urlscan.io logo urlscan.io
SecurityTrails logo

songsear.ch Open in urlscan Pro
52.36.180.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://songsear.ch/greatunknown
Effective URL: https://songsear.ch/greatunknown
Submission Tags: falconsandbox
Submission: On May 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 29 HTTP transactions. The main IP is 52.36.180.209, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is songsear.ch. The Cisco Umbrella rank of the primary domain is 521046.
TLS certificate: Issued by R3 on April 2nd 2022. Valid for: 3 months.
This is the only time songsear.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    52.36.180.209 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-180-209.us-west-2.compute.amazonaws.com
songsear.ch
1    2600:9000:2240:800:f:458e:2a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.thisiswaldo.com
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2600:9000:2240:c200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
3    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
securepubads.g.doubleclick.net
2    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
1    13.56.202.53 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-56-202-53.us-west-1.compute.amazonaws.com
ipfind.co
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    2600:9000:225e:9c00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.quantcast.mgr.consensu.org
1    2600:9000:223c:b400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    18.195.72.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-72-208.eu-central-1.compute.amazonaws.com
audit-tcfv2.quantcast.mgr.consensu.org
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:20::681a:8a9 (None, )

ASN- ()
script.4dex.io
Apex Domain
Subdomains		 Transfer
7 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2100
test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5533
audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9812
182 KB
6 songsear.ch
songsear.ch — Cisco Umbrella Rank: 521046
117 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187
googleads.g.doubleclick.net — Cisco Umbrella Rank: 44
158 KB
2 4dex.io
script.4dex.io
24 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1563
89 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 95
169 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 918
345 B
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 987
10 KB
1 ipfind.co
ipfind.co — Cisco Umbrella Rank: 55555
465 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
39 KB
1 thisiswaldo.com
cdn.thisiswaldo.com — Cisco Umbrella Rank: 46693
115 KB
29 12
Domain Requested by
6 songsear.ch 1 redirects songsear.ch
5 quantcast.mgr.consensu.org cdn.thisiswaldo.com
quantcast.mgr.consensu.org
3 securepubads.g.doubleclick.net cdn.thisiswaldo.com
securepubads.g.doubleclick.net
2 script.4dex.io cdn.thisiswaldo.com
script.4dex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 confiant-integrations.global.ssl.fastly.net cdn.thisiswaldo.com
confiant-integrations.global.ssl.fastly.net
2 pagead2.googlesyndication.com songsear.ch
pagead2.googlesyndication.com
1 audit-tcfv2.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 rules.quantcount.com secure.quantserve.com
1 test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 secure.quantserve.com quantcast.mgr.consensu.org
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 ipfind.co cdn.thisiswaldo.com
1 www.googletagmanager.com songsear.ch
1 cdn.thisiswaldo.com songsear.ch
29 15

This site contains no links.

Subject Issuer Validity Valid
songsear.ch
R3		 2022-04-02 -
2022-07-01		 3 months crt.sh
cdn.thisiswaldo.com
Go Daddy Secure Certificate Authority - G2		 2022-05-04 -
2022-06-16		 a month crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.cmp.quantcast.com
R3		 2022-04-26 -
2022-07-25		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
ipfind.co
Amazon		 2022-01-03 -
2023-02-01		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://songsear.ch/greatunknown
Frame ID: D4E09356AEDD565857B3814D6BD0251D
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Frame ID: D99AE1F9AB8300B0602226E00402175C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page Not Found - Song Search

Page URL History Show full URLs

  1. http://songsear.ch/greatunknown HTTP 301
    https://songsear.ch/greatunknown Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

29
Requests

100 %
HTTPS

67 %
IPv6

12
Domains

15
Subdomains

15
IPs

2
Countries

922 kB
Transfer

3184 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://songsear.ch/greatunknown HTTP 301
    https://songsear.ch/greatunknown Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request greatunknown
songsear.ch/
Redirect Chain
  • http://songsear.ch/greatunknown
  • https://songsear.ch/greatunknown
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://songsear.ch/greatunknown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.36.180.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-180-209.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
627019380b141ceec89cef05d8a4a03df70677048649a36d72e6e5c931341eb2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 22 May 2022 18:32:03 GMT
etag
W/"11be-codCUd6UmtRH9fs6iqdwpbmAbdI"
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
x-powered-by
Express
x-response-time
2.558ms

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Sun, 22 May 2022 18:32:03 GMT
Location
https://songsear.ch/greatunknown
Server
nginx/1.18.0 (Ubuntu)
11799.js
cdn.thisiswaldo.com/static/js/ 		391 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thisiswaldo.com/static/js/11799.js
Requested by
Host: songsear.ch
URL: https://songsear.ch/greatunknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:800:f:458e:2a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
2276d4fb89ced1d7f788efe95beaf863ecbcbaa88dddb803d53ffd14a0e5f1b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 21:49:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 07 May 2022 20:10:15 GMT
server
Apache/2.4.29 (Ubuntu)
age
74636
etag
"61c5f-5de7190318f6b-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
x-amz-cf-id
vP0aY8Q-ynWjtRi29CLYRrhhfQtHoEvIRdo7ZxzQrON4wPbNdG_gKg==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: songsear.ch
URL: https://songsear.ch/greatunknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef8078c7dd87a1ba61ac1ff5e210cab061bb75b6f5bff15b39d63eb438491efd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 18:32:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56754
x-xss-protection
0
server
cafe
etag
9028634634451836569
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 22 May 2022 18:32:04 GMT
js
www.googletagmanager.com/gtag/ 		99 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-84503029-1
Requested by
Host: songsear.ch
URL: https://songsear.ch/greatunknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
17e7623a5aa033696c06c51c3f3aab02ba231c9e8ea2adbc6d7d82144e803f86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 18:32:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39160
x-xss-protection
0
last-modified
Sun, 22 May 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 22 May 2022 18:32:04 GMT
main.4ba01b8d.chunk.css
songsear.ch/static/css/ 		121 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://songsear.ch/static/css/main.4ba01b8d.chunk.css
Requested by
Host: songsear.ch
URL: https://songsear.ch/greatunknown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.36.180.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-180-209.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6a7d57c001cdab199c007b871b4259816b09a3e59a550830fccab069ebe41312
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/greatunknown
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 18:32:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 May 2022 13:04:47 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62824bef-1e362"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
2.6e18ee9f.chunk.js
songsear.ch/static/js/ 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songsear.ch/static/js/2.6e18ee9f.chunk.js
Requested by
Host: songsear.ch
URL: https://songsear.ch/greatunknown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.36.180.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-180-209.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7bc0ad9b5405dc04782aaf740b1985ee1792c6579ce8b8b79d10751eaf1bd3cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/greatunknown
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 18:32:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 May 2022 13:04:47 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62824bef-32aeb"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.aae71949.chunk.js
songsear.ch/static/js/ 		95 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songsear.ch/static/js/main.aae71949.chunk.js
Requested by
Host: songsear.ch
URL: https://songsear.ch/greatunknown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.36.180.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-180-209.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4dda98cd81c56e7a1b3aaed74f8d6db3ab9d385ca47cc4c2e85488a425ab0d92
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/greatunknown
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 18:32:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 16 May 2022 13:04:47 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62824bef-17b7d"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
choice.js
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/songsear.ch/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/songsear.ch/choice.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11799.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
835f597d1d032c2b53be5dac666a2382e71cfc8ca727b44f5649c5e482a895de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 22 May 2022 18:31:30 GMT
content-encoding
br
last-modified
Tue, 29 Mar 2022 21:02:44 GMT
server
AmazonS3
age
34
etag
W/"4465250134d57ebb988e19f6c39abbbb"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
NMCSg2YoZ9iS0-A_UM43vSMgsncrlIVESn4jqXkXad93YYTR9D97Ww==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11799.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
0705dab872a51a49308ed9ae0a5d28168dff43ecf5a0ae474513e46b361afec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 18:32:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28728
x-xss-protection
0
server
sffe
etag
"1223 / 813 of 1000 / last-modified: 1653084304"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 22 May 2022 18:32:04 GMT
config.js
confiant-integrations.global.ssl.fastly.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/ 		127 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11799.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb95bc4338eddb3624fd38be5ea0f08384ce9f77db255ec12d9ac9228179f2ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 18:32:04 GMT
Content-Encoding
gzip
Age
2129
X-Cache
HIT
Connection
keep-alive
Content-Length
26516
x-amz-id-2
eHAC+VLr+zuYyS/wYh7e0Kt40gi+9i2WcfwbYlewGrDFAOmDf0YAUNnckq8q8VgJ2cYaQjh4rdI=
X-Served-By
cache-hhn4070-HHN
Last-Modified
Sun, 22 May 2022 14:42:28 GMT
Server
AmazonS3
X-Timer
S1653244324.271070,VS0,VE0
ETag
"7d84e7a4529f63539bd4b7a891e5f499"
x-amz-request-id
ASMPM1RDKTTS8Q4Y
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
48
me
ipfind.co/ 		353 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11799.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.56.202.53 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-56-202-53.us-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
04a9ae5a4de5869bfe11e5623d025e69f4e7703e72ea8b12724c4d724407b268

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 18:32:04 GMT
content-encoding
gzip
server
Apache/2.4.18 (Ubuntu)
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://songsear.ch
cache-control
no-cache, private
access-control-allow-credentials
true
content-length
246
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ 		316 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8561605615946624&plah=songsear.ch&bust=31067699
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fde23919bb5843339dabdf8b9d14d0ccf664ee1c28779fd1b6f4c9c1daa30f71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 18:32:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115452
x-xss-protection
0
server
cafe
etag
16695298089712142909
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 22 May 2022 18:32:04 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/ Frame D99A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://songsear.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
81220
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 21 May 2022 19:58:24 GMT
etag
1428802124239944296
expires
Sat, 04 Jun 2022 19:58:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/songsear.ch/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 18:32:04 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sun, 29 May 2022 18:32:04 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		177 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=songsear.ch
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/songsear.ch/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c681185172b31540ba25420b054eb68c41fc623b7396cf7002b0b561abfd6660

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 18:31:16 GMT
content-encoding
br
age
49
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Fri, 13 May 2022 16:53:55 GMT
server
AmazonS3
etag
W/"7ceb23d8e799a5d2e886219d1bea7d5d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
vErIaIABA_x1_yD8pMFQIdVxr8mngMG6WvcT7IAjYOaVaEE1J9JxoQ==
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/ 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202205091138/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
468718a583ec98edb242b85a424558fd63ceac3a8c1ff6a76bbf473b857481c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Sun, 22 May 2022 18:32:04 GMT
Content-Encoding
gzip
Age
114
X-Cache
HIT
Connection
keep-alive
Content-Length
63033
x-amz-id-2
58gElluOuCwWBtEVPun3TWl7MgVlsRQz3OjExuyxVhjXkvGx9p2tDF60myK5rwiwhAHpcvEhI4c=
X-Served-By
cache-hhn4070-HHN
Last-Modified
Mon, 09 May 2022 15:39:37 GMT
Server
AmazonS3
X-Timer
S1653244324.316058,VS0,VE0
ETag
"ecf02ff527b0ed563b40adaa835278b3"
x-amz-request-id
9NBZ3EYC95NKAX8V
Via
1.1 varnish
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
519
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=songsear.ch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:9c00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6797e5bc424d587014449f9825e0e68f8bfb7d163bdd86903fc462560dec3b57

Request headers

Accept
application/json, text/plain, */*
Referer
https://songsear.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 03:00:36 GMT
content-encoding
gzip
age
55889
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Thu, 19 May 2022 19:52:29 GMT
server
AmazonS3
etag
W/"50900028e353b5405beb46af660d5881"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
IX6ESpJaeLGXuWQu6Zw9OjFVEOp9d7q.
via
1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA60-P4
content-type
application/json
x-amz-cf-id
9MpOCtHtLpk1BWKAEX-A1rfPwjt7yTjqNDAyXhn6BDoA7ChfYrlpsA==
rules-p-fTfJtcPmQDwZG.js
rules.quantcount.com/ 		2 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:b400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 18:20:41 GMT
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
server
AmazonS3
age
683
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P2
content-length
2
x-amz-cf-id
DNpzljv5sHKFQYjONpU2eVBaSSaQhKCPvR9BB2pMv1dbqI5sbIb56Q==
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/40/ 		228 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/40/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=songsear.ch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
350786f64e0b10bb61083f97962b7d0e490ccb41eabad5189059e17d4b3a6b03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sat, 21 May 2022 02:41:19 GMT
content-encoding
gzip
age
143446
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Fri, 13 May 2022 16:53:22 GMT
server
AmazonS3
etag
W/"a69e17fb2f729417757e5fbbee7ccc37"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
xlPc07san1f1e2QlC5KXTH87whEs622Y8041HJma74V4sWKf8CIkXA==
vendor-list-trimmed-v1.json
quantcast.mgr.consensu.org/GVL-v2/ 		299 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=songsear.ch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1bcf790b245ec0ae0afa2d9f315ddb6c9fcdad6375ffbf845f62e81e5917698

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 03:00:37 GMT
content-encoding
gzip
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
55888
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Sun, 22 May 2022 03:00:33 GMT
server
AmazonS3
etag
W/"43679cc66ef0e12198c31d0c2bc78c55"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
mwHILKxsizyzwR2ndSRwSRVCcok9Pw5eTgDzuwAdHJ9C20CeCZCkkA==
google-atp-list.json
quantcast.mgr.consensu.org/tcfv2/ 		153 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=songsear.ch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:c200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fd0f40aca4dc75d39a51e9b554986541cd2f514b0c4df7198fc8ac61bfada1a

Request headers

Accept
application/json, text/plain, */*
Referer
https://songsear.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 03:00:29 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
55896
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Sun, 22 May 2022 03:00:26 GMT
server
AmazonS3
etag
W/"e357936593cc8ed65091e13f59db4400"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
cx9ZM26mveNSWhcVpP6m5F1YyDOinISkpd0tMVMQi3Xg3Jm8JwXXhg==
/
audit-tcfv2.quantcast.mgr.consensu.org/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22fTfJtcPmQDwZG%22%2C%22domain%22%3A%22songsear.ch%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.40%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22KkI%2FKU5jPenQbNeBBXEZcg%22%2C%22clientTimestamp%22%3A1653244324429%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-vv3m8ed7biu90neanguf%22%7D
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/40/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.72.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-72-208.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://songsear.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 22 May 2022 18:32:04 GMT
content-length
2
content-type
text/plain; charset=utf-8
pubads_impl_2022051901.js
securepubads.g.doubleclick.net/gpt/ 		367 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js?cb=31067705
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
sffe /
Resource Hash
b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 15:18:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127573
x-xss-protection
0
last-modified
Thu, 19 May 2022 08:36:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 22 May 2023 15:18:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		117 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=songsear.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
1811bef98d3e1ce4d58576fdd614594e6c529c08917be4345d97be184bd00bc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 22 May 2022 18:32:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96
x-xss-protection
0
expires
Sun, 22 May 2022 18:32:04 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84503029-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
776
date
Sun, 22 May 2022 18:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 22 May 2022 20:19:08 GMT
lazyload-thumbnail.png
songsear.ch/static/ 		799 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://songsear.ch/static/lazyload-thumbnail.png
Requested by
Host: songsear.ch
URL: https://songsear.ch/greatunknown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.36.180.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-180-209.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fba8d84aa96f3945d94dbca496dd96eb7fb09cb44a05d33bb838d28d1f38ba41
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/greatunknown
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 18:32:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 May 2022 13:04:30 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"62824bde-31f"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
799
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=320074474&t=pageview&_s=1&dl=https%3A%2F%2Fsongsear.ch%2Fgreatunknown&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Song%20Search&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=919309813&gjid=1236581336&cid=913177672.1653244325&tid=UA-84503029-1&_gid=1368823766.1653244325&_r=1&gtm=2ou5b0&z=761666815
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://songsear.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 22 May 2022 18:32:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://songsear.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
localstore.js
script.4dex.io/ 		483 B
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11799.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 18:32:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1060045
content-type
application/javascript
x-amz-request-id
tx868aa8ceaf494ff0b1336-00627a3731
x-amz-id-2
tx868aa8ceaf494ff0b1336-00627a3731
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9d5wdTw0ggRMTcooydJg%2B5JJwzCI8PdY312FW9B4dp89UenrWP%2F7aDE0k0g%2F%2B%2B0032TXMAbIlL1ip9YxCKEpoB680HB3lMIIYDAhCTwT5vEqzzFXtPK%2BIUUS1KMiIlTki3qskc0D826igro"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1652176652152482
cache-control
public, max-age=1800
cf-ray
70f7a203f9a55c80-FRA
expires
Sun, 22 May 2022 19:02:09 GMT
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Sun, 22 May 2022 18:32:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1067426
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txca075f546c2d4a2c9192d-00627a37f8
x-amz-id-2
txca075f546c2d4a2c9192d-00627a37f8
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5o7KLYA3uEpTvj0U2%2BJzTHSIgG4zeg%2FDVYRzVcclVaEkCmSn95ueZ2HhVKzlGD%2BY%2BySOTkuPdWZlqOWlaXIkhuhTpCuwBSeDVJxTGQ0ww%2BieNDILMuL6LToGhcSUBFr2ZNAelgCH9Tf%2FmIGg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
70f7a2042bda9247-FRA
access-control-allow-headers
Authorization

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| adDomainCheck function| waldoIsInArray function| waldoInitScripts function| waldoSetTagsOnPage function| isElementInViewport function| isElementInViewportTest function| isElementInViewport2 function| waldoInitScroll function| waldoRefreshIfViewable function| waldoSlotRenderEnded function| waldoInitGPT function| waldoInitGPTSingleSlot function| waldoAddSelectMediaCookie function| fetchHeaderBids function| waldoTriggerHB function| waldoAddCloseBtn function| waldoPassbackCheck function| waldoAdxClickFraud function| waldoAdxClickFraudRefresh function| waldoClickFraudNetworkWide function| waldoDelayAdClicks function| waldoInitTags function| hbRefreshBid function| waldoApplyBidGeoRestrictions function| hbRandomMinMaxRefreshMulti function| hbRandomMinMaxRefresh function| hbRandomMinMaxRefreshOnView function| getRandomNumber function| waldoGeoBidsCheck function| waldoGetUserData function| waldoLoadSlot function| waldoCreateCookie function| waldoReadCookie function| waldoEmailDetected function| waldoRecordImpression function| waldoAddCCPAWidget function| waldoSetPbjsUSPString number| refEn string| updateDate number| tagsInitDone object| gptAdSlots string| adDomain object| waldoBreakpoints number| domainValid number| PREBID_TIMEOUT number| interstitialDone object| waldoTimeOuts object| waldoAdRefreshes object| waldoAdXRefreshes object| allAdUnits object| blockAdsOn number| adTagsInitFlag number| siteId number| bidDivAvailable object| waldoTagsStatus object| googletag object| pbjs number| switchUserSync number| waldoImpressionDone string| blockedPageAds number| waldoGDPR object| waldoCountry object| waldoContinent object| waldoDataPointsDone number| closeBtnAdded object| unlimitedRefGeos object| waldoBlockRequestGeos object| waldoNoRefreshGeos object| waldoRefreshOnScollGeos object| waldoGPTSlots object| waldoTagsOnPage object| waldoSlotIds object| waldoDefinedSlots object| waldoAdUnitsAddedToPbjs object| waldoAdRefreshesOnView number| waldoCCPAWidgetAdded undefined| oriRenderAd object| waldoVideoSlot number| cmpVersion number| cmpFailureTimeout string| webInterstitialAdId object| waldoScrollSticky number| adTagsInitFinished number| adxOrderId number| enVariableHeightFix number| delayAdClicks number| allowAdClicks object| delayAdClickTimers number| delayAdClickSecs boolean| loadedOnAction boolean| loadOnAction number| waldoScrollRefreshEnabled boolean| waldoBlockRequests boolean| waldoNoRefresh number| waldoDisableGeoRestrictions object| countriesToExclude number| browserWidth object| adUnits object| passbackAdUnits undefined| affiliateBanners number| waldoCheckIndividualImps string| waldoOriPathName object| waldo function| __tcfapi function| __uspapi object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet function| gtag object| dataLayer object| webpackJsonpsongsearch-client object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| _qevents object| confiant object| regeneratorRuntime function| __tcfapiui function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| google_sa_impl object| googleToken object| googleIMState object| google_tag_manager string| GoogleAnalyticsObject function| ga number| index object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
.songsear.ch/ Name: _ga
Value: GA1.2.913177672.1653244325
.songsear.ch/ Name: _gid
Value: GA1.2.1368823766.1653244325
.songsear.ch/ Name: _gat_gtag_UA_84503029_1
Value: 1
songsear.ch/ Name: waldo_country
Value: DE
songsear.ch/ Name: waldo_continent
Value: EU
songsear.ch/ Name: waldo_region
Value: 05

1 Console Messages

Source Level URL
Text
network error URL: https://songsear.ch/greatunknown
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

audit-tcfv2.quantcast.mgr.consensu.org
cdn.thisiswaldo.com
confiant-integrations.global.ssl.fastly.net
googleads.g.doubleclick.net
ipfind.co
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
rules.quantcount.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
songsear.ch
test.quantcast.mgr.consensu.org
www.google-analytics.com
www.googletagmanager.com
13.56.202.53
142.250.185.162
151.101.129.194
18.195.72.208
2600:9000:223c:b400:6:44e3:f8c0:93a1
2600:9000:2240:800:f:458e:2a80:93a1
2600:9000:2240:c200:9:46dc:4700:93a1
2600:9000:225e:9c00:3:a4cd:8380:93a1
2606:4700:20::681a:8a9
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:810::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2002
52.36.180.209
04a9ae5a4de5869bfe11e5623d025e69f4e7703e72ea8b12724c4d724407b268
0705dab872a51a49308ed9ae0a5d28168dff43ecf5a0ae474513e46b361afec2
17e7623a5aa033696c06c51c3f3aab02ba231c9e8ea2adbc6d7d82144e803f86
1811bef98d3e1ce4d58576fdd614594e6c529c08917be4345d97be184bd00bc0
1fd0f40aca4dc75d39a51e9b554986541cd2f514b0c4df7198fc8ac61bfada1a
2276d4fb89ced1d7f788efe95beaf863ecbcbaa88dddb803d53ffd14a0e5f1b8
350786f64e0b10bb61083f97962b7d0e490ccb41eabad5189059e17d4b3a6b03
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468718a583ec98edb242b85a424558fd63ceac3a8c1ff6a76bbf473b857481c4
4dda98cd81c56e7a1b3aaed74f8d6db3ab9d385ca47cc4c2e85488a425ab0d92
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
627019380b141ceec89cef05d8a4a03df70677048649a36d72e6e5c931341eb2
6797e5bc424d587014449f9825e0e68f8bfb7d163bdd86903fc462560dec3b57
6a7d57c001cdab199c007b871b4259816b09a3e59a550830fccab069ebe41312
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7bc0ad9b5405dc04782aaf740b1985ee1792c6579ce8b8b79d10751eaf1bd3cf
835f597d1d032c2b53be5dac666a2382e71cfc8ca727b44f5649c5e482a895de
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b1bcf790b245ec0ae0afa2d9f315ddb6c9fcdad6375ffbf845f62e81e5917698
b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
c681185172b31540ba25420b054eb68c41fc623b7396cf7002b0b561abfd6660
cb95bc4338eddb3624fd38be5ea0f08384ce9f77db255ec12d9ac9228179f2ca
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ef8078c7dd87a1ba61ac1ff5e210cab061bb75b6f5bff15b39d63eb438491efd
fba8d84aa96f3945d94dbca496dd96eb7fb09cb44a05d33bb838d28d1f38ba41
fde23919bb5843339dabdf8b9d14d0ccf664ee1c28779fd1b6f4c9c1daa30f71