d6c9540ef58d7a2551925e8756b072e2a2efe80e6813b7f0319f5f5df9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.onlinepc.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public
cf-cache-status
DYNAMIC
cf-ray
79dfb69798969a2d-FRA
content-encoding
br
content-type
text/html
date
Thu, 23 Feb 2023 11:45:05 GMT
last-modified
Tue, 21 Feb 2023 14:19:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVzkhPxkdCScYftiID5hwjygF8DUM5Phfz4it7kKEFT9sa1iooclY%2BCKQYx9Msbcs4TkT6EV0kgjslIGmT01M7c0Lr9tPXSwkaAXs4YdG8X4PLaDQHYjtgQfWhcZtMEkmHRQg0iI1dU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-request-id
tx000007de8199baa34047c-0063f751c1-10d01bd-default
x-envoy-upstream-service-time
0
x-rgw-object-type
Normal
visitor-id
api.adnz.co/api/ws-convey/ 		19 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.adnz.co/api/ws-convey/visitor-id?url=https%3A%2F%2Fwww.pctipp.ch%2Fnews%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842616.html&appnexusId=5361429147399700336&profileHash=&firstPartyVisitorId=
Requested by
Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a2a96913a4e33f2f1795bf318e7c06c551e882d3b3392ca0136750466f9bcee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="Not used"
x-envoy-upstream-service-time
11
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19
pragma
no-cache
server
cloudflare
etag
8334995570205483040
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyMD9dXh9niRhSCwZR7rAHZTrGUATbLJyujG443e3nJPhPSbNzn2X66jdnQjms3wFI4Jcu9TMmnszDlGulI1S1EUm%2BHp0sitIYYvsUgCp0b3UWeXxhhRIj90%2B3cu6JhT7AW5%2BqIpPDms"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.onlinepc.ch
access-control-expose-headers
ETag, Authorization
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
79dfb697bb822c5f-FRA
expires
-1
lounge.bundle.e73bf6551fb0e2f4df3fc3aacda15afa.js
c.disquscdn.com/next/embed/ Frame 64CA 		507 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.e73bf6551fb0e2f4df3fc3aacda15afa.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
120ba29ed579b0cda11cfbd53dacb62bb36054b3325eac927ecfaa44c5cf60a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=onlinepc&t_i=1700867&t_u=https%3A%2F%2Fwww.pctipp.ch%2Fnews%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842616.html&t_e=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_d=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_t=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 21 Feb 2023 20:11:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
142401
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
129738
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Tue, 21 Feb 2023 19:20:50 GMT
server
nginx
etag
"63f51992-1faca"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
3hnGTMyD8DTUZ7Jk33lHYSObTUVet_-84MtJW9t2s08IX3iq7LG6GA==
expires
Wed, 21 Feb 2024 20:11:44 GMT
config.js
disqus.com/next/ Frame 64CA 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c11cb8a2559b0ede513d84f4c2436af3b10ba523fe5541351f036a95a4184d73
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=onlinepc&t_i=1700867&t_u=https%3A%2F%2Fwww.pctipp.ch%2Fnews%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842616.html&t_e=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_d=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_t=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 23 Feb 2023 11:45:05 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
16
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
17116
X-XSS-Protection
1; mode=block
details
disqus.com/api/3.0/forums/ Frame 64CA 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://disqus.com/api/3.0/forums/details?forum=onlinepc&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.4ba4d839a8c58443b0a3c9c44262d3b7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e5f14064da406702ee9acc77e93d9d2225efaa78579bfe5dbc3a6657c464de83
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://disqus.com/embed/comments/?base=default&f=onlinepc&t_i=1700867&t_u=https%3A%2F%2Fwww.pctipp.ch%2Fnews%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842616.html&t_e=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_d=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_t=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&s_o=default
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 23 Feb 2023 11:45:05 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Vary
Origin, Cookie
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type
application/json
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
2992
X-XSS-Protection
1; mode=block
async_usersync.html
acdn.adnxs.com/dmp/ Frame CC61 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3927&pub_id=1255598
Requested by
Host: adnz.co
URL: https://adnz.co/ad-tag.js?tagId=7a1156e8-3cb0-4a5b-ab42-f70dbef590c9&ts=152021379
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 23 Feb 2023 11:45:05 GMT
ETag
"623de86a-cf34"
Expires
Fri, 24 Feb 2023 11:45:07 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
ams3-ib.adnxs.com/ Frame 9C89 		0
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com%2F&e=wqT_3QKbBKAbAgAAAwDWAAUBCMCj3Z8GEKKu5rLpzJCxJxjw_rzZ9Ozns0oqNgkAAAkCABEJBwgAABkJCQjgPyEJCQgAACkRCQAxCQn0NAHgPzCtvcoGONceQNceSAJQ-9aRgQFYlqxgYABo-vBUeMn1BYABAYoBAJIBA0NIRpgB4gegAfoBqAEBsAEAuAEBwAECyAEA0AEA2AEA4AEA8AEA2AL-gQHgAqaJUeoCSWh0dHBzOi8vZWEzZDBjMzg1NDUzZWEzN2M2ZDgxNmJhZWM5ZDMzOTQuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AOs-QbgAwDoAwD4AwKABACSBAYvdXQvdjOYBACiBAo4MS45NS41LjM2qAQAsgQQCAAQARjiByD6ASgAMAA4ArgEAMAEAMgEANoEAggA4AQB8AT71pGBAYgFAZgFAKAFAMAFAMkFAAAAAAAA8D_SBQkJAAApO2jYBQHgBQDwBQD6BQQIABAAkAYAmAYAuAYAwQYJIRgAANoGFgoQEQ0RAXQQABgA4AYA8gYCCACABwGIBwCgBwDIB8n1BdIHDQkuJgAI2gcGAVlwGADgBwDqBwIIAPAH7PYDiggCEACVCAAAgD-YCAE.&s=42d32de08aded95c4e63c97dcc7cfb12a3162ef6&bdref=https%3A%2F%2Fwww.onlinepc.ch%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.onlinepc.ch%2F,https%3A%2F%2Fea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2Fea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:05 GMT
AN-X-Request-Uuid
a0252ee4-4f58-4ae0-b054-65213607024c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
8b29c10a-373e-41f2-ab0c-adbb31399311.jpg
crcdn01.adnxs.com/creative/p/3927/2021/2/1/23767830/ Frame 9C89 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs.com/creative/p/3927/2021/2/1/23767830/8b29c10a-373e-41f2-ab0c-adbb31399311.jpg
Requested by
Host: adnz.co
URL: https://adnz.co/ad-tag.js?tagId=7a1156e8-3cb0-4a5b-ab42-f70dbef590c9&ts=152021379
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.124.180 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-124-180.deploy.static.akamaitechnologies.com
Software
nginx/1.21.3 /
Resource Hash
bc7ff406111490426c0045d8e4f6d238421928cc51a4a3e9f679a100476a3466

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 23 Feb 2023 11:45:05 GMT
Last-Modified
Mon, 01 Feb 2021 09:46:10 GMT
Server
nginx/1.21.3
x-amz-request-id
95cf034d-21f2-46f2-9fcd-7744c442fdae
ETag
"6ddee1953f2cf1f2c4ac8dd6bf315f0c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Clv-Request-Id
95cf034d-21f2-46f2-9fcd-7744c442fdae
Cache-Control
max-age=3888000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50101
X-Clv-S3-Version
2.5
Expires
Sun, 09 Apr 2023 11:45:05 GMT
it
ams3-ib.adnxs.com/ Frame E2A1 		0
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com%2F&e=wqT_3QKZBKAZAgAAAwDWAAUBCMCj3Z8GEKKu5rLpzJCxJxjw_rzZ9Ozns0oqNgkAAAkCABEJBwgAABkJCQjgPyEJCQgAACkRCQAxCQn0NAHgPzCtvcoGONceQNceSAJQ-9aRgQFYlqxgYABo-vBUeACAAQGKAQCSAQNDSEaYAeIHoAH6AagBAbABALgBAcABAsgBANABANgBAOABAPABANgC_oEB4AKmiVHqAklodHRwczovL2VhM2QwYzM4NTQ1M2VhMzdjNmQ4MTZiYWVjOWQzMzk0LnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20vgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDrPkG4AMA6AMA-AMCgAQAkgQGL3V0L3YzmAQAogQKODEuOTUuNS4zNqgEALIEEAgAEAEY4gcg-gEoADAAOAK4BADABADIBADaBAIIAOAEAfAE-9aRgQGIBQGYBQCgBQDABQDJBQAAAAAAAPA_0gUJCQAAAAAhO2jYBQHgBQDwBQD6BQQIABAAkAYAmAYAuAYAwQYBHyAAAPC_2gYWChAJDRkBdBAAGADgBgDyBgIIAIAHAYgHAKAHAMgHyfUF0gcNCREoASYI2gcGAVlwGADgBwDqBwIIAPAH7PYDiggCEACVCAAAgD-YCAE.&s=60ab5818415ab3bdd65502116ae18c889c847580
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:05 GMT
AN-X-Request-Uuid
9a3ac7d5-b04d-4752-b86c-948301a1ce3a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4F85 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Feb 2023 11:45:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 082A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Feb 2023 11:45:05 GMT
t
t.lkqd.net/ Frame 9F9D 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.onlinepc.ch
date
Thu, 23 Feb 2023 11:45:05 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.onlinepc.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.onlinepc.ch
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame F9B6 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwueSXocdvEg95TNLtTr_Zrfh7GN-rG_KPWBDsGBWtFhMz5adPE7gFKHFK-SyUbpdniOxQN62m2TpxJICJCi6Rbz1teYiNnymn6Fy5y7yhmgEbKrkL&sig=Cg0ArKJSzCBmwFJ9vwL_EAE&id=lidar2&mcvt=1035&p=70,1320,670,1620&mtos=0,1035,1035,1035,1035&tos=0,1035,0,0,0&v=20230221&bin=7&avms=nio&bs=1600,1200&mc=0.93&vu=1&app=0&itpl=3&adk=3321520152&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677152704022&rpt=238&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A50C 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSPaYXZEIIzz5n8j1--Trg8MtS-Xbsb0P8DY_UBLmE9QTiI1rTi-ZkeAr5vxlF0bbQM0hAjxB7RoDgxba6BxFPxXf46G0C1Ur3GvzCBbroo4rS15tR&sig=Cg0ArKJSzEWnCgIGPa0-EAE&id=lidar2&mcvt=1038&p=71,-20,671,280&mtos=0,1038,1038,1038,1038&tos=0,1038,0,0,0&v=20230221&bin=7&avms=nio&bs=1600,1200&mc=0.93&vu=1&app=0&itpl=19&adk=3249536413&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677152704048&rpt=260&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 64CA 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
29cf63b3a3f220aa82357afebcfda1a2499327ce2429680ab58af2a87ed19f23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=onlinepc&t_i=1700867&t_u=https%3A%2F%2Fwww.pctipp.ch%2Fnews%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842616.html&t_e=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_d=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_t=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Feb 2023 11:08:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Feb 2023 11:45:05 GMT
truncated
/ Frame 64CA 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
xdomain_cookie.html
xd.adnz.co/ Frame 8823 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xd.adnz.co/xdomain_cookie.html
Requested by
Host: xd.adnz.co
URL: https://xd.adnz.co/xdomain_cookie.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd2717d6c9540ef58d7a2551925e8756b072e2a2efe80e6813b7f0319f5f5df9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public
cf-cache-status
DYNAMIC
cf-ray
79dfb698ea699a2d-FRA
content-encoding
br
content-type
text/html
date
Thu, 23 Feb 2023 11:45:05 GMT
last-modified
Tue, 21 Feb 2023 14:19:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWBwkYAW3C0232a1c1YN%2Fx1PASTd7A9a34baA0eVhAufyBbVbyPJnVOAaT3RtFsCFTpS%2Fi2mG4v17wez4DUWJKCB%2B4ECCPwJUeT2xDlW%2BI%2FlAKFvS4s4vYL0vwEoLB8DYWcJtzcBrdo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
x-amz-request-id
tx00000a97dd313e164fad3-0063f751c1-10d020e-default
x-envoy-upstream-service-time
1
x-rgw-object-type
Normal
visitor-id
api.adnz.co/api/ws-convey/ Frame E2A1 		19 B
768 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.adnz.co/api/ws-convey/visitor-id?url=https%3A%2F%2Fea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&appnexusId=5361429147399700336&profileHash=&firstPartyVisitorId=
Requested by
Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a2a96913a4e33f2f1795bf318e7c06c551e882d3b3392ca0136750466f9bcee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="Not used"
x-envoy-upstream-service-time
25
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19
pragma
no-cache
server
cloudflare
etag
8334995570205483040
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugY6zKnpjr1w4GsCgGcJL0yg%2BEz5FXhmIZhOXdpLLKjBFM%2B1ev%2FkWnh4gzNYryGr8D22VyJcJcjJ0OQWi4wO7NRMB53oixXUPPyMRluEAQPTUIVfYxqvjL6UQmvVxyyI3dwUKl%2FnAXI6"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
access-control-expose-headers
ETag, Authorization
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
79dfb698da589a2d-FRA
expires
-1
svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 64CA 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 15 Jan 2023 02:16:14 GMT
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
VIE50-C2
age
3403731
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
13079
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Thu, 12 Jan 2023 21:51:05 GMT
server
nginx
etag
"63c080c9-3317"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
VNoSrm8vbfdTa1ZrK0Whiyxj-OO8mFatwJ5sHvmousoimyVMaG6IdQ==
expires
Mon, 15 Jan 2024 02:16:14 GMT
loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 64CA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 12 Jan 2023 03:03:01 GMT
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
VIE50-C2
age
3660124
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
2971
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Fri, 06 Jan 2023 19:06:43 GMT
server
nginx
etag
"63b87143-b9b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
0ho33bdrlL-ekAd_DbHfZC1vlOvKnUuZjHxELnmBow7-HPf1X6VNNA==
expires
Fri, 12 Jan 2024 03:03:01 GMT
email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
c.disquscdn.com/next/embed/assets/img/ Frame 64CA 		840 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 25 Jan 2023 03:23:40 GMT
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
VIE50-C2
age
2535685
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
840
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Fri, 20 Jan 2023 22:02:55 GMT
server
nginx
etag
"63cb0f8f-348"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
XYoLNxB6TauwsL6TWGx_A5q1ISwKThrMDuBZBlHQ6CIn3wmu_x9Eaw==
expires
Thu, 25 Jan 2024 03:23:40 GMT
privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
c.disquscdn.com/next/embed/assets/img/ Frame 64CA 		891 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/privacy.8c96be6b50de1c3fab838c5f050e0be5.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 28 Jan 2023 10:59:15 GMT
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
VIE50-C2
age
2249150
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
891
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Fri, 20 Jan 2023 22:02:55 GMT
server
nginx
etag
"63cb0f8f-37b"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
AHjGHoqCSaokKWzsGBmgN832yxRzgE0bW4S3DAW3LJa6p9S4wkKZXw==
expires
Sun, 28 Jan 2024 10:59:15 GMT
warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
c.disquscdn.com/next/embed/assets/img/ Frame 64CA 		605 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/warning.3bc0b4bff6c268a4ceaf404014b9be42.svg
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 17 Jan 2023 07:05:35 GMT
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
VIE50-C2
age
3213570
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
605
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Thu, 12 Jan 2023 21:51:05 GMT
server
nginx
etag
"63c080c9-25d"
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
vaOhArDaVz84GBF9qjQOeOUdLwV87201nZ0ORuFbp0TlRvC3GYU97w==
expires
Wed, 17 Jan 2024 07:05:35 GMT
sprite.ad630a07080a45451f139a7487853ff8.png
c.disquscdn.com/next/embed/assets/img/ Frame 64CA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 17 Jan 2023 06:16:10 GMT
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
VIE50-C2
age
3216535
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1763
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 12 Jan 2023 21:51:05 GMT
server
nginx
etag
"63c080c9-6e3"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
EwcfCGfqvRSHun259BMxXw6ISz3v6lsgMP_AI6d-vV_k5x8wPK7pXQ==
expires
Wed, 17 Jan 2024 06:16:10 GMT
icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 64CA 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c.disquscdn.com/next/embed/styles/lounge.2330dfe9833fc6fa82fa0ffee36e8c21.css
Origin
https://disqus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Wed, 18 Jan 2023 06:16:27 GMT
via
1.1 39103e0eac16074bdce5f23fa11c3dcc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
VIE50-C2
age
3130118
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
7900
x-xss-protection
1; mode=block
x-served-by
static-web-2
surrogate-key
next
last-modified
Thu, 12 Jan 2023 21:51:05 GMT
server
nginx
etag
"63c080c9-1edc"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
zvxsX9wKaDjwjsR2gK1RrS87liOnjlfkHliuXmhwI27tftQuJhl2zw==
expires
Thu, 18 Jan 2024 06:16:27 GMT
alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
c.disquscdn.com/next/embed/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Requested by
Host: onlinepc.disqus.com
URL: https://onlinepc.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 14 Jan 2023 00:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
3496454
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
26578
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Thu, 12 Jan 2023 21:51:05 GMT
server
nginx
etag
"63c080c9-67d2"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
V2DLRn6RNeUG9gVX-YWQSWYMEa9ONkOj18rWapHk3UHEY0mo9izemg==
expires
Sun, 14 Jan 2024 00:30:51 GMT
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame FEF6 		337 B
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Requested by
Host: onlinepc.disqus.com
URL: https://onlinepc.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 08 Jan 2023 06:30:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
3993260
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Fri, 06 Jan 2023 19:06:43 GMT
server
nginx
etag
"63b87143-f4"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
t7ib-grvx8h3Bm7ErXTHs732El5emVdz0vqwhb75n909AJdPmw8heA==
expires
Mon, 08 Jan 2024 06:30:45 GMT
realtime.b23ff3c36dd0169627f8e54ca1621eca.css
c.disquscdn.com/next/embed/styles/ Frame 55F5 		337 B
838 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
Requested by
Host: onlinepc.disqus.com
URL: https://onlinepc.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:e200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 08 Jan 2023 06:30:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
age
3993260
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
244
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Fri, 06 Jan 2023 19:06:43 GMT
server
nginx
etag
"63b87143-f4"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
Chli6CCPgjDMRPcqdUUQ-0f_o9WsQjKZuWWIa2oeHTn8DD1dDen3SA==
expires
Mon, 08 Jan 2024 06:30:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9EDF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2551
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Feb 2023 11:02:34 GMT
expires
Fri, 23 Feb 2024 11:02:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4D86 		783 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
54704054973fcc83365416f45a3867ae94c536007cc30e6d227bff5bbdbebb9d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6BvPeLhKhGGDcDqEd4b3Ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-6BvPeLhKhGGDcDqEd4b3Ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Feb 2023 11:45:05 GMT
expires
Thu, 23 Feb 2023 11:45:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
async_usersync
ib.adnxs.com/ Frame CC61 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3927&pub_id=1255598&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3927&pub_id=1255598
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:05 GMT
AN-X-Request-Uuid
f9657dbd-46b1-46a0-b2bd-15a48b4eddb8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 64CA 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 09:37:51 GMT
x-content-type-options
nosniff
age
526034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Feb 2024 09:37:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 64CA 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 20 Feb 2023 01:29:06 GMT
x-content-type-options
nosniff
age
296159
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Feb 2024 01:29:06 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 64CA 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:20:36 GMT
x-content-type-options
nosniff
age
23069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 05:20:36 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 64CA 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:21:08 GMT
x-content-type-options
nosniff
age
23037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Feb 2024 05:21:08 GMT
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 64CA 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,400;0,500;0,600;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://disqus.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 12:42:15 GMT
x-content-type-options
nosniff
age
601370
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17032
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 12:42:15 GMT
event.gif
referrer.disqus.com/juggler/ Frame 64CA 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=293&event=init_embed&thread=9590357760&forum=onlinepc&forum_id=2899537&imp=6jnie6a3ehs0k4&thread_slug=fake_website_der_ahv_will_kreditkartendaten&user_type=anon&referrer=https%3A%2F%2Fwww.onlinepc.ch%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.192.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://disqus.com/embed/comments/?base=default&f=onlinepc&t_i=1700867&t_u=https%3A%2F%2Fwww.pctipp.ch%2Fnews%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842616.html&t_e=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_d=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&t_t=Fake-Website%20der%20AHV%20will%20Kreditkartendaten&s_o=default
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 23 Feb 2023 11:45:05 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B0E1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinepc.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2551
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Feb 2023 11:02:34 GMT
expires
Fri, 23 Feb 2024 11:02:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DB92 		783 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e15cf316adeb182e84073739952937e2df39cab3d6c2620e60be991058ddec13
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kea8PqjqDTYm8M-i8tUiVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onlinepc.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-kea8PqjqDTYm8M-i8tUiVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Feb 2023 11:45:05 GMT
expires
Thu, 23 Feb 2023 11:45:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel.gif
cdn.viglink.com/images/ 		43 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=1&rn=2.0931842150662527
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-62.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
via
1.1 9f5dc8aa3b00e084cc2e91009dfdc836.cloudfront.net (CloudFront)
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P2
age
2
etag
"221d8352905f2c38b3cb2bd191d630b0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15, must-revalidate
accept-ranges
bytes
content-length
43
x-amz-cf-id
d1Jxb6QuxwCvPV4AVnPZ4qWSka8SeVnQ6mHsVNy2L0g6m2pLiqvPeQ==
pixel.gif
cdn.viglink.com/images/ 		43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.viglink.com/images/pixel.gif?ch=2&rn=2.0931842150662527
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-62.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:04 GMT
via
1.1 9f5dc8aa3b00e084cc2e91009dfdc836.cloudfront.net (CloudFront)
last-modified
Tue, 10 Feb 2015 03:29:39 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-P2
age
2
etag
"221d8352905f2c38b3cb2bd191d630b0"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=15, must-revalidate
accept-ranges
bytes
content-length
43
x-amz-cf-id
CHcPBgvTJvJLd33u1Ot1hLATD0FdvcOAtQYKyMlzkQkrF87sGVyCOg==
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=&gdpr_consent=&rp_schain=1.0%2C1%21vidoomy.com%2C60390%2C1%2C2348811154168788976700253062,,&tg_c.language=es&width=400&height=225
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.40.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-40-157.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
https://www.onlinepc.ch
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C60390%2C1%2C41687889767002530621491011686,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:05 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.onlinepc.ch
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1677152705606035-501
Expires
Thu, 23 Feb 2023 11:45:05 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1 KB
916 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0%2C1%21vidoomy.com%2C60390%2C1%2C4168788976700253062651895621%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
79f255c28e3abc6380e02331d96f471f6e7fcb8f8a30375e564416252847dcfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
671
expires
Thu, 23 Feb 2023 11:45:05 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1 KB
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0%2C1%21vidoomy.com%2C60390%2C1%2C41687889767002530621217304397%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e440c066b4889afc33b85d8b59cfcc865075b9ae039333a64047bd1174c0d034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
672
expires
Thu, 23 Feb 2023 11:45:05 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1 KB
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0%2C1%21vidoomy.com%2C60390%2C1%2C4168788976700253062292542757%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b71c19d595f3974e451b910169a56f63bce6a92f599d8aee536f2b8ce625449

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
672
expires
Thu, 23 Feb 2023 11:45:05 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1 KB
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0%2C1%21vidoomy.com%2C60390%2C1%2C17347167554168788976700253062%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
96cefd124a4c71ef95d53ab0f9484a7b96257e42077881e7bd6c7bd806252f39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
672
expires
Thu, 23 Feb 2023 11:45:05 GMT
6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
pagead2.googlesyndication.com/bg/ Frame 9EDF 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 06:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
538627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14401
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Feb 2024 06:07:58 GMT
6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
pagead2.googlesyndication.com/bg/ Frame B0E1 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 06:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
538627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14401
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Feb 2024 06:07:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4D86 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021601&jk=1793815776289450&rc=
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame DB92 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021601&jk=3448252764412873&rc=
Requested by
Host: www.onlinepc.ch
URL: https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022102&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7de2ed5db2db3f7a04eaf50074fd14c4b4c4403483feca0f43cf69a67fe513f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11370
x-xss-protection
0
offersv2.min.css
dnlgm0m0r44nl.cloudfront.net/gaia/0.53/css/ 		15 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dnlgm0m0r44nl.cloudfront.net/gaia/0.53/css/offersv2.min.css
Requested by
Host: js.srvtrck.com
URL: https://js.srvtrck.com/v1/js?api_key=87e36c1e9cd662d5ec3aa45fe0d2a1ee&site_id=da052b551cc54f92b4459bc211dcbb54
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-104.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ef5073c6e8dcffe3f6e5c98082c0ff1e5f030aad0d0008d30e3140085c84917

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 23 Feb 2023 04:52:46 GMT
Via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Feb 2015 17:06:33 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
24740
ETag
"3d22a39c5e3553db2f6f716c0819604b"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15788
X-Amz-Cf-Id
auxp-AkudSvKzgqp3LBVWBtUoXgkOf-Vm7rw5nwfix0Zcxuaw0WsKg==
link
search.srvtrck.com/v2/page/ 		2 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.srvtrck.com/v2/page/link?ctx.dist=low&distinct_advertiser=3&fields=price,advertiser,logo,ad_type,icon&logo.dim=150X150&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&abtag=abp:false&api_key=87e36c1e9cd662d5ec3aa45fe0d2a1ee&site_id=da052b551cc54f92b4459bc211dcbb54&tid=f8a8cf8b-a197-4f0d-8d7b-65e64b671e67&dch=gaia&tna=gaia&tv=0.121&title=Fake-Website%20der%20AHV%20will%20Kreditkartendaten%20-%20onlinepc.ch&refr=&page=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&afsrc=1&cache=8K50UJTC1MUVOCBP3JE7R40J7T99P396&vid=null&dnt=0&set.cache=true&ad_space=&version=0.121&loc=use_geo&size=20
Requested by
Host: js.srvtrck.com
URL: https://js.srvtrck.com/v1/js?api_key=87e36c1e9cd662d5ec3aa45fe0d2a1ee&site_id=da052b551cc54f92b4459bc211dcbb54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
content-language
de-DE
cache-control
max-age=3600
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
cf-ray
79dfb69b6a1337f7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
uuid.html
hades.srvtrck.com/v2/ Frame A818 		311 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hades.srvtrck.com/v2/uuid.html
Requested by
Host: js.srvtrck.com
URL: https://js.srvtrck.com/v1/js?api_key=87e36c1e9cd662d5ec3aa45fe0d2a1ee&site_id=da052b551cc54f92b4459bc211dcbb54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd45713beee6c2428f11ad6444c6e2a6bbe1bfad330e68002052e9832a5dcc03

Request headers

Referer
https://www.onlinepc.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
27519
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
HIT
cf-ray
79dfb69b5a1237f7-FRA
content-encoding
br
content-type
text/html
date
Thu, 23 Feb 2023 11:45:05 GMT
expires
Fri, 24 Feb 2023 11:45:05 GMT
last-modified
Wed, 22 Feb 2023 17:38:28 GMT
server
cloudflare
vary
Accept-Encoding
i
i.srvtrck.com/v1/ 		68 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.srvtrck.com/v1/i?e=pi&api_key=87e36c1e9cd662d5ec3aa45fe0d2a1ee&site_id=da052b551cc54f92b4459bc211dcbb54&tid=6410951d-9861-486a-8606-435487fe28b6&dch=gaia&tna=gaia&tv=0.147&title=Fake-Website%20der%20AHV%20will%20Kreditkartendaten%20-%20onlinepc.ch&refr=&page=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&afsrc=1&cache=C0TAR5920A2J1KIL66R69Q4PCQACK9L4&vid=null&dnt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
p3p
CP="CAO PSA OUR"
cf-ray
79dfb69b6a1a37f7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68
ahvfake_w915_h365.jpg
www.onlinepc.ch/img/1/7/0/0/8/6/7/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinepc.ch/img/1/7/0/0/8/6/7/ahvfake_w915_h365.jpg
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/oLDUTwtgFj1C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.82.75.19 , Germany, ASN205411 (BOREUS, DE),
Reverse DNS
developer-com.de.dns.boreus.de
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6d47ea57f6215c107b29113e794fb0c1246cf9a9684dc42df06e0037d9075b51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/internet/sicherheit/fake-website-ahv-kreditkartendaten-2842631.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
last-modified
Thu, 23 Feb 2023 10:11:18 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"a797-5f55b3bd1fd80"
content-length
42903
content-type
image/jpeg
json2.js
hades.srvtrck.com/static/ Frame A818 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hades.srvtrck.com/static/json2.js
Requested by
Host: hades.srvtrck.com
URL: https://hades.srvtrck.com/v2/uuid.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caba961cf71d7213df26fc8d5f11212204b5968f62698056ce768dada4656676

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hades.srvtrck.com/v2/uuid.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 17:45:13 GMT
server
cloudflare
age
27707
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=86400
cf-ray
79dfb69baa7b37f7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 24 Feb 2023 11:45:05 GMT
hades-server2.js
hades.srvtrck.com/static/ Frame A818 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hades.srvtrck.com/static/hades-server2.js
Requested by
Host: hades.srvtrck.com
URL: https://hades.srvtrck.com/v2/uuid.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3e8ec7865f2d8dffcd47b65e40efda889633cc02962596a6bf3d1be6d19a6dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hades.srvtrck.com/v2/uuid.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 17:35:51 GMT
server
cloudflare
age
27822
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=86400
cf-ray
79dfb69baa7d37f7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 24 Feb 2023 11:45:05 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.onlinepc.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.onlinepc.ch
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
t
t.lkqd.net/ Frame 9F9D 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.onlinepc.ch
date
Thu, 23 Feb 2023 11:45:06 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid_2af1ccba.js
vpaid.springserve.com/production/ Frame 59A5 		510 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_2af1ccba.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2017:5200:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcf8f347aba80b770b545d65de5ce91176d286271173eb6792024531b607e4ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 19:03:16 GMT
content-encoding
br
via
1.1 28e5a05285f99582aabd539b43e9b668.cloudfront.net (CloudFront)
last-modified
Tue, 21 Feb 2023 18:56:38 GMT
server
AmazonS3
x-amz-cf-pop
OTP50-C1
age
146511
etag
W/"7870c654546682712f0f3a21423db286"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
1kldfl86_Mih-8bhTobEqXcbJKR5TTcIkJKlCtiXTXfkrLNhnr_Shw==
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Feb 2023 11:45:05 GMT
batch
api.adnz.co/api/ws-events-sink/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.adnz.co/api/ws-events-sink/batch?visitorId=8334995570205483040&profileHash=&appnexusId=5361429147399700336&events=W3sidHlwZSI6IlBBR0VfSU1QUkVTU0lPTiIsImJvZHkiOnt9LCJldmVudElkIjozOTk2ODU1NzI0NzkzODA1LCJwYWdlSW1wcmVzc2lvbklkIjo3NzU0MDI2OTUyNjY0MDUzLCJ1cmwiOiJodHRwczovL3d3dy5wY3RpcHAuY2gvbmV3cy9zaWNoZXJoZWl0L2Zha2Utd2Vic2l0ZS1haHYta3JlZGl0a2FydGVuZGF0ZW4tMjg0MjYxNi5odG1sIn0seyJ0eXBlIjoiVEFHX0hJVCIsImJvZHkiOnsidGFnSWQiOiJlZTk4ZGMzMy0yOTk5LTRmNzktODRiMy04OTU1OTYwODlmZGMifSwiZXZlbnRJZCI6MTE5ODAyNDYxODU5NTg3MywicGFnZUltcHJlc3Npb25JZCI6Nzc1NDAyNjk1MjY2NDA1MywidXJsIjoiaHR0cHM6Ly93d3cucGN0aXBwLmNoL25ld3Mvc2ljaGVyaGVpdC9mYWtlLXdlYnNpdGUtYWh2LWtyZWRpdGthcnRlbmRhdGVuLTI4NDI2MTYuaHRtbCJ9XQ%3D%3D
Requested by
Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6d60OAXEhUHdFWtOmwXynXj%2FMsGiIr5U4C2Vx3b6NNl%2Fuir0wqyvN%2BjJj3qYd3dukFMKLNfqVeMhOeEXk6crRweeIWIZPRyD0ZhD0b%2B%2F68DwfY9%2Fe1DGjcGCgH4faT8TBtuOpfhnxZE5"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.onlinepc.ch
x-envoy-upstream-service-time
13
access-control-allow-credentials
true
cf-ray
79dfb69c1ef79a2d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.onlinepc.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.onlinepc.ch
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 23 Feb 2023 11:45:05 GMT
server
nginx
t
t.lkqd.net/ Frame 9F9D 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.onlinepc.ch
date
Thu, 23 Feb 2023 11:45:06 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
profile
hades.srvtrck.com/v1/ Frame A818 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hades.srvtrck.com/v1/profile?action=create&ykuid=7e2xqtpnmlyc6lt0te3b6g
Requested by
Host: hades.srvtrck.com
URL: https://hades.srvtrck.com/v2/uuid.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:a860 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10fe36278af5ec590acb10c83ed5f99e70a4f07943cd465402d24d42c4392153

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hades.srvtrck.com/v2/uuid.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:06 GMT
cf-cache-status
MISS
last-modified
Thu, 23 Feb 2023 11:45:06 GMT
server
cloudflare
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
79dfb69c4be9bb74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1095
expires
Fri, 24 Feb 2023 11:45:06 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9DAC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.onlinepc.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2551
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Feb 2023 11:02:34 GMT
expires
Fri, 23 Feb 2024 11:02:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D091 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eaa7186e271b3e79f4ef394bf270cab9884d5ca32c63915498217bbdea2347a9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lTLdawIFCDj2jZ98gZop6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.onlinepc.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-lTLdawIFCDj2jZ98gZop6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Feb 2023 11:45:05 GMT
expires
Thu, 23 Feb 2023 11:45:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame 9EDF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?j2dibQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame B0E1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?btWbBQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
pagead2.googlesyndication.com/bg/ Frame 9DAC 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 06:07:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
538628
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14401
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Feb 2024 06:07:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D091 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022102&jk=681621976889299&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 59A5 		1 KB
896 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152705483,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2af1ccba.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b0766927d2923c80796929e1e59e9e343739974f9832ad977981adc2593d71bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:06 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
651
expires
Thu, 23 Feb 2023 11:45:06 GMT
batch
api.adnz.co/api/ws-events-sink/ Frame E2A1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.adnz.co/api/ws-events-sink/batch?visitorId=8334995570205483040&profileHash=&appnexusId=5361429147399700336&events=W3sidHlwZSI6IlBBR0VfSU1QUkVTU0lPTiIsImJvZHkiOnt9LCJldmVudElkIjoxNzM1MDE1OTE0ODAwODQ3LCJwYWdlSW1wcmVzc2lvbklkIjoxNDA2NTM5MjgzNzcwMTUxLCJ1cmwiOiJodHRwczovL2VhM2QwYzM4NTQ1M2VhMzdjNmQ4MTZiYWVjOWQzMzk0LnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20vc2FmZWZyYW1lLzEtMC00MC9odG1sL2NvbnRhaW5lci5odG1sIn0seyJ0eXBlIjoiVEFHX0hJVCIsImJvZHkiOnsidGFnSWQiOiI3YTExNTZlOC0zY2IwLTRhNWItYWI0Mi1mNzBkYmVmNTkwYzkifSwiZXZlbnRJZCI6ODUwMjM3OTE1MTczNDAyNywicGFnZUltcHJlc3Npb25JZCI6MTQwNjUzOTI4Mzc3MDE1MSwidXJsIjoiaHR0cHM6Ly9lYTNkMGMzODU0NTNlYTM3YzZkODE2YmFlYzlkMzM5NC5zYWZlZnJhbWUuZ29vZ2xlc3luZGljYXRpb24uY29tL3NhZmVmcmFtZS8xLTAtNDAvaHRtbC9jb250YWluZXIuaHRtbCJ9XQ%3D%3D
Requested by
Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCGS1Cnbglwv83muKMDqXPjMy3KyRA1EUh4VycHBX%2BHI%2ByoJCBBbxsBLwuQ60ZP%2BtufTYlgBb00tIOc0s7jkTcmue0LbuoeF4XgYx2RjioUPZ2azm9asz6hhQWOLnZWUcpgrsGEeF4%2BW"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
cf-ray
79dfb69d88f89a2d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ping
links.services.disqus.com/api/ 		358 B
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/ping
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
b555044cd3774eae399de02e059d4629fc78fa3dc21e9e856d731d37a665deae

Request headers

Referer
https://www.onlinepc.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:06 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.onlinepc.ch
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
358
Expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E2A1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusyvzbZYaJfyUqQOINTgkx4q3jZHBcHK45Z_dTHvGpd9yNMD0VXj6NNrKOUPz7pVDVXTZzmezSvDq32FqhHCQq7ms_TSx-fhUR5DyGhmFONFZvwUD3&sig=Cg0ArKJSzOWku9BZ2xITEAE&id=lidar2&mcvt=1007&p=272,303,522,1297&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20230221&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2838881479&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677152704067&rpt=1113&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame C609 		158 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152705483,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86cf58fa31f5a67cf2cf73c1804d0d2b3c86c6c8a1461ff7caa0f989f0cf02c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:06 GMT
content-encoding
gzip
last-modified
Tue, 10 Jan 2023 05:38:16 GMT
server
Apache
etag
"27981-5f1e24a67517b-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38153
sync.gif
links.services.disqus.com/api/ 		43 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:06 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Content-Type
image/gif;charset=UTF-8
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame FA77 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152705483,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=143136
content-encoding
gzip
content-length
13968
content-type
text/html
date
Thu, 23 Feb 2023 11:45:06 GMT
expires
Sat, 25 Feb 2023 03:30:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame C609 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152705483,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:06 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=143136
accept-ranges
bytes
content-length
13968
expires
Sat, 25 Feb 2023 03:30:42 GMT
domains
links.services.disqus.com/api/ 		58 B
678 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/domains
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
ed9b3e509c73f42dd5803926eaaff99b3eb59e2815ace5970e6b2a106998d327

Request headers

Referer
https://www.onlinepc.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:06 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.onlinepc.ch
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
58
Expires
Thu, 01 Jan 1970 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 9DAC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BfxM3g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame FA77 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59894739&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
cd00fd2c963c4db9f70d4cc8bc3fa4749adf65dc300fe0fe37dfb0a120a1c609

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 23 Feb 2023 11:45:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame C09E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&gdpr=0&gdpr_consent=
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 23 Feb 2023 11:45:06 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Thu, 23 Feb 2023 11:45:06 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 497E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f26263f7-51c0-4500-819d-04b3237daec0&gdpr=0&gdpr_consent=
42 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f26263f7-51c0-4500-819d-04b3237daec0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Feb 2023 11:45:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 23 Feb 2023 11:45:06 GMT
Expires
Thu, 23 Feb 2023 11:45:05 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 475 4bd2ccd master cdg-pixel-x27 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:f26263f7-51c0-4500-819d-04b3237daec0&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 5145
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6963015184779666125
42 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6963015184779666125
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Feb 2023 11:45:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6963015184779666125
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 3304 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 23 Feb 2023 11:45:05 GMT
expires
Thu, 23 Feb 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
212857
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FA77
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6NjlcLm0TvKn4iyM0wVHTQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:06 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=116784
accept-ranges
bytes
content-length
5554
expires
Fri, 24 Feb 2023 20:11:30 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b512174030938010/gdpr=0/ Frame FA77
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=5779c00b3844f4d9411e074805dab2e0&gdpr=0
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b512174030938010/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
0
0
Artemis
aud.pubmatic.com/AdServer/ Frame FA77
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

date
Thu, 23 Feb 2023 11:45:06 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&addseg=19,36,42
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame FA77
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RThEOEU1NzAtQjlCNC00RUYyLUE3RTItMkM4Q0QzMDU0NzRE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 23 Feb 2023 11:45:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame FA77
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC41hO-fBeqGcIDqrv8s00I&google_cver=1
42 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC41hO-fBeqGcIDqrv8s00I&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 23 Feb 2023 11:45:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEC41hO-fBeqGcIDqrv8s00I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame FA77 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:06 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 22 Feb 2023 11:45:06 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame FA77
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1772418508129252778
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1772418508129252778
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 23 Feb 2023 11:45:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1772418508129252778
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame FA77 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 23 Feb 2023 11:45:06 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame FA77 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:d295:c4e8:8fc9:991a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame FA77
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-dgRGEV1E2uUlAJz6kaLYIk3.1el0UFk-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-dgRGEV1E2uUlAJz6kaLYIk3.1el0UFk-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-dgRGEV1E2uUlAJz6kaLYIk3.1el0UFk-~A&gdpr=0
date
Thu, 23 Feb 2023 11:45:06 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
async_usersync
ib.adnxs.com/ Frame CC61 		0
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3927&pub_id=1255598&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3927&pub_id=1255598
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:06 GMT
AN-X-Request-Uuid
b4ef1039-855c-40e4-8e44-35bf3b2b40ba
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4F85 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021601&jk=1793815776289450&bg=!iomlid3NAAZYlHKzeJQ7ADkAdvg8WipXrfGdCinrHItWap3PlNxr_TQkmRFNaajxBPGXWvJuHv0PG5hlAjoTqM2DEHD3KvxPaDwCAAABBVIAAAAEaAEHCgAQhZLaJdcCrc8Ms3Vqq6dQr5kDOTW35ROCRUkrqoWpV3m_DYZoEGgk5pvBr7nHg_0WjfIPLPEU8caOOJogxDbaQFi6VFiRL7ILbo40BggPDILyxKGoO-phVZcnwCOW3bw2HX2722GIQcfPMH1t_CoeU3Ge26YTJ74R0pyk90vTlkavA-pK4LporJ9aamZgtU-PfyfkDdiiEzz45uu1wMD5XeK0D0R5nT1FJ8p3Ov0DFBR7JzF1zxn1eMnt76ITUNGXJgefp6y-cbLxSRD_YTgbHvamSzowb4v5a7wmYVP-g6wDw34lLRHK8C_fLx82v7a16GWPwCzqIyTvLPLzyTNSpTl1qhn227Y6foQCLAl4vShrGt58GfnNwayBCMtVtzpPTro-QGVahfnC9Z3OYnCoV12B15KVdL8jVFrehFsd6c4AcJB8GIYlUFinak1yRWV-QohaPeZHsQOxItWxhsOgoyo1dW9kVjfiMrbc-AgvjowlyQe9bos1aUOmfRz7Xxx3tvBJSLV3sSpkPovIAgRQ6PMrmzF7aSbZXw9RELl_SaPSo213GnSPBE3YE6cxs7LHEtOA59OADvfy-c3IpLw0w8DccOmWZv52Us1-6qaihgMci72hQWEg-52thKyfP8ZKhcqo6QeJzkRIaXcACh4_jjN5GzW_VwbHsGYB4dnK6M9wEOjTaUVfbQgUHX3e7Ted00KUfkd_a62Z2v1_CZRVaQrzIi7nFyduRxkvc6i8o-zPWUd01X4SjaWATy0ul07Llxw1O6_9eySppykus7D9AVcbpnOJwq-50Is_YR5xKxPeBOWxBg5GBHhGTjk6teqBydeYRExUsKc5hISK0rh3tVi8NVUhJLPg2SI4jsZRI9TKxOzMiEXlQvDaYSdIpHRHrQc5FOvphAcA4s2LFUabbIwp8nsdXi5jhjKjQvDm9NWiViOjrQFaS6xU2AwGpd4hMnIsF2x3vcmjjsey9wwdcXk0cOe25tjGpK_VOsOYrJSAls1mnHOX63T8gIj6WZQYMk8gsloCsl6j7p_GoHHBHe87aHcxzdTKdiqxILaDI64wyf_yX7L_n8PoCy777ucAr2vCSerBT-LDHWIaAU25Kn2oo8lV2ShZx4gc6g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 082A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021601&jk=3448252764412873&bg=!-Pul-6_NAAZYlHKzeJQ7ADkAdvg8WpF-3V3Ir0AGnuyESj_hG2rYHFFdhp7dXmhje7XjSGl8GUsj_Q7be50dZatZzBdOPEzH7p8CAAABJlIAAAADaAEHmQLKISQVOQ1odu1cf4VOjOVODacQpC2kCzlqPpA8LpnydMXeFg6rW__MTrlG6oGKfuIV0Z9BudrIjho54QqEiykG1u3IiQpbbLGmSWQySVPCU6btc9WCJUpGXFv_YnVx1gTk5C_0-hWn-staogRT4ryBiD5skehs-IrSCUDY6LFzUgNpSKroNYxXJjqnXaeIRthDMDilGFynOHaOjsZ-5nzKYa6lytaiRKcMDtY4s0p5OxofulQnDcNruFX-KB2CQSerZa-5Pg-B9Y3Pa3-t_8Inb7lFzGBtZkxAzHTC0yBtOo7s2UkL5c0rLYQU0t_EjBLwKyi0BTQgSjAVyKj_6RQzUiVKrnun9m191tOzbzlQZBsMfYuDihAKPPlhwvN757SyVoriaS9_ECOA1ijm2J2-SyiiIzQM2NiuUiqXl8LtO6Y1YIfoAxt_K5HhIgWENzKig9LS7-gTMpzB3xuc1vlfE-60ME2M3gBZ9--Sjfmdlh5Xi4qjWNTP418G9ljVEOKyyB66JA6Jqh8pM7S78N9fi-9PH47zGN_uB2dtngz9wt_Hfz4fL6-sKrvfmk80mBs-B08WTAH1xNyPZh6czcFARcL5cxAT-5qqUNJvBlWucKv0F6rzZstANpRjcJ7LzaM_W8c3jG4qSaYdT1Alb4pbLeKibd9qnGykeZEh-uTxMhFXRROzuNfOo4YrpB2ef2T-3jAYkyydE5Lj9JqK_FNFOa0lnNtSNqsE-sT72kjgfzWPBVejhcdAad7Rj1B3RmOGuDv3Ql8ItYrfn6FBNnJugsWNYawHKPmfR5NX8OAGTG3e94pnzEeHo-MhAACu0cbqBkIEokA7fC02soTQPj8k9GC98ygDeX30ggEaf779HHd5r1s2t9ZnuSKA-n_Rx-KQiOxfurpmaCptGVxmFrxo1f6fs9MbYFOrFaw5agaihY2UcG93uOQpYb1o
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
AdServerServlet
vid.pubmatic.com/AdServer/ Frame C609 		27 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152705483,,&us_privacy=&cb=1677152706286&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.onlinepc.ch%252Finternet%252Fsicherheit%252Ffake-website-ahv-kreditkartendaten-2842631.html&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.onlinepc.ch%252Finternet%252Fsicherheit%252Ffake-website-ahv-kreditkartendaten-2842631.html&vwndref=&vc=2&js=1&sec=1&kltstamp=2023-2-23%2011:45:6&ranreq=0.28287830774887146&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152705483,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:06 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.onlinepc.ch
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
/
tt.onthe.io/ 		0
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt.onthe.io/?k[]=28225:pageviews_info[url:%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html,browser:Chrome,referrer:direct,device:desktop,lifetime:0,browser_version:Chrome%20110,user_type:new,returned:new,domain:www.onlinepc.ch,cdn_version:5,user_agent:Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML_%20like%20Gecko)%20Chrome/110.0.5481.177%20Safari/537.36,language:de-CH,page:Fake-Website%20der%20AHV%20will%20Kreditkartendaten%20-%20onlinepc.ch,author:%D0%91%D0%B5%D0%B7%20%D0%B0%D0%B2%D1%82%D0%BE%D1%80%D0%B0,category:INTERNET,reference_time:69]&s=c87b9d010dbc36f1c2f824e707e8cb2d&1677152706805
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/oLDUTwtgFj1C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.40.114.52 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.52.114.40.188.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:06 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022102&jk=681621976889299&bg=!hIelh9PNAAZYlHKzeJQ7ADkAdvg8WsWeQEMpVzCbB-JDvtBH_mP_2qYcJUGreD3HL_0Q0JlQMUtMiu6ZHGsd3zL-_CB7SUL2IiwCAAAA7FIAAAAKaAEHmQKlTxCXP50ZLuUW0MDEio7E91vX_DKySlz3immoe-kjZCakbFXMMalCohnDdtcMAj_31MIUA2nJM9L8c4WzVu1pViehk9wbsPx7_V18rwysu-roNy6XdeFdZlITXYlxW6zMK1xzWjXhNqRXJoRQ3lYWtTGmax8XNZGVkn4LKFLwW02GxGkBQkKUOi1M5UxxUMx_ghH3IopVxTxkw6WiNfv5nZdwJ-beYgDr9nQPwU_SLsfBv-rGUq1239UI3NkJmZpgIHXf7qXodVLl8vSM1ubi4xAwj98tbJWcEstaKdsLdaPe9s5Ey8T2v26XtPNoIpf1FbdHw21lWSSUbhqaJJwGI1jsfyNCr0Xt81j12FvX2Qf-AXAo069Ngx11dLD-95WZGqTOfz0znq8ymhC4lC3kT_dSI9SyFvuzUnjFPQlmw92fu-H-TVdMGkBqLpW3vTiPrUHyVf26TxyBI8INeAAHV4GFnt2L5i_Hp9etrligNuaij16VO9_C3fnAIj_MxyOdyeH1dB1t7GZkImePZXH3XLQPOAUW9JM9M48W8ZKicQsZlFxwM_fyvd0QHHt0KeFzo9PV6njpgim-nJNIfA3GF2DK_-PV5GsKrkUPi2dFOHrd4d3UzXgZTKU3DguZ_8uAKM-jdgj_Cpl1oPFoT5RcWYcZRWBoT2NTZvPerH7p3lpA_W1iaX6rjRrwD160-AlojspRHpW9L1gPs0yFQM3-31rvc9uygO9lbQj4TBVIzto7PcFhMB2NgfnV20D01u4Z2WbuAneaygeUPcsdcF3tNDpTGwhCHutOA1wZl2dHQy7jeH-Xs4qrt34s3fDrUBfR2Gih5zfsm4iPksB81-PN6fkvnEwircT7TJD3z9Ip0luBVcT4GvfrWCWXeqCk8fOMtleml7I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers
track
st.pubmatic.com/ Frame C609 		0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1677152707&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 23 Feb 2023 11:45:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 59A5 		1 KB
896 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152705483,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2af1ccba.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f0961b5825191738445c0d25df8db12b5c2c21862e6002a422d8e8cf70a8538e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:07 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
651
expires
Thu, 23 Feb 2023 11:45:07 GMT
track
st.pubmatic.com/ Frame 59A5 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1677152706&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 23 Feb 2023 11:45:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 3E22 		158 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152705483,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86cf58fa31f5a67cf2cf73c1804d0d2b3c86c6c8a1461ff7caa0f989f0cf02c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:07 GMT
content-encoding
gzip
last-modified
Tue, 10 Jan 2023 05:38:16 GMT
server
Apache
etag
"27981-5f1e24a67517b-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38153
showad.js
ads.pubmatic.com/AdServer/js/ Frame 6D67 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152705483,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=143135
content-encoding
gzip
content-length
13968
content-type
text/html
date
Thu, 23 Feb 2023 11:45:07 GMT
expires
Sat, 25 Feb 2023 03:30:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3E22 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152705483,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:07 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=143135
accept-ranges
bytes
content-length
13968
expires
Sat, 25 Feb 2023 03:30:42 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 6D67 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26177392&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
3ca3af39055b0c3892b638cef15362a4407dd28cba15a5d2f7cc246f67fe28e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 23 Feb 2023 11:45:07 GMT
content-length
2011
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 9B0C
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NiFcjTUjWYktJl_eZnQX2WVzDoItJwyIOSBzgHxi
42 B
421 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NiFcjTUjWYktJl_eZnQX2WVzDoItJwyIOSBzgHxi
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Feb 2023 11:45:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Thu, 23 Feb 2023 11:45:07 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=NiFcjTUjWYktJl_eZnQX2WVzDoItJwyIOSBzgHxi
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
dcm
aax-eu.amazon-adsystem.com/s/ Frame D092
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Feb 2023 11:45:07 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
23J4ASF1GBWYBF67Z3Q2

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Thu, 23 Feb 2023 11:45:07 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
YC1YS2MHPH44VSDBRKV6
Pug
simage2.pubmatic.com/AdServer/ Frame 952A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5361429147399700336&gdpr=0&gdpr_consent=
42 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5361429147399700336&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Feb 2023 11:45:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
2bcbc456-94eb-426a-aeb4-64abe1d40a95
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Feb 2023 11:45:07 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5361429147399700336&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
/
dsp.adfarm1.adition.com/cookie/ Frame F620 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame EFC5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WQSRHpcoSjJ-bEmIiYCmplFfBSQ&gdpr=0&gdpr_consent=
42 B
400 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WQSRHpcoSjJ-bEmIiYCmplFfBSQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Thu, 23 Feb 2023 11:45:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Feb 2023 11:45:07 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=WQSRHpcoSjJ-bEmIiYCmplFfBSQ&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 30BC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-dRwwAJG9ktRAAb&gdpr=1&gdpr_consent=&_test=Y-dRwwAJG9ktRAAb
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-dRwwAJG9ktRAAb&gdpr=1&gdpr_consent=&_test=Y-dRwwAJG9ktRAAb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 Feb 2023 11:45:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 23 Feb 2023 11:45:07 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y-dRwwAJG9ktRAAb&gdpr=1&gdpr_consent=&_test=Y-dRwwAJG9ktRAAb
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn-etou8220053-HHN
x-timer
S1677152707.434728,VS0,VE0
rtset
bh.contextweb.com/bh/ Frame 4003
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCa1owN0g3cVFBQUNMaTdCcFlBdw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABkZ07H7qQAACLi7BpYAw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
0
0
info2
uipglob.semasio.net/pubmatic/1/ Frame 6D67
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Server
77.243.60.138 Norresundby, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:09 GMT
frontend-id
13
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:09 GMT
frontend-id
11
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 6D67 		95 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:07 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
79dfb6a4c8c839e0-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 6D67
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D
  • https://a.audrte.com/p
0
0
ids
idsync.frontend.weborama.fr/ Frame 6D67
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=263422443
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:06 GMT
via
1.1 google
last-modified
Thu, 23 Feb 2023 11:45:07 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D
date
Thu, 23 Feb 2023 11:45:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 6D67
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0accbe7a-1bb8-4173-a569-36cabf0998ca&gdpr=&gdpr_consent=&gdpr_pd=
1 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0accbe7a-1bb8-4173-a569-36cabf0998ca&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 23 Feb 2023 11:45:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0accbe7a-1bb8-4173-a569-36cabf0998ca&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 23 Feb 2023 11:45:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame 6D67 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:07 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6D67 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 23 Feb 2023 11:45:06 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 3E22 		27 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152705483,,&us_privacy=&cb=1677152707201&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.onlinepc.ch%252Finternet%252Fsicherheit%252Ffake-website-ahv-kreditkartendaten-2842631.html&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.onlinepc.ch%252Finternet%252Fsicherheit%252Ffake-website-ahv-kreditkartendaten-2842631.html&vwndref=&vc=2&js=1&sec=1&kltstamp=2023-2-23%2011:45:7&ranreq=0.6561223969956052&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152705483,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:07 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.onlinepc.ch
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
track
st.pubmatic.com/ Frame 3E22 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1677152708&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 23 Feb 2023 11:45:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
track
st.pubmatic.com/ Frame 59A5 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1677152707&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 23 Feb 2023 11:45:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
i
vid-io-sin.springserve.com/vd/ Frame 59A5 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=f48c2ca1&ps_id=356921&event=js_opportunity&time_on_page=3&num_bq_pt=2&num_dt_pt=2&timestamp=1677152707823&ip=146.20.132.205&_disyn=1&ssid=50ae3614-80d8-4d90-b4c0-25c0ab1f01af.1677152705483&uuid=f48c2ca1-ce30-4d10-8cb3-4a99fdaeba64&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&did=af20f59f-56e5-99e8-0130-b8da3caca79b&_rcc=bs.89820_vp.89182&d=onlinepc.ch&w=400&h=225&cc=US&dtnum=2&ss_region=pdx&a_cc=s.356921&d_m=www.onlinepc.ch&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=7118486
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.1.245 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-1-245.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Feb 2023 11:45:08 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-cle.springserve.com/vd/ Frame 59A5 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-cle.springserve.com/vd/i?suuid=f48c2ca1&ps_id=356921&event=cm_js_demand_req_resp&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=40&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=1&timestamp=1677152707823&ip=146.20.132.205&_disyn=1&ssid=50ae3614-80d8-4d90-b4c0-25c0ab1f01af.1677152705483&uuid=f48c2ca1-ce30-4d10-8cb3-4a99fdaeba64&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&did=af20f59f-56e5-99e8-0130-b8da3caca79b&_rcc=bs.89820_vp.89182&d=onlinepc.ch&w=400&h=225&cc=US&dtnum=2&ss_region=pdx&d_m=www.onlinepc.ch&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=5047177
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.109.236 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-109-236.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Feb 2023 11:45:08 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 59A5 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=f48c2ca1&ps_id=356921&event=js_demand_opportunity&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=1&creative_type=JS_VPAID&_t1=1&timestamp=1677152707823&ip=146.20.132.205&_disyn=1&ssid=50ae3614-80d8-4d90-b4c0-25c0ab1f01af.1677152705483&uuid=f48c2ca1-ce30-4d10-8cb3-4a99fdaeba64&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&did=af20f59f-56e5-99e8-0130-b8da3caca79b&_rcc=bs.89820_vp.89182&d=onlinepc.ch&w=400&h=225&cc=US&dtnum=2&ss_region=pdx&d_m=www.onlinepc.ch&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=3564629
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.50.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-50-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Feb 2023 11:45:08 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-sin.springserve.com/vd/ Frame 59A5 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=f48c2ca1&ps_id=356921&event=js_demand_error&a_cc=s.356921-d.437974&dtidx=1&cc_i=0&response_time=932&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=1&timestamp=1677152707823&ip=146.20.132.205&_disyn=1&ssid=50ae3614-80d8-4d90-b4c0-25c0ab1f01af.1677152705483&uuid=f48c2ca1-ce30-4d10-8cb3-4a99fdaeba64&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&did=af20f59f-56e5-99e8-0130-b8da3caca79b&_rcc=bs.89820_vp.89182&d=onlinepc.ch&w=400&h=225&cc=US&dtnum=2&ss_region=pdx&d_m=www.onlinepc.ch&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=1649229
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.1.245 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-1-245.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Feb 2023 11:45:08 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 59A5 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=f48c2ca1&ps_id=356921&event=cm_js_demand_req_resp&a_cc=s.356921-d.455568&dtidx=2&cc_i=0&response_time=23&wrapper_count=0&has_ad=true&timeout=false&vv=2.0&dtype=2&_t1=2&timestamp=1677152707823&ip=146.20.132.205&_disyn=1&ssid=50ae3614-80d8-4d90-b4c0-25c0ab1f01af.1677152705483&uuid=f48c2ca1-ce30-4d10-8cb3-4a99fdaeba64&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&did=af20f59f-56e5-99e8-0130-b8da3caca79b&_rcc=bs.89820_vp.89182&d=onlinepc.ch&w=400&h=225&cc=US&dtnum=2&ss_region=pdx&d_m=www.onlinepc.ch&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=1031628
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.50.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-50-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Feb 2023 11:45:08 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-sin.springserve.com/vd/ Frame 59A5 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-sin.springserve.com/vd/i?suuid=f48c2ca1&ps_id=356921&event=js_demand_opportunity&a_cc=s.356921-d.455568&dtidx=2&cc_i=0&response_time=0&creative_type=JS_VPAID&_t1=2&timestamp=1677152707823&ip=146.20.132.205&_disyn=1&ssid=50ae3614-80d8-4d90-b4c0-25c0ab1f01af.1677152705483&uuid=f48c2ca1-ce30-4d10-8cb3-4a99fdaeba64&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&did=af20f59f-56e5-99e8-0130-b8da3caca79b&_rcc=bs.89820_vp.89182&d=onlinepc.ch&w=400&h=225&cc=US&dtnum=2&ss_region=pdx&d_m=www.onlinepc.ch&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=5991169
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.1.245 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-1-245.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Feb 2023 11:45:08 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 59A5 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=f48c2ca1&ps_id=356921&event=js_demand_error&a_cc=s.356921-d.455568&dtidx=2&cc_i=0&response_time=669&reason=%7B%22errorLevel%22%3A1%2C%22pmErrorCode%22%3A198%2C%22iabErrorCode%22%3A1&timeout=false&creative_type=JS_VPAID&vec=901&_t1=2&timestamp=1677152707823&ip=146.20.132.205&_disyn=1&ssid=50ae3614-80d8-4d90-b4c0-25c0ab1f01af.1677152705483&uuid=f48c2ca1-ce30-4d10-8cb3-4a99fdaeba64&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&did=af20f59f-56e5-99e8-0130-b8da3caca79b&_rcc=bs.89820_vp.89182&d=onlinepc.ch&w=400&h=225&cc=US&dtnum=2&ss_region=pdx&d_m=www.onlinepc.ch&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=5168574
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.50.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-50-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Feb 2023 11:45:08 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
i
vid-io-iad.springserve.com/vd/ Frame 59A5 		43 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid-io-iad.springserve.com/vd/i?suuid=f48c2ca1&ps_id=356921&event=js_supply_error&time_on_page=1669&reason=NO_FILL&timeout=false&timestamp=1677152707823&ip=146.20.132.205&_disyn=1&ssid=50ae3614-80d8-4d90-b4c0-25c0ab1f01af.1677152705483&uuid=f48c2ca1-ce30-4d10-8cb3-4a99fdaeba64&url=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&did=af20f59f-56e5-99e8-0130-b8da3caca79b&_rcc=bs.89820_vp.89182&d=onlinepc.ch&w=400&h=225&cc=US&dtnum=2&ss_region=pdx&a_cc=s.356921&d_m=www.onlinepc.ch&d_ms=d_wla&ds_w=400&ds_h=225&ds_ms=client&in_v=0&cb=5695188
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.50.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-50-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Feb 2023 11:45:08 GMT
access-control-allow-credentials
true
server
nginx
content-length
43
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
track
st.pubmatic.com/ Frame 59A5 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1677152706&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 23 Feb 2023 11:45:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.onlinepc.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.onlinepc.ch
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 23 Feb 2023 11:45:08 GMT
server
nginx
t
t.lkqd.net/ Frame 9F9D 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.onlinepc.ch
date
Thu, 23 Feb 2023 11:45:08 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
track
st.pubmatic.com/ Frame 59A5 		0
0
ad
v.lkqd.net/ Frame CC9C 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1138444&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60390%2C1%2C&c4=true&c5=&c6=60390&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=92732027&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
35d27195be909465f0ef9d4196dcda5fc8058066c48aa5dbb2114d1699b089e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:09 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1470
vpaid.js
ad.lkqd.net/vpaid/ Frame 82AB 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:09 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1677152709.cds258.fr8.hn,1677152709.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame 5025 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Thu, 23 Feb 2023 11:45:09 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1677152709.cds258.fr8.hn,1677152709.cds288.fr8.c
ad
v.lkqd.net/ Frame 82AB 		66 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1138444&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60390%2C1%2C&c4=true&c5=&c6=60390&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=92732027&m=&rtv=1&thost=www.onlinepc.ch
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
014de95d9717d9c2b1e8dfd437384389c3db917a9e317cf7da90185245338873

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Feb 2023 11:45:10 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
4857
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1138444&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C60390%2C1%2C&c4=true&c5=&c6=60390&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&c18=&c19=true&rnd=92732027&m=&rtv=1&thost=www.onlinepc.ch
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.onlinepc.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.onlinepc.ch
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
date
Thu, 23 Feb 2023 11:45:09 GMT
server
nginx
cs
cs.lkqd.net/ Frame 5025
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=7045801d-afea-4f8b-9c8e-fc47d5ee27bb
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=7045801d-afea-4f8b-9c8e-fc47d5ee27bb
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:09 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=7045801d-afea-4f8b-9c8e-fc47d5ee27bb
date
Thu, 23 Feb 2023 11:45:09 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 5025 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:09 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 5025 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:09 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 5025
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3168208187826533569
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3168208187826533569
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:09 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3168208187826533569
pragma
no-cache
date
Thu, 23 Feb 2023 11:45:09 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 5025
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WQSRHpcoSjJ-bEmIiYCmplFfBSQ
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WQSRHpcoSjJ-bEmIiYCmplFfBSQ
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.128.170 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:09 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=WQSRHpcoSjJ-bEmIiYCmplFfBSQ
Date
Thu, 23 Feb 2023 11:45:09 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame D537 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.onlinepc.ch
date
Thu, 23 Feb 2023 11:45:09 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.onlinepc.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.onlinepc.ch
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 23 Feb 2023 11:45:09 GMT
server
nginx
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=&gdpr_consent=&rp_schain=1.0%2C1%21vidoomy.com%2C60390%2C1%2C7103465933476923556567948017,,&tg_c.language=es&width=400&height=225
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.40.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-40-157.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:10 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
https://www.onlinepc.ch
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C60390%2C1%2C34769235565679480171705297287,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Feb 2023 11:45:10 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.onlinepc.ch
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1677152710051033-568
Expires
Thu, 23 Feb 2023 11:45:10 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1 KB
916 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0%2C1%21vidoomy.com%2C60390%2C1%2C34769235565679480171878680656%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c172620e965eabb11eb6e4584f4309b1991624389c685990d2efdbfec691b739

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:10 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
671
expires
Thu, 23 Feb 2023 11:45:10 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1 KB
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0%2C1%21vidoomy.com%2C60390%2C1%2C34769235565679480171096548142%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aabe761bfd19201c792834044c67006d85595e154f5d70dbbd4c203af7fd82c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:10 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
672
expires
Thu, 23 Feb 2023 11:45:10 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1 KB
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0%2C1%21vidoomy.com%2C60390%2C1%2C34769235565679480171424179542%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
15978da181c417fe0a611e445ab3acc5240a855df30800e929b6b016c0e93716

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:10 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
672
expires
Thu, 23 Feb 2023 11:45:10 GMT
vadtag.html
vpaid.pubmatic.com/ads/video/ 		1 KB
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0%2C1%21vidoomy.com%2C60390%2C1%2C16757052523476923556567948017%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
81d07b57cafc6698a2e6fda943feae354a1fe745cfc074553e3f4aa097f74610

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.onlinepc.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:10 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
672
expires
Thu, 23 Feb 2023 11:45:10 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.onlinepc.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.onlinepc.ch
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 23 Feb 2023 11:45:10 GMT
server
nginx
t
t.lkqd.net/ Frame D537 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.onlinepc.ch
date
Thu, 23 Feb 2023 11:45:10 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
truncated
/ Frame 82AB 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
vpaid_2af1ccba.js
vpaid.springserve.com/production/ Frame 97C7 		510 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.springserve.com/production/vpaid_2af1ccba.js
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2017:5200:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcf8f347aba80b770b545d65de5ce91176d286271173eb6792024531b607e4ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 19:03:16 GMT
content-encoding
br
via
1.1 28e5a05285f99582aabd539b43e9b668.cloudfront.net (CloudFront)
last-modified
Tue, 21 Feb 2023 18:56:38 GMT
server
AmazonS3
x-amz-cf-pop
OTP50-C1
age
146515
etag
W/"7870c654546682712f0f3a21423db286"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2678400
x-amz-cf-id
ALPFb8jRfmCHdUPiy1Tif_OqAGRkT3ccLFhw4iY-OaDmk6sjqihmrg==
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 97C7 		1 KB
896 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152709773,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2af1ccba.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
21daecd8e361e79137e8773e55082b25bb31defdc385e2405f7e58a06228b1ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:10 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
651
expires
Thu, 23 Feb 2023 11:45:10 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 7633 		158 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152709773,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86cf58fa31f5a67cf2cf73c1804d0d2b3c86c6c8a1461ff7caa0f989f0cf02c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:10 GMT
content-encoding
gzip
last-modified
Tue, 10 Jan 2023 05:38:16 GMT
server
Apache
etag
"27981-5f1e24a67517b-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38153
showad.js
ads.pubmatic.com/AdServer/js/ Frame E354 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152709773,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=143132
content-encoding
gzip
content-length
13968
content-type
text/html
date
Thu, 23 Feb 2023 11:45:10 GMT
expires
Sat, 25 Feb 2023 03:30:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7633 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152709773,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:10 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=143132
accept-ranges
bytes
content-length
13968
expires
Sat, 25 Feb 2023 03:30:42 GMT
t
t.lkqd.net/ Frame D537 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.onlinepc.ch
date
Thu, 23 Feb 2023 11:45:10 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.189 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.onlinepc.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
https://www.onlinepc.ch
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 23 Feb 2023 11:45:10 GMT
server
nginx
PugMaster
image6.pubmatic.com/AdServer/ Frame E354 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81785368&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
74149e914df2e2a4c52ccecb892bcfb48cef3dee518717ace8ffb9fee632988c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 23 Feb 2023 11:45:10 GMT
content-length
1785
content-type
text/html; charset=UTF-8
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 7633 		27 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152709773,,&us_privacy=&cb=1677152710341&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.onlinepc.ch%252Finternet%252Fsicherheit%252Ffake-website-ahv-kreditkartendaten-2842631.html&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.onlinepc.ch%252Finternet%252Fsicherheit%252Ffake-website-ahv-kreditkartendaten-2842631.html&vwndref=&vc=2&js=1&sec=1&kltstamp=2023-2-23%2011:45:11&ranreq=0.43053292526969167&timezone=0&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152709773,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:11 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.onlinepc.ch
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
Pug
simage2.pubmatic.com/AdServer/ Frame 84D5
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 23 Feb 2023 11:45:11 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 23 Feb 2023 11:45:11 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cookiesync
core.iprom.net/ Frame 7C89 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Feb 2023 11:45:11 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-74a6893c95d9@version_1.536v2
X-core-time
1ms
X-server-arch
v2
cm
ipac.ctnsnet.com/int/ Frame 0EF8 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Thu, 23 Feb 2023 11:45:10 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
i.match
a.tribalfusion.com/ Frame F3C6 		0
0
pub
matching.truffle.bid/sync/ Frame E8C7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.40.26 -, , ASN (),
Reverse DNS
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Thu, 23 Feb 2023 11:45:11 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
RX-43855d9c-8a77-423d-8e28-eac1cff793a6-003
sync.targeting.unrulymedia.com/csync/ Frame 5952
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1677152711345
  • https://ad.turn.com/r/cs?pid=45&rndcb=2115861727
  • https://sync.1rx.io/usersync/turn/3168208187826533569?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-43855d9c-8a77-423d-8e28-eac1cff793a6-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
0
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 8033 		0
0
qmap
sync.crwdcntrl.net/ Frame E354 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.76.249 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:11 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.30.230
content-length
49
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame E354
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8919b7d8-78e1-4a67-aee4-30876089e014&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8919b7d8-78e1-4a67-aee4-30876089e014&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 23 Feb 2023 11:45:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8919b7d8-78e1-4a67-aee4-30876089e014&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 23 Feb 2023 11:45:11 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame E354
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3168208187826533569&gdpr=0&gdpr_consent=&us_privacy=
1 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3168208187826533569&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 23 Feb 2023 11:45:10 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3168208187826533569&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 23 Feb 2023 11:45:11 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
getuid
secure.adnxs.com/ Frame E354
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
0
0
track
st.pubmatic.com/ Frame 7633 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1677152711&wa=0&vadsId=-1&e=95&isAk=0&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 23 Feb 2023 11:45:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
vadtag.html
vpaid.pubmatic.com/ads/video/ Frame 97C7 		1 KB
896 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152709773,,
Requested by
Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_2af1ccba.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f05294fb373b8d309e0c0fcd947e6a1eb28aa51359dad9423ffa0fd28880dc1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 11:45:11 GMT
content-encoding
gzip
server
Apache
etag
"23da-5e7fbf52c16e8-gzip"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.onlinepc.ch
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
651
expires
Thu, 23 Feb 2023 11:45:11 GMT
track
st.pubmatic.com/ Frame 97C7 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1677152710&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.221 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 23 Feb 2023 11:45:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame F194 		158 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152709773,,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
86cf58fa31f5a67cf2cf73c1804d0d2b3c86c6c8a1461ff7caa0f989f0cf02c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:11 GMT
content-encoding
gzip
last-modified
Tue, 10 Jan 2023 05:38:16 GMT
server
Apache
etag
"27981-5f1e24a67517b-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
38153
showad.js
ads.pubmatic.com/AdServer/js/ Frame E0FE 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152709773,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=143131
content-encoding
gzip
content-length
13968
content-type
text/html
date
Thu, 23 Feb 2023 11:45:11 GMT
expires
Sat, 25 Feb 2023 03:30:42 GMT
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame F194 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr==&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.onlinepc.ch%2Finternet%2Fsicherheit%2Ffake-website-ahv-kreditkartendaten-2842631.html&schain=1.0,1!vidoomy.com,60390,1,1677152709773,,
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 11:45:11 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=143131
accept-ranges
bytes
content-length
13968
expires
Sat, 25 Feb 2023 03:30:42 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E0FE 		451 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86169700&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bbae93786ebab7b10b32784ff6b4712650ff1c08141ae3986f02c9a2ffb8290b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 23 Feb 2023 11:45:10 GMT
content-length
451
content-type
text/html; charset=UTF-8
bridge
cm.adgrx.com/ Frame 103D 		0
0
cm
green.erne.co/pubmatic/ Frame B75F 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 304C
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FEBE5E88D0C843DE8AD00049B4C96925&gdpr=0&gdpr_consent=
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
onlinepc-ssl.wemfbox.ch
URL
https://onlinepc-ssl.wemfbox.ch/cgi-bin/ivw/CP/internet?r=&d=13953.746542741397&x=1600x1200
Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b512174030938010/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D
Domain
dsp.adfarm1.adition.com
URL
https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABkZ07H7qQAACLi7BpYAw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0
Domain
a.audrte.com
URL
https://a.audrte.com/p
Domain
st.pubmatic.com
URL
https://st.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1677152707&wa=0&e=96&ier=901&vadsId=[ADSERVINGID]
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-43855d9c-8a77-423d-8e28-eac1cff793a6-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-43855d9c-8a77-423d-8e28-eac1cff793a6-003
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
green.erne.co
URL
https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FEBE5E88D0C843DE8AD00049B4C96925&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

252 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 boolean| credentialless function| $ function| jQuery function| DP_jQuery_1677152703472 object| test_data object| BKS object| BKSDebug function| BKSFlex function| BKSHoverTeaser function| BKSMehrWeniger function| BKSNavbar function| BKS_init string| simple_form_id string| extended_form_id function| copy_simple_query_input_to_extended_query_all_input function| copy_treenode_filter_to_extended_form object| jQuery18202445706776857295 object| cookieconsent object| FB object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing boolean| canRunAds object| _gscq string| NETMX number| abpuser string| abpuser_dimension string| GoogleAnalyticsObject function| ga object| dataLayer object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal string| suche_ajax_url boolean| use_test_data number| ioc67fv function| _io_get_random_int function| _io_track_tags function| _io_track_exception_new function| _io_track_exception function| _io_reference_time function| _io_reference_time_many function| _io_track_uniques_new function| _io_track_uniques_holding function| _io_track_uniques function| _io_push_previous_page function| _io_track_time function| _io_cookie_end_day function| _io_getCookie function| _io_setCookie function| _io_get_properties function| _io_push_utm_data function| _io_same_host function| _io_page function| _io_author function| _io_get_page_type function| _io_device function| _io_start_page function| _io_referrer_group function| _io_source_for_referrer function| _io_meta function| _io_referrer function| _io_lifetime function| _io_track_queue function| _io_browser function| _io_last_visit function| _io_user_type function| _io_track_readability_on_scroll object| _io_foot_object function| _io_track_read function| _io_decode_escape_sequence function| _io_track function| _io_track_to_holding function| _io_track_once function| _io_track_once_k function| _io_track_batch function| _io_slice_delete function| _io_slice_push function| _io_search_get_parameter function| _io_query_to_array function| _io_slice_get function| _io_url_utm_replace function| _io_unique_action function| _io_slice_value_prepare function| _io_element_traverse function| _io_slice_language function| _io_galery_pageviews function| _io_pv_ajax_detect function| _io_user function| _io_init_ajax function| _io_get_browser_version function| _io_push_previous_author function| _io_push_previous_post_id function| _io_get_previous_post_id function| _io_debug function| _io_slice_set function| _io_replace_to_html function| _io_get_video_api function| _io_track_youtube_video function| _io_track_html5_video function| _io_track_jwplayer_video function| _io_cookie_match function| _io_cookie_indexOf function| _io_cookie_set_value function| _io_get_location object| _io_slices object| _io_livelistener function| _io_t object| _ioT function| _io_load_page_content function| _io_debug_on function| _io_debug_off function| _io_is_debug function| _io_dev_mod_on function| _io_dev_mod_off function| _io_is_dev_mod function| _io_qsafe function| _io_in_array function| _io_intercept_ajax function| _io_loadCDN function| _io_clone_object object| _io_parse function| _io_q function| _io_qa function| _io_for object| _io_location function| _io_block_tracking_new object| ioEndless object| ioGallery object| _io_getAuthorFrom function| _io_track_reference_time function| _io_postmessage_listen function| _io_track_traffic_quality object| _io_video_tracker string| _io_url_track_slice undefined| _io_previous_page_exp number| _io_depth string| _io_user_id string| user_status function| _io_start_page_url boolean| _io_widget_hash string| disqus_shortname string| disqus_identifier string| disqus_title string| disqus_url object| __buffer object| gaplugins object| gaData object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| teads_analytics object| teadsscript function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share object| addthis_config function| setUpObserver function| addForceClose function| callPlayers function| __tcfapi_8928924878912 object| vpaidLoader string| _io_uniques_holing_params number| audienzzCheck object| audienzz string| addthis_services_loc string| addthis_services_loc_mob object| addthis_translations object| YK object| YKConf object| Jaml function| hideYK function| fadeOutYK function| fadeOutYK2 function| setOpacityYK function| fadeYK function| fadeInYK function| ykShow function| ykHide function| getElm boolean| __@@##MUH object| teads boolean| _io_test_track function| disqus_config object| DISQUS boolean| obMonitorLocalstorageCleaned object| vmConsentCookieFinder function| xDomainCookie object| VM object| lkqd object| mobile_blocked_mfs function| lkqd_http_response object| regeneratorRuntime boolean| __v5k function| vl_cB function| vl_disable function| vglnk_16771527056176 object| vglnk object| YIELDLINK object| YIELDWORD string| request object| img object| iframe string| lang object| _io_widget object| _io_blocks_view_track object| results number| time_read object| GoogleGcLKhOms undefined| vglnk_16771527061627 undefined| vglnk_16771527062929 boolean| _io_finished object| google_image_requests string| linkDomain

78 Cookies

Domain/Path Name / Value
www.onlinepc.ch/internet/sicherheit Name: vidyk
Value: 1
www.onlinepc.ch/internet/sicherheit Name: svidyk
Value: 1
www.onlinepc.ch/ Name: __io_lv
Value: 1677152703732
www.onlinepc.ch/ Name: __io_uid_test
Value: 6
www.onlinepc.ch/ Name: __io
Value: 598b2d04d.30400843e_1677152703733
.www.onlinepc.ch/ Name: _io_un
Value:
.onlinepc.ch/ Name: _io_un
Value:
www.onlinepc.ch/ Name: _io_un
Value: 23
.onlinepc.ch/ Name: _ga
Value: GA1.2.59556593.1677152704
.onlinepc.ch/ Name: _gid
Value: GA1.2.796581085.1677152704
.onlinepc.ch/ Name: _gat
Value: 1
.tt.onthe.io/ Name: io_uid6360bc465d234fd64f819d34a25bf7ff
Value: 23
.tt.onthe.io/ Name: io_user_hash
Value: 598b2d04d.30400843e_1677152703733
www.onlinepc.ch/ Name: __atuvc
Value: 1%7C8
www.onlinepc.ch/ Name: __atuvs
Value: 63f751c0a4235a47000
.onlinepc.ch/ Name: __gads
Value: ID=3683e23af55ac4b0:T=1677152703:S=ALNI_MYH3HqVoPuXGUVuIBdxAOcdviypew
.onlinepc.ch/ Name: __gpi
Value: UID=00000bbb0a1323e7:T=1677152703:RT=1677152703:S=ALNI_MblSB6sVsR5zWuO9X_IkE6bQV7hwQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnbIc5LGcOHsYkt8w8hiKDUAmlfJB0Zk32JVq3JAgwxcejsux3CWos6ISWs1WU
.addthis.com/ Name: uvc
Value: 1%7C8
.adnxs.com/ Name: uuid2
Value: 5361429147399700336
.bidswitch.net/ Name: tuuid
Value: 0accbe7a-1bb8-4173-a569-36cabf0998ca
.bidswitch.net/ Name: c
Value: 1677152704
.bidswitch.net/ Name: tuuid_lu
Value: 1677152704
.ads.stickyadstv.com/ Name: UID
Value: 8faa6410cb7d7c8572a58b8fd184d8c
.addthis.com/ Name: loc
Value: MDAwMDBFVURFTlcyMzEyMTg3MTAwMjAwMDBDSA==
.adnxs.com/ Name: icu
Value: ChgIrtFMEAoYAiACKAIwwKPdnwY4AkACSAIQwKPdnwYYAQ..
.mathtag.com/ Name: uuid
Value: f26263f7-51c0-4500-819d-04b3237daec0
.turn.com/ Name: uid
Value: 3168208187826533569
.api.adnz.co/ Name: adnzVisitorId
Value: 8334995570205483040
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjBhY2NiZTdhLTFiYjgtNDE3My1hNTY5LTM2Y2FiZjA5OThjYSIsImV4cGlyZXMiOjE2Nzk3NDQ3MDV9fX0=
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-5904911e-9728-4a32-7e6c-49888980a6a6.rVkMz%2BIRa47vEpO7Uosa0dmGdt31d%2FClRDmnrk76FB0
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AWQSRHpcoSjJ-bEmIiYCmplFfBSQ.a0XnCfLAJIPQKYihpCyWrQbMt9JmR%2Btrivt8z7Lj%2FpM
xd.adnz.co/ Name: adnzVisitorId
Value: 8334995570205483040
.ads.stickyadstv.com/ Name: pxId
Value: 7169
www.onlinepc.ch/ Name: _io_s
Value: 1
.rubiconproject.com/ Name: khaos
Value: LEH1F1ZX-16-1008
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3MuYwW3hdD/wrDf4jKkIRTHRlDr0gOYsghL4EcqWEmd5aB+j6fr8oKNTib78Uph9kpOSjnOu+eDpsB1toNd2PA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D
.fiftyt.com/ Name: fifid
Value: d677ac30-d982-40dd-59b4-954aec2c2e62
.fiftyt.com/ Name: cs
Value: MTY3NzE1MjcwNnxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fBJSDLW1YqK5hKcH8gw-n-PK72ObRX3CzAzyVmzb4VcL
.fiftyt.com/ Name: fppm
Value: 20230223114506
.simpli.fi/ Name: suid
Value: FEBE5E88D0C843DE8AD00049B4C96925
.yahoo.com/ Name: A3
Value: d=AQABBMJR92MCEG8Mwl-ggyhQmfjP69fSUQoFEgEBAQGj-GMBZAAAAAAA_eMAAA&S=AQAAAieB9BwyFp_Wd0lxsLPBiJA
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:f26263f7-51c0-4500-819d-04b3237daec0&KRTB&16736-uid:f26263f7-51c0-4500-819d-04b3237daec0&KRTB&23019-uid:f26263f7-51c0-4500-819d-04b3237daec0&KRTB&23114-uid:f26263f7-51c0-4500-819d-04b3237daec0
.adform.net/ Name: C
Value: 1
.de17a.com/ Name: guid
Value: 1.6963015184779666125
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2a5n
.adform.net/ Name: uid
Value: 1772418508129252778
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-1772418508129252778&KRTB&23263-1772418508129252778
.onaudience.com/ Name: cookie
Value: b512174030938010
.onaudience.com/ Name: done_redirects161
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6963015184779666125
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEC41hO-fBeqGcIDqrv8s00I&KRTB&22987-CAESEC41hO-fBeqGcIDqrv8s00I&KRTB&23025-CAESEC41hO-fBeqGcIDqrv8s00I&KRTB&23386-CAESEC41hO-fBeqGcIDqrv8s00I
.pubmatic.com/ Name: SPugT
Value: 1677152705
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: pp
Value: 156498
.pubmatic.com/ Name: PMDTSHR
Value: cat:
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: DPSync3
Value: 1678320000%3A197_219_221_201_226_227_235_241
.pubmatic.com/ Name: SyncRTB3
Value: 1678320000%3A166_220_71_54_8_251_21_55_161_3_233_22_13_7_56%7C1677715200%3A223_15%7C1678406400%3A35%7C1677974400%3A63%7C1679702400%3A203
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5361429147399700336&KRTB&23339-5361429147399700336
.quantserve.com/ Name: d
Value: EMYBCwGuKPijAA
.quantserve.com/ Name: mc
Value: 63f751c3-4edff-cea48-56292
.weborama.fr/ Name: AFFICHE_W
Value: y4AWry59FnDL73
.zeotap.com/ Name: zc
Value: 91a6e70b-de78-461e-7bbd-04d9b6cb9562
.rqtrk.eu/ Name: browser_id
Value: 1:7f689592-805b-443e-97fc-e390d9274c5a
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-NiFcjTUjWYktJl_eZnQX2WVzDoItJwyIOSBzgHxi&KRTB&19420-NiFcjTUjWYktJl_eZnQX2WVzDoItJwyIOSBzgHxi&KRTB&22979-NiFcjTUjWYktJl_eZnQX2WVzDoItJwyIOSBzgHxi&KRTB&23403-NiFcjTUjWYktJl_eZnQX2WVzDoItJwyIOSBzgHxi
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-0accbe7a-1bb8-4173-a569-36cabf0998ca
.pubmatic.com/ Name: PugT
Value: 1677152706
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-WQSRHpcoSjJ-bEmIiYCmplFfBSQ&KRTB&23334-WQSRHpcoSjJ-bEmIiYCmplFfBSQ&KRTB&23417-WQSRHpcoSjJ-bEmIiYCmplFfBSQ&KRTB&23426-WQSRHpcoSjJ-bEmIiYCmplFfBSQ
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y-dRwwAJG9ktRAAb
.bidr.io/ Name: bito
Value: AABkZ07H7qQAACLi7BpYAw
.bidr.io/ Name: bitoIsSecure
Value: ok
.semasio.net/ Name: SEUNCY
Value: DA1820A20153AEB4
.amazon-adsystem.com/ Name: ad-id
Value: A_Bl5iI9mEaqufUjGdq7Vg4
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.csync.loopme.me/ Name: viewer_token
Value: 7045801d-afea-4f8b-9c8e-fc47d5ee27bb

4 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022102.js?cb=31072624, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://onlinepc-ssl.wemfbox.ch/cgi-bin/ivw/CP/internet?r=&d=13953.746542741397&x=1600x1200
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=E8D8E570-B9B4-4EF2-A7E2-2C8CD305474D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

65ca03a27a67da26bde4694b729e8ad8.safeframe.googlesyndication.com
9f905641ea9cf2112ec71d0125f9622c.safeframe.googlesyndication.com
a.audrte.com
a.teads.tv
a.tribalfusion.com
a.vidoomy.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.lkqd.net
ad.turn.com
adnz.co
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
ams3-ib.adnxs.com
api.adnz.co
at.teads.tv
aud.pubmatic.com
bh.contextweb.com
c.disquscdn.com
c1.adform.net
cdn.onthe.io
cdn.viglink.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
core.iprom.net
cr.frontend.weborama.fr
crcdn01.adnxs.com
cs.lkqd.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
disqus.com
dnlgm0m0r44nl.cloudfront.net
dsp.adfarm1.adition.com
ea3d0c385453ea37c6d816baec9d3394.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
green.erne.co
hades.srvtrck.com
i.srvtrck.com
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.intellitxt.com
ipac.ctnsnet.com
js.srvtrck.com
k.intellitxt.com
links.services.disqus.com
m.addthis.com
match.adsby.bidtheatre.com
match.adsrvr.org
matching.truffle.bid
mcdp-nydc1.outbrain.com
mwzeom.zeotap.com
odb.outbrain.com
onlinepc-ssl.wemfbox.ch
onlinepc.disqus.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
referrer.disqus.com
s7.addthis.com
search.srvtrck.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
st.pubmatic.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
t.lkqd.net
t.teads.tv
tcheck.outbrainimg.com
tpc.googlesyndication.com
tt.onthe.io
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
v.lkqd.net
v1.addthisedge.com
vid-io-cle.springserve.com
vid-io-iad.springserve.com
vid-io-sin.springserve.com
vid.pubmatic.com
visitor.fiftyt.com
vpaid.pubmatic.com
vpaid.springserve.com
widget-pixels.outbrain.com
widgets.getsitecontrol.com
widgets.outbrain.com
ws.rqtrk.eu
www.google-analytics.com
www.google.com
www.googletagservices.com
www.onlinepc.ch
x.bidswitch.net
xd.adnz.co
z.moatads.com
a.audrte.com
a.tribalfusion.com
bh.contextweb.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
dsp.adfarm1.adition.com
green.erne.co
onlinepc-ssl.wemfbox.ch
s7.addthis.com
secure.adnxs.com
simage2.pubmatic.com
st.pubmatic.com
sync.crwdcntrl.net
sync.targeting.unrulymedia.com
t.lkqd.net
13.225.84.104
134.209.207.35
141.95.97.231
142.251.39.66
146.20.128.170
146.20.128.189
146.20.132.205
146.75.118.132
151.101.0.134
151.101.66.49
151.139.128.10
157.90.40.26
178.250.1.9
185.29.134.248
185.64.189.110
185.64.189.221
185.64.190.75
185.64.190.78
185.64.190.80
185.64.190.81
185.64.190.87
185.89.210.244
185.89.210.82
188.40.114.52
195.5.165.20
199.232.192.134
199.232.192.64
199.232.196.134
2.18.36.193
2.18.79.139
208.82.75.19
213.155.156.165
23.203.124.180
23.203.125.36
23.203.125.62
23.206.208.114
23.35.229.181
23.35.229.56
2400:52e0:1e00::1079:1
2600:9000:2017:5200:15:6f6c:b180:93a1
2600:9000:211a:e200:6:8656:f5c0:93a1
2606:4700:10::6816:1957
2606:4700:20::ac43:44e1
2606:4700::6813:a860
2606:4700::6813:a960
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c00::9a
2a00:1450:400d:802::200a
2a00:1450:400d:806::2002
2a00:1450:400d:808::2002
2a00:1450:400d:808::2004
2a00:1450:400d:80c::200e
2a02:fa8:8806:13::1370
2a03:2880:f084:d:face:b00c:0:3
2a05:d018:d29:3601:d295:c4e8:8fc9:991a
3.126.56.137
3.19.54.139
3.222.50.168
3.33.220.150
34.111.129.221
34.111.131.239
34.193.119.217
35.186.193.173
35.201.96.126
35.204.74.118
35.214.223.115
37.157.5.141
46.228.164.11
52.208.76.249
52.21.182.101
52.222.174.62
52.28.194.209
52.38.109.236
52.58.40.157
52.59.131.191
52.76.1.245
52.94.220.185
65.9.66.21
69.192.161.152
70.42.32.223
77.243.60.138
92.123.36.4
95.217.0.30
98.98.134.241
014de95d9717d9c2b1e8dfd437384389c3db917a9e317cf7da90185245338873
023293746b599197936dc1c12fabc1f310c697a4cb330d3eea652468b9c322e7
032847763403de7c70cd79ece6446ca463e3228f171a92a285da989ea9d19971
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05512b3243270ffb35d8964b37293eb62b7ad4dcc79494555160eb37a690f8a2
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
05de4162e6f9e62152d9f1d28e0dcaf05bf73cadd468867c179fe6f02979d34b
068753b8f09b32ad8a3283199c7252090d0076a56924df724dda72828ae31b95
0782a52179d0e25f19c39b43253795b25787d65abdbd8bfa38be0f21a4512748
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0960280b6290ce6f7efc642d34e8fa7e6e3d297ff0c2199ccb4a594269275b27
0a2a96913a4e33f2f1795bf318e7c06c551e882d3b3392ca0136750466f9bcee
0db01a75a1aad08076ca94c9e2569a65fc90de3413a309ee9f995349a63a6233
10fe36278af5ec590acb10c83ed5f99e70a4f07943cd465402d24d42c4392153
113a1911ede3f6ac77fc3bb8de06c25cb88b9064d30283d5dbab4a39d7058501
120ba29ed579b0cda11cfbd53dacb62bb36054b3325eac927ecfaa44c5cf60a3
14884600e50a1b1674027761700ee08ef921fc9fed8e76945e73b5ff9b69b34e
14dbf9aba8c4d30029eef850b19a3f9527bc781404d7ca6b83d935d892161cb1
15978da181c417fe0a611e445ab3acc5240a855df30800e929b6b016c0e93716
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
1687b46329e28a6afe7bad32f34e753b276dd268e0679784b4da7fb8e00e465c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19692a61dcf1339eb382161e3b77b69a2987d652e202a16ee929eadeab190be1
1a226a94f169eabff113e070c5638dd8ac7697830a89ddc38cdd78a5c1a9e5ed
1ab347aba2bf89f1539fe9955ff85b7c7c98a3f3c9d3a5c288532104a72ebb1b
1cbf531b6b3aba1915e36df8341335686691fb510c35172f087d251da8b0fc58
21d7d499dee467b8317128fe33793e161f695df069b16cb69ba94208dc337f49
21daecd8e361e79137e8773e55082b25bb31defdc385e2405f7e58a06228b1ab
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
2289b94b0f245d3078128fbdd2a5c59648ddd94ac1a7dd749b2375596ac8d562
23604d207127f6b1cb6b56f6a49b343f30dc1305e84db3f72e922008693b6d91
24004a5afee4a93d03dc240e348b9b61a46e8e2758a8a47bb8051596140c862c
2425c78aad6b94782694a0e7d68d09a11cf06bdd7d1481c1ea7dfbd00e4e9171
25aaad467cdcdd392c18289996c11934f2f75ad69cd6dbb445c3d0d27da469d3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
291f0bb62ad54d73908d72fada48a6cda614652f9060b4ab5e881abe34cc6822
29cf63b3a3f220aa82357afebcfda1a2499327ce2429680ab58af2a87ed19f23
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2be2329c944bd20bcab9ef7ca1c4e1d3acf16f0599bcb5f759a20f99fe70c40e
2d3070eab0ce8f9c67b132be48b896e97135fe9e881aba5064baa2cc5e8588e6
2e62701a8960993b59b03e6845015081a12abe943bd2f1d08fed0260b0765a91
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
354d430ec0c10e1f936f1b49e7330c05577194ff48af3e74ea82b87d6630a6cc
35d27195be909465f0ef9d4196dcda5fc8058066c48aa5dbb2114d1699b089e1
3acdcd78319f96c517838464e5e5ea8a2c2450c288f15193f82965cc2a8541ca
3ca3af39055b0c3892b638cef15362a4407dd28cba15a5d2f7cc246f67fe28e6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46e0e1da2207bbe6cd03d6f56eab64723dc872d00ad2b59f28994e0acb383d53
47a8dfabca2f8d1e2ec019f70dec67f914c4b5d8b392c4ac63610346b5f02f82
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf
4bc8764e5970ae09d2e44535e34c70b69ab9046004024182363f0dc4563aa92e
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4cf72a9925ae071c1bf2a8ae662d3921f3bcaff6c8f8dc9578a8faba28ead7aa
4d33e3cdb43e5161aa88e911d45d5206b1f0b5cb5840dcfe262e5fa92504ec07
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4edf8bccd2b5a6eac4427ca26047da43d47ea268483e7b06d4e870eff33f1123
518ae679102e86f7f239e7520c3cfa186bca295dd019714befcdf45d4b2038d2
543abeef28a44ee51ddf1544f0f97cc6d1f6167b5e5ed2d487f1046c72f6f5d0
54456556640a2a051e8222dc7e15f43dad3c80560b704b291bb2596d7c0be418
54704054973fcc83365416f45a3867ae94c536007cc30e6d227bff5bbdbebb9d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5599c90089f624e931b62e736d3d8d5026e3303b92e76fb17d0030c8b905c2ef
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5aeccd2ca34fb7ba2049ac9a11d28598674c3edde575433bc28eb9ee70fe5180
5b71c19d595f3974e451b910169a56f63bce6a92f599d8aee536f2b8ce625449
5bb89190761d74983e9c9f7984657e05929702c0332f2ed5a5b4b6fd8ce067a4
5cd2e99083b8c16e96511189af9bd4e2aaf771ea3d62ffe756105c765019c243
5dcac0dfeb8ab048f8021531edaaf36ecb0a881dc0bd7ba88a15c85019a65b73
5e553520f6bdde8f4edfd998cce3583a4d4999de51e9b24208116b84b1a20fa8
5ef5073c6e8dcffe3f6e5c98082c0ff1e5f030aad0d0008d30e3140085c84917
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62decd6acca41ca95c6424e00f62f9955d4a1a1ab0696d73fba05eef988c19eb
657ce65f87e54b2a6c1bc0db7a92f6c8a5dfa40906a7da8b7a897741ff32d3bd
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
6816996e2b893f613c4e559569fef68d6e04597871446f3f2e42f80ba58c3765
6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0
6a3502f45cd580a77e61ac5eec75a7ea699c27e295596806b514d3a04d89165b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6d47ea57f6215c107b29113e794fb0c1246cf9a9684dc42df06e0037d9075b51
6dea4d5b3cac05a417c5a1f855bda842303ab1467932ba4c605473f42dc9b46f
72f0e247d50e9e97c2a112df8121a8d0ba1ddfe40212fd43228c8b7d3553de1f
74149e914df2e2a4c52ccecb892bcfb48cef3dee518717ace8ffb9fee632988c
74461248f0a3edd43acbe67fbd98bb8bc6f26bb6b2e8b948c4757724717bde5c
7516842ff556ff708e84893bf1006bf21e38f04a3374d64b64fb4db461b8c49c
77069383f7e84d1f76a6ff76b379121f39ac3bedc190cc0ed764c36b5daea6e2
78e28273ea4d562d76e1af653c76f12e919bb7e2062c372e8e8008dafd4bf8de
7980b26081745422d7913a06f939c1a2e4ccf1732eafac2e0ab903c9bc8a7d06
79f255c28e3abc6380e02331d96f471f6e7fcb8f8a30375e564416252847dcfc
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7b869d28bed42c678d881d46cedd0793596a19877f31cb24ccf8feb1d5604c2b
7c0f42ef8bd048760af925d3e49a45f9d2c37493ad339388579b325aca098e8b
7c49e7ed12bb0f16ebb5801e3f43d5fd20bb69a5b94f61dea1efebe37f6b53be
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e562d1a87f2d91f6e06f6f1361d282f934370dab3e5984b9daf04b37d9253d4
81d07b57cafc6698a2e6fda943feae354a1fe745cfc074553e3f4aa097f74610
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848e123a2428512f3fad3be4d8a358fc01962f4913f35607db6513acfa04073a
853a5b7955e180299f3bb9c6716a7d77590898a6f363a80dd15a39bb9c0bbacb
86cf58fa31f5a67cf2cf73c1804d0d2b3c86c6c8a1461ff7caa0f989f0cf02c6
890d2445f0a2caf29cf055260df394568f3e6db3fa4b4c87481220420dccf8a2
89123b6cafaa1881ad98a6602abd22a285be12889815b7494c53bbce73f1cd42
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a6fe34be8aedc6af3845f58ceb3771cf294ce86ee852cd787356a853b5963e4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
901c17727aad1ff7e38a0024de2517084acfe7c88c120af008d8364cc0eb7988
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
91e5a0a7c3792065844c3a20b2ca8cf782439b8cc526c9f99f785b679288768a
927658fe940c899225567ad7885c40a7871dee09c2b9f00d31f7ca62d1f424fc
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
950fd46d2bc2bcd090e764e0c17e43c2704caff2d3cb626d7f08eca854e7c19a
96cefd124a4c71ef95d53ab0f9484a7b96257e42077881e7bd6c7bd806252f39
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98c5d085af0203422d443dce1c737ac861630fe6aada284508ca1db3558bde8f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bf8226d2ae09da4f68db26eaf731fab661bff16b1282d1f7c07bf460565fba6
9c72aa9048dc4cb5f976e7b1a5be738cdc5429f35291261fab0036d077afaa51
9d47b67180b8ba638f81b41f51e77b970860ca5a6a86055a392c77f0a3ac71dd
9e66ee7919e7d3433bfa7abc394f914a6daef71b0877468ed92c8c0b04d5902e
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
9fd8c589bbcde7671ad14542ed1081c4904102d62f401289eb190e9f0aa258f1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a205b7c9729e477a3e2f20c2f7b1380da03176c008161d1cf61862cfdca21979
a2e448fdefe983611c04c00698403d210ee20e53f388f4446f15300fd5fcea5e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a657bedd3bc0c106f7cfa5fe6556a0b7e175870d33bd7da9ef67ffcffbafda69
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a72a5cf4f07413230cea927558111132bf84b2b51b51df62cd182cc53fb4d61a
a935d6e6d77125e243d726875fc3e321f9df7f8b2a6a47b9555993e89a65ccf7
a99083f6af7e983130c6040b095527906ed69db5bb7ed29bd5476ec7612906cb
aabe761bfd19201c792834044c67006d85595e154f5d70dbbd4c203af7fd82c2
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
acf59fc0c783f301c9c29c076ed1dffb35db7d8748b696074087ca30e2e672e8
ae12ea01455d3d812da0b713afbe3d129cfb9e890e2525fdadaa06208ec3bb05
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe9372ec3e19170c0cf096cc7dbb08dc0bdd348aaa90e70f4f49d43f3a65c31
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0766927d2923c80796929e1e59e9e343739974f9832ad977981adc2593d71bf
b0cc2a9df3dab3ff559d1a7e874b75d4bb70acc216c5cc6582be1acb2ac7be66
b17d52df8e06d73030e2a943fde2da8e84ef0dd36bcf478110974c66fd9190c3
b555044cd3774eae399de02e059d4629fc78fa3dc21e9e856d731d37a665deae
b58adfc8c469954318cf589569676e6affe4a2813307810803e4c361d0454427
b7d180b9d0b2c1d1dbba77463d37f9cf96b7a1bd8c5792baad131d2ecda3e58f
b7e836296db02afbb8a92958babed03e9bccfee2463ca07f5c365ed2f2acae0e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbae93786ebab7b10b32784ff6b4712650ff1c08141ae3986f02c9a2ffb8290b
bc7ff406111490426c0045d8e4f6d238421928cc51a4a3e9f679a100476a3466
bcf7f04d906c56a68263fc6bb670d2cd427a6bfeed6e7d7f39d09a7e85644496
bcf8f347aba80b770b545d65de5ce91176d286271173eb6792024531b607e4ea
bd2717d6c9540ef58d7a2551925e8756b072e2a2efe80e6813b7f0319f5f5df9
bf642ca9c8b984b1a730c8f26428a17f4688c1f153a0d054873abe8eff5e6041
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c11cb8a2559b0ede513d84f4c2436af3b10ba523fe5541351f036a95a4184d73
c172620e965eabb11eb6e4584f4309b1991624389c685990d2efdbfec691b739
c1c15ca7bbcfae21c26ce996b8669d92b4f5b0a12ba9713389ebd0eea4722a8f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c76dd3af34e60ee39478311c7a8091bc60e114b2b2f4542e4b9ad1888eed2a00
c7de2ed5db2db3f7a04eaf50074fd14c4b4c4403483feca0f43cf69a67fe513f
caba961cf71d7213df26fc8d5f11212204b5968f62698056ce768dada4656676
cd00fd2c963c4db9f70d4cc8bc3fa4749adf65dc300fe0fe37dfb0a120a1c609
cd45713beee6c2428f11ad6444c6e2a6bbe1bfad330e68002052e9832a5dcc03
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d09f84c34ab4d374f53db08a7081622db98d8b6a287598d8a0fe577ff9277fc5
d0ece19f34d050ad12d9ae4268b8f6ae6603207e0189b9b72d38ce2c7b762795
d543bebac225aada07ce7e39ad3027d47d7d158a57867d826998e58c8591736e
d5a7cc696cc787ac4e83b82730b8a1a3bd961c29a2d13f52d224b8e3103d5b0e
d7fe52725ee90b6c03583a1f2bfb702392fe73adb6c86e7e4760ae7c74f2e662
d965d2bdfa49e5e8c3b14f0a35de81108e842a56fed012f2b19daa9ee1c581f2
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
ddc8e721a8d1bc70e6be80f2439d0df0f16d8d2a0021bb6c0467a46a2ff71d70
dfdf868102c3fd3d0d63cb7076e38e485389ea096873f44a0a6ce1ae82dec5dd
e11ff4994eb834c21f0fdc5d36cf8f570938db856c84e28febd1598b54b84cfc
e15cf316adeb182e84073739952937e2df39cab3d6c2620e60be991058ddec13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e8ec7865f2d8dffcd47b65e40efda889633cc02962596a6bf3d1be6d19a6dd
e440c066b4889afc33b85d8b59cfcc865075b9ae039333a64047bd1174c0d034
e4b238270008352130b042f35d5c2cda566b4d6ce975704d6cea1eac5a9938ce
e5f14064da406702ee9acc77e93d9d2225efaa78579bfe5dbc3a6657c464de83
e74aad7eedeb94eab0fbb3d4435ff67c95dee259361fd21effd45bcd64424c24
e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097
eaa7186e271b3e79f4ef394bf270cab9884d5ca32c63915498217bbdea2347a9
ed9b3e509c73f42dd5803926eaaff99b3eb59e2815ace5970e6b2a106998d327
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05294fb373b8d309e0c0fcd947e6a1eb28aa51359dad9423ffa0fd28880dc1d
f07bf754fbb69653c3c8a65cac3b0205421acff8cd7902e169fca07ffd5c7517
f0961b5825191738445c0d25df8db12b5c2c21862e6002a422d8e8cf70a8538e
f180cac1d519ddf64ea6f43c0f00d7eef60fa90ee9ecd6664f2e0f0c5ae82e37
f1afabdbc9ffd54173ee5d42ffafe4026965be1c28143570c7d32e6cfa46cdd7
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f35d82c36940b3e266b727d736ade6f815e8ae991bf4cceae7f33c3cad0c837a
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f88d44454463290f5126b50e973b6c32b5e340e5d2717d8da0677e035a4d8924
fa95d7059d288444480c0a93416bab60c0263a5cf39762c564404749872e05d9
ff002f929ce2e6c925b18bdc1de8cdfb2894f77a1e48cf4fc318f0ddb7efe63c