www.pluspremieres.ch Open in urlscan Pro
2606:4700:30::681f:5f35 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pluspremieres.ch/
Effective URL:
https://www.pluspremieres.ch/
Submission: On March 19 via automatic, source alexatop100k (March 19th 2019, 7:17:05 pm UTC)

Summary HTTP 226 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 49 IPs in 10 countries across 45 domains to perform 226 HTTP transactions. The main IP is 2606:4700:30::681f:5f35, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.pluspremieres.ch.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 16th 2019. Valid for: a year.

This is the only time www.pluspremieres.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 33	2606:4700:30:... 2606:4700:30::681f:5f35	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	2a00:1450:400... 2a00:1450:4001:818::2009	15169 (GOOGLE) (GOOGLE - Google LLC)
1	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
8	199.192.25.127 199.192.25.127	22612 (NAMECHEAP...) (NAMECHEAP-NET - Namecheap)
3	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3	108.161.188.138 108.161.188.138	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
8	151.101.120.193 151.101.120.193	54113 (FASTLY) (FASTLY - Fastly)
7	2a02:26f0:64:... 2a02:26f0:64:5a1::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	2a02:26f0:64:... 2a02:26f0:64:596::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a02:26f0:64:... 2a02:26f0:64:5a7::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 5	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
37	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a02:26f0:64:... 2a02:26f0:64:595::2a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	144.76.209.249 144.76.209.249	24940 (HETZNER-AS) (HETZNER-AS)
1	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a02:26f0:64:... 2a02:26f0:64:588::1aca	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	93.184.220.70 93.184.220.70	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	2600:9000:20b... 2600:9000:20bb:5a00:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	185.33.223.204 185.33.223.204	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
18	151.139.241.23 151.139.241.23	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
3	145.239.193.145 145.239.193.145	16276 (OVH) (OVH)
3	74.214.194.131 74.214.194.131	59940 (PULSEPOIN...) (PULSEPOINT-EU)
3	143.204.214.103 143.204.214.103	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	143.204.208.51 143.204.208.51	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3 3	185.86.137.32 185.86.137.32	201081 (SMARTADSE...) (SMARTADSERVER)
3	2a02:26f0:6c0... 2a02:26f0:6c00:28b::c01	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2406:2600:1::a 2406:2600:1::a	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
3	147.135.143.44 147.135.143.44	16276 (OVH) (OVH)
1	143.204.208.221 143.204.208.221	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4 4	54.36.123.231 54.36.123.231	16276 (OVH) (OVH)
3 3	185.33.223.80 185.33.223.80	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
5 5	46.105.114.118 46.105.114.118	16276 (OVH) (OVH)
6 6	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1 1	54.36.123.232 54.36.123.232	16276 (OVH) (OVH)
2 4	104.155.76.175 104.155.76.175	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	185.33.223.209 185.33.223.209	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2 2	193.70.45.171 193.70.45.171	16276 (OVH) (OVH)
1 1	185.86.139.29 185.86.139.29	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	35.227.197.177 35.227.197.177	15169 (GOOGLE) (GOOGLE - Google LLC)
1	5.39.67.10 5.39.67.10	16276 (OVH) (OVH)
3	18.195.154.247 18.195.154.247	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	54.76.210.198 54.76.210.198	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2600:9000:200... 2600:9000:200d:d800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	52.214.69.9 52.214.69.9	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	54.247.163.36 54.247.163.36	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	143.204.214.121 143.204.214.121	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
226	49

33 2606:4700:30::681f:5f35 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

pluspremieres.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pluspremieres.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:818::2009 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 199.192.25.127 (New York, United States)

ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US)

host.pluspremieres.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.161.188.138 (Los Angeles, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.120.193 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:64:5a1::2a1 (European Union)

ASN20940 (AKAMAI-ASN1, US)

is1-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:26f0:64:596::2a1 (European Union)

ASN20940 (AKAMAI-ASN1, US)

is3-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
is2-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:64:5a7::2a1 (European Union)

ASN20940 (AKAMAI-ASN1, US)

is5-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f007:8:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:819::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:64:595::2a1 (European Union)

ASN20940 (AKAMAI-ASN1, US)

is4-ssl.mzstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.209.249 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: four.cbox.ws

www5.cbox.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f107:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64:588::1aca (European Union)

ASN20940 (AKAMAI-ASN1, US)

www.apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.184.220.70 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (San Francisco, United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20bb:5a00:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.204 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.139.241.23 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

ads.themoneytizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.239.193.145 (United Kingdom)

ASN16276 (OVH, FR)

g.tmyzer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.214.194.131 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.214.103 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-103.fra53.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.208.51 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-51.fra53.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.137.32 (France) 3 redirects

ASN201081 (SMARTADSERVER, FR)

ww1097.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:28b::c01 (European Union)

ASN20940 (AKAMAI-ASN1, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2406:2600:1::a (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.135.143.44 (Waltham, United States)

ASN16276 (OVH, FR)

tag.leadplace.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.208.221 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-221.fra53.r.cloudfront.net

d2zur9cc2gf1tx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.36.123.231 (Woodbridge, United States) 4 redirects

ASN16276 (OVH, FR)
PTR: s03.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.80 (European Union) 3 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.105.114.118 (France) 5 redirects

ASN16276 (OVH, FR)
PTR: s11.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.4.25 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.123.232 (Woodbridge, United States) 1 redirects

ASN16276 (OVH, FR)
PTR: s04.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.155.76.175 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 175.76.155.104.bc.googleusercontent.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.209 (European Union) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.70.45.171 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: s02.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.29 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.197.177 (Ann Arbor, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 177.197.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.39.67.10 (France)

ASN16276 (OVH, FR)
PTR: s06.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.154.247 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-154-247.eu-central-1.compute.amazonaws.com

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.76.210.198 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-210-198.eu-west-1.compute.amazonaws.com

tmzr.pubstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:200d:d800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.69.9 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-214-69-9.eu-west-1.compute.amazonaws.com

track.venatusmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.247.163.36 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-163-36.eu-west-1.compute.amazonaws.com

adtrack.adleadevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.214.121 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-121.fra53.r.cloudfront.net

cdn-prod.pubstack.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	blogspot.com 1.bp.blogspot.com 2.bp.blogspot.com 3.bp.blogspot.com 4.bp.blogspot.com	893 KB
33	pluspremieres.ch 1 redirects pluspremieres.ch www.pluspremieres.ch	375 KB
30	mzstatic.com is1-ssl.mzstatic.com is3-ssl.mzstatic.com is2-ssl.mzstatic.com is5-ssl.mzstatic.com is4-ssl.mzstatic.com	2 MB
18	themoneytizer.com ads.themoneytizer.com	354 KB
13	id5-sync.com 12 redirects id5-sync.com	13 KB
10	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	115 KB
8	imgur.com i.imgur.com	41 KB
8	pluspremieres.us host.pluspremieres.us	300 KB
6	pubstack.io tmzr.pubstack.io cdn-prod.pubstack.io	52 KB
6	adform.net 6 redirects c1.adform.net	2 KB
6	adnxs.com 5 redirects ib.adnxs.com secure.adnxs.com	6 KB
6	googleapis.com fonts.googleapis.com ajax.googleapis.com	90 KB
5	yandex.ru 1 redirects mc.yandex.ru	88 KB
4	creative-serving.com 2 redirects ads.creative-serving.com	2 KB
4	smartadserver.com 4 redirects ww1097.smartadserver.com rtb-csync.smartadserver.com	2 KB
4	criteo.com bidder.criteo.com gum.criteo.com	1 KB
4	twimg.com cdn.syndication.twimg.com pbs.twimg.com	25 KB
4	gstatic.com fonts.gstatic.com	54 KB
4	blogger.com www.blogger.com	62 KB
3	adleadevent.com adtrack.adleadevent.com	2 KB
3	quantcount.com rules.quantcount.com	3 KB
3	quantserve.com secure.quantserve.com	17 KB
3	leadplace.fr tag.leadplace.fr	9 KB
3	sascdn.com ced-ns.sascdn.com	24 KB
3	cloudfront.net d2zur9cc2gf1tx.cloudfront.net	76 KB
3	cpx.to p.cpx.to	6 KB
3	contextweb.com tag.contextweb.com	34 KB
3	tmyzer.com g.tmyzer.com	591 B
3	vntsm.com hb.vntsm.com	204 KB
2	venatusmedia.com track.venatusmedia.com	377 B
2	tapad.com 2 redirects pixel.tapad.com	766 B
2	facebook.com www.facebook.com staticxx.facebook.com
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
2	facebook.net connect.facebook.net	196 KB
2	google.com 1 redirects apis.google.com www.google.com	17 KB
1	criteo.net static.criteo.net	13 KB
1	sonobi.com apex.go.sonobi.com	1 KB
1	consensu.org vendorlist.consensu.org	14 KB
1	apple.com www.apple.com	2 KB
1	cbox.ws www5.cbox.ws Failed
1	google.de www.google.de	109 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	159 B
1	blogblog.com resources.blogblog.com	614 B
1	googletagmanager.com www.googletagmanager.com	24 KB
1	jquery.com code.jquery.com	33 KB
226	45

	Domain	Requested by
32	www.pluspremieres.ch	www.pluspremieres.ch code.jquery.com
19	1.bp.blogspot.com	www.pluspremieres.ch
18	ads.themoneytizer.com	hb.vntsm.com ads.themoneytizer.com
13	id5-sync.com	12 redirects www.pluspremieres.ch
9	2.bp.blogspot.com	www.pluspremieres.ch
8	platform.twitter.com	www.pluspremieres.ch platform.twitter.com
8	is2-ssl.mzstatic.com	www.pluspremieres.ch
8	i.imgur.com	www.pluspremieres.ch
8	host.pluspremieres.us	www.pluspremieres.ch code.jquery.com www.google-analytics.com platform.twitter.com
7	is3-ssl.mzstatic.com	www.pluspremieres.ch
7	is1-ssl.mzstatic.com	www.pluspremieres.ch
6	c1.adform.net	6 redirects
6	3.bp.blogspot.com	www.pluspremieres.ch
6	is5-ssl.mzstatic.com	www.pluspremieres.ch
5	secure.adnxs.com	5 redirects
5	mc.yandex.ru	1 redirects hb.vntsm.com www.pluspremieres.ch
4	ads.creative-serving.com	2 redirects www.pluspremieres.ch
4	fonts.gstatic.com	www.pluspremieres.ch code.jquery.com
4	www.blogger.com	www.pluspremieres.ch
3	cdn-prod.pubstack.io	tmzr.pubstack.io
3	adtrack.adleadevent.com	ajax.googleapis.com
3	rules.quantcount.com	secure.quantserve.com
3	ajax.googleapis.com	ads.themoneytizer.com
3	tmzr.pubstack.io	ads.themoneytizer.com
3	secure.quantserve.com	ads.themoneytizer.com
3	tag.leadplace.fr	ads.themoneytizer.com
3	gum.criteo.com	ads.themoneytizer.com
3	ced-ns.sascdn.com	www.pluspremieres.ch
3	ww1097.smartadserver.com	3 redirects
3	d2zur9cc2gf1tx.cloudfront.net	ads.themoneytizer.com
3	p.cpx.to	ads.themoneytizer.com
3	tag.contextweb.com	ads.themoneytizer.com
3	g.tmyzer.com	ads.themoneytizer.com
3	pbs.twimg.com	www.pluspremieres.ch
3	4.bp.blogspot.com	www.pluspremieres.ch
3	hb.vntsm.com	www.pluspremieres.ch hb.vntsm.com
3	fonts.googleapis.com	www.pluspremieres.ch
2	track.venatusmedia.com	hb.vntsm.com
2	pixel.tapad.com	2 redirects
2	syndication.twitter.com	1 redirects www.pluspremieres.ch
2	is4-ssl.mzstatic.com	www.pluspremieres.ch
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	connect.facebook.net	www.pluspremieres.ch connect.facebook.net
1	static.criteo.net	hb.vntsm.com
1	rtb-csync.smartadserver.com	1 redirects
1	bidder.criteo.com	hb.vntsm.com
1	ib.adnxs.com	hb.vntsm.com
1	apex.go.sonobi.com	hb.vntsm.com
1	vendorlist.consensu.org	hb.vntsm.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	www.apple.com	code.jquery.com
1	staticxx.facebook.com	connect.facebook.net
1	www.facebook.com	www.pluspremieres.ch
1	www5.cbox.ws	www.pluspremieres.ch
1	www.google.de	www.pluspremieres.ch
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	apis.google.com	www.pluspremieres.ch
1	resources.blogblog.com	www.pluspremieres.ch
1	www.googletagmanager.com	www.pluspremieres.ch
1	code.jquery.com	www.pluspremieres.ch
1	pluspremieres.ch	1 redirects
226	62

This site contains links to these domains. Also see Links.

Domain
chat.pluspremieres.nz
www.blogger.com
twitter.com
www.facebook.com
www.instagram.com
www5.cbox.ws
www.pluspremieres.fr
search.pluspremieres.co.uk
www.foodwishes.me
policies.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-03-16` - `2020-03-16`	a year	crt.sh
*.blogger.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.pluspremieres.us COMODO RSA Domain Validation Secure Server CA	`2018-05-08` - `2019-05-08`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.vntsm.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-13` - `2021-04-08`	2 years	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2018-12-14` - `2020-02-12`	a year	crt.sh
itunes.apple.com DigiCert SHA2 Extended Validation Server CA	`2019-03-15` - `2020-03-15`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
*.apis.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-01-21` - `2019-04-21`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2018-10-03` - `2019-10-03`	a year	crt.sh
*.googleusercontent.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
cbox.ws Let's Encrypt Authority X3	`2019-01-21` - `2019-04-21`	3 months	crt.sh
www.apple.com DigiCert SHA2 Extended Validation Server CA	`2019-03-07` - `2020-03-07`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-24` - `2020-01-24`	a year	crt.sh
vendorlist.consensu.org Amazon	`2019-03-06` - `2020-04-06`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.criteo.com DigiCert SHA2 Secure Server CA	`2018-11-05` - `2020-01-03`	a year	crt.sh
*.themoneytizer.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-15` - `2021-02-14`	2 years	crt.sh
g.tmyzer.com Let's Encrypt Authority X3	`2019-01-27` - `2019-04-27`	3 months	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
p.cpx.to COMODO RSA Domain Validation Secure Server CA	`2015-02-10` - `2020-02-09`	5 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2020-06-10`	a year	crt.sh
*.leadplace.fr Gandi Standard SSL CA 2	`2018-09-06` - `2020-09-12`	2 years	crt.sh
*.creative-serving.com COMODO RSA Domain Validation Secure Server CA	`2018-03-14` - `2019-04-03`	a year	crt.sh
*.id5-sync.com Go Daddy Secure Certificate Authority - G2	`2017-04-02` - `2020-04-02`	3 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2018-10-16` - `2019-10-21`	a year	crt.sh
*.pubstack.io Amazon	`2019-01-03` - `2020-02-03`	a year	crt.sh
*.venatusmedia.com Amazon	`2019-02-15` - `2020-03-15`	a year	crt.sh
adtrack.adleadevent.com Amazon	`2018-07-28` - `2019-08-28`	a year	crt.sh
*.criteo.net DigiCert SHA2 Secure Server CA	`2018-11-08` - `2019-12-19`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.pluspremieres.ch/
Frame ID: 79793F7C324632AEA6814969E04A9DF6
Requests: 155 HTTP requests in this frame

Frame: https://www5.cbox.ws/box/?boxid=518294&boxtag=m3ww8d
Frame ID: C49E3358CB824FF3F6EE3F03E92EEC24
Requests: 1 HTTP requests in this frame

Frame: https://www5.cbox.ws/box/?boxid=518294&boxtag=m3ww8d
Frame ID: F30F0CB11FB4F8896931EAF7DDAACBA6
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.fd774b599f565016d763dd860cb31c79.en.html
Frame ID: 0E980D17145BC602D0253F893544ADD4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/PlusPremieres&show_faces=false&layout=button_count
Frame ID: 4AD52CF5EDC295DB9484F51B2CB3623C
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: 9A206C08445E2A97EE3C45DCE933A32D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fwww.pluspremieres.ch&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: BA4760A690B188CC1F76BFEC9AF1598D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/css/timeline.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
Frame ID: 50FD9C2DE9470F8E470B82ECD156DCAA
Requests: 7 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: A5B276F855029FDFC5519D36B51BC070
Requests: 1 HTTP requests in this frame

Frame: https://ads.themoneytizer.com/s/gen.js?type=1
Frame ID: 8FD13469648EA5137754BE128B9DC7DA
Requests: 20 HTTP requests in this frame

Frame: https://ads.themoneytizer.com/s/gen.js?type=1
Frame ID: 5C492FA7D7FF115A1A8BFA59BCBDE06F
Requests: 20 HTTP requests in this frame

Frame: https://ads.themoneytizer.com/s/gen.js?type=1
Frame ID: 48FBBDEEB7A47D6EEF9BA6F4757BB5CC
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://pluspremieres.ch/ HTTP 301
https://www.pluspremieres.ch/ Page URL

Detected technologies

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /pbjs/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^criteo/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

webpack (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^webpackJsonp$/i

Page Statistics

226
Requests

100 %
HTTPS

42 %
IPv6

45
Domains

62
Subdomains

49
IPs

10
Countries

5288 kB
Transfer

9097 kB
Size

1
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://chat.pluspremieres.nz/
Title: Chat

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=7153054935638188411&widgetType=HTML&widgetId=HTML3&action=editWidget&sectionId=carousel
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/PlusPremieresX
Title: Twitter ➝

Search URL Search Domain Scan URL

URL: https://www.facebook.com/PlusPremieres

Search URL Search Domain Scan URL

URL: https://www.instagram.com/pluspremieres.nz/

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=7153054935638188411&widgetType=HTML&widgetId=HTML6&action=editWidget&sectionId=headline
Title:

Search URL Search Domain Scan URL

URL: https://www5.cbox.ws/box/?boxid=518294&boxtag=m3ww8d
Title: Popout

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=7153054935638188411&widgetType=HTML&widgetId=HTML1&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=7153054935638188411&widgetType=HTML&widgetId=HTML7&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=7153054935638188411&widgetType=HTML&widgetId=HTML15&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=7153054935638188411&widgetType=HTML&widgetId=HTML4&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=7153054935638188411&widgetType=PopularPosts&widgetId=PopularPosts1&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=7153054935638188411&widgetType=PopularPosts&widgetId=PopularPosts2&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=7153054935638188411&widgetType=PopularPosts&widgetId=PopularPosts3&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=7153054935638188411&widgetType=HTML&widgetId=HTML5&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=7153054935638188411&widgetType=HTML&widgetId=HTML10&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=7153054935638188411&widgetType=HTML&widgetId=HTML11&action=editWidget&sectionId=sidebar-right-1
Title:

Search URL Search Domain Scan URL

URL: http://www.pluspremieres.fr/
Title: French Premieres

Search URL Search Domain Scan URL

URL: http://search.pluspremieres.co.uk/
Title: iTunes Plus Search

Search URL Search Domain Scan URL

URL: https://www.foodwishes.me/
Title: Food Wishes

Search URL Search Domain Scan URL

URL: https://www.pluspremieres.fr/

Search URL Search Domain Scan URL

URL: https://policies.google.com/technologies/cookies
Title: Learn more

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pluspremieres.ch/ HTTP 301
https://www.pluspremieres.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=2014933441&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pluspremieres.ch%2F&ul=en-us&de=UTF-8&dt=Plus%20Premieres%20%7C%20New%20music%20every%20Thursday%20%E2%80%A2%2010AM%20%E2%80%93%20Midnight%20EST&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1855353240&gjid=303338761&cid=1225878782.1553023006&tid=UA-48007615-1&_gid=1344836576.1553023006&_r=1&gtm=2ou3b2&z=29388285 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-48007615-1&cid=1225878782.1553023006&jid=1855353240&_gid=1344836576.1553023006&gjid=303338761&_v=j73&z=29388285 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48007615-1&cid=1225878782.1553023006&jid=1855353240&_v=j73&z=29388285 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48007615-1&cid=1225878782.1553023006&jid=1855353240&_v=j73&z=29388285&slf_rd=1&random=2644174431

Request Chain 123

https://mc.yandex.ru/watch/52686883?wmode=7&page-url=https%3A%2F%2Fwww.pluspremieres.ch%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1553023003840%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190319191647%3Aet%3A1553023008%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A786745898%3Ahid%3A68218608%3Ads%3A0%2C0%2C179%2C126%2C114%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A1069%3Agdpr%3A14%3Av%3A1500%3Awv%3A2%3Ast%3A1553023008%3Au%3A1553023008152183709%3At%3APlus%20Premieres%20%7C%20New%20music%20every%20Thursday%20%E2%80%A2%2010AM%20%E2%80%93%20Midnight%20EST HTTP 302
https://mc.yandex.ru/watch/52686883/1?wmode=7&page-url=https%3A%2F%2Fwww.pluspremieres.ch%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1553023003840%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190319191647%3Aet%3A1553023008%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A786745898%3Ahid%3A68218608%3Ads%3A0%2C0%2C179%2C126%2C114%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A1069%3Agdpr%3A14%3Av%3A1500%3Awv%3A2%3Ast%3A1553023008%3Au%3A1553023008152183709%3At%3APlus%20Premieres%20%7C%20New%20music%20every%20Thursday%20%E2%80%A2%2010AM%20%E2%80%93%20Midnight%20EST

Request Chain 161

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 177

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 186

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 195

https://ww1097.smartadserver.com/config.js?nwid=1097 HTTP 302
https://ced-ns.sascdn.com/diff/js/smart.js

Request Chain 199

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://id5-sync.com/c/12/0/9/1.gif HTTP 302
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID HTTP 302
https://id5-sync.com/c/12/2/8/2.gif?puid=64976051806397936 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D HTTP 302
https://id5-sync.com/c/12/10/7/3.gif?puid=5222556655387492395 HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D

Request Chain 201

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID HTTP 302
https://id5-sync.com/c/12/2/8/2.gif?puid=8232833255173715534 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D HTTP 302
https://id5-sync.com/c/12/10/7/3.gif?puid=5222556655387492395 HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D HTTP 302
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D HTTP 302
https://id5-sync.com/c/12/101/6/4.gif?puid=11a1a6ec-c3ae-4f71-acc4-87b149df3737 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-SWe6fm2OrWxHTRJWlTF080cnTj01BBMa1PHQn0gCBg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F5%2F5.gif%3Fpuid%3DSMART_USER_ID HTTP 302
https://id5-sync.com/c/12/102/5/5.gif?puid=590366358645769741 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://id5-sync.com/c/12/108/4/6.gif?puid=8fa6b1d2-4a7b-11e9-b596-0a580a4c042b

Request Chain 203

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= HTTP 302
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID HTTP 302
https://id5-sync.com/c/12/2/8/2.gif?puid=8232833255173715534 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D HTTP 302
https://id5-sync.com/c/12/10/7/3.gif?puid=6584421482604571883 HTTP 302
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D

226 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.pluspremieres.ch/
Redirect Chain

https://pluspremieres.ch/
https://www.pluspremieres.ch/

229 KB
44 KB

201ms
179ms

Document
text/html

2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

87fed00c9704c16935288172fc45ce7933df3090a8b98006978950eb0e078939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.pluspremieres.ch
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
cookie: __cfduid=d2720fa0f88afa2eccc9107584e333f841553023003
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Tue, 19 Mar 2019 19:16:44 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 19 Mar 2019 19:16:44 GMT
cache-control: private, max-age=0
last-modified: Tue, 19 Mar 2019 19:08:56 GMT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4ba1c84ed8c46505-FRA
content-encoding: br

Redirect headers

status: 301
date: Tue, 19 Mar 2019 19:16:43 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d2720fa0f88afa2eccc9107584e333f841553023003; expires=Wed, 18-Mar-20 19:16:43 GMT; path=/; domain=.pluspremieres.ch; HttpOnly
location: https://www.pluspremieres.ch/
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4ba1c84e48216505-FRA

GET
H2 200 2985278703-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
8 KB 48ms
6ms Stylesheet
text/css 2a00:1450:4001:818::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2985278703-css_bundle_v2.css

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

814ed3598b0b3cc66c62ee854d3a6651d1202299a4a18b09b3a58356f832a0fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 03:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Mar 2019 14:21:52 GMT
server: sffe
age: 921029
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 7993
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 03:26:15 GMT

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
code.jquery.com/ 94 KB
33 KB 74ms
20ms Script
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.3.min.js
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Apr 2015 16:20:58 GMT
Server: nginx
ETag: W/"553fb36a-176d5"
Vary: Accept-Encoding
X-HW: 1553023004.dop005.pa1.shc,1553023004.dop005.pa1.t,1553023004.cds029.pa1.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33261

GET
H/1.1 200
OK jssor.slider-25.2.1.min.js Show response
host.pluspremieres.us/files/ 48 KB
48 KB 722ms
183ms Script
application/javascript 199.192.25.127
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://host.pluspremieres.us/files/jssor.slider-25.2.1.min.js
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.192.25.127 New York, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: e148e9cbbd9ddc0157f58078b776400881afdda74c05e5b75815c260f38af28b

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:44 GMT
Last-Modified: Mon, 14 May 2018 23:02:27 GMT
Server: Apache
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 49153

GET
H2 200 css
fonts.googleapis.com/ 3 KB
528 B 20ms
17ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700,900

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

45ac199b2a6a10c7f4eb6d7d2ea87ca0239ac8a7a9e2cbb8c72031dd93f1fbdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 19 Mar 2019 19:16:44 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 19 Mar 2019 19:16:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Tue, 19 Mar 2019 19:16:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
553 B 21ms
17ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

853f90b3f3829a8cb42b31b7ba0058aae3127bb5da43174157cdf85073460461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 19 Mar 2019 19:16:44 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 19 Mar 2019 19:16:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Tue, 19 Mar 2019 19:16:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
563 B 27ms
24ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

19cda205f1d4e140aabeda5f0a6c395ba0b8bd0ab63771b5f2002176bee7022a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 19 Mar 2019 19:16:44 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 19 Mar 2019 19:16:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Tue, 19 Mar 2019 19:16:44 GMT

GET
H/1.1 200
OK 360player.css
host.pluspremieres.us/files/ 7 KB
7 KB 716ms
181ms Stylesheet
text/css 199.192.25.127
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://host.pluspremieres.us/files/360player.css
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.192.25.127 New York, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: fcdcd258a0e3a1095a4c5edfd147c63f707762e5718adee7e1453d51d031375a

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:44 GMT
Last-Modified: Fri, 30 Nov 2018 08:07:48 GMT
Server: Apache
Content-Type: text/css
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 7015

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 63 KB
24 KB 17ms
16ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-48007615-1

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:808::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

cdf4dea20ba12b371d0e4decc6bb3a8beb3f67dbadec461e7e1b90662609240b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:44 GMT
content-encoding: br
last-modified: Tue, 19 Mar 2019 17:22:31 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 24356
x-xss-protection: 1; mode=block
expires: Tue, 19 Mar 2019 19:16:44 GMT

GET
H2 200 ad-manager.min.js Show response
hb.vntsm.com/v3/live/ 526 KB
164 KB 12ms
12ms Script
application/javascript 108.161.188.138
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.138 Los Angeles, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: e59bb1c1a8eaa68f2848a1fbddd7c69f2c19ee03889f900c77eefdc69bd443dd

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:44 GMT
content-encoding: gzip
venatus-cdn-hb-rule-version: 1.1
x-cache: HIT
status: 200
x-ip: 83.97.23.52
last-modified: Tue, 19 Mar 2019 16:18:35 GMT
server: NetDNA-cache/2.2
etag: W/"a96bf874236b8a09654ba1cd3ee74e43"
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-expose-headers: X-Geo, Content-Type
cache-control: max-age=3600
access-control-allow-credentials: true
access-control-allow-headers: X-Geo, Content-Type
x-geo: DE

GET
H2 200 vxEo9V2.png
i.imgur.com/ 11 KB
11 KB 101ms
26ms Image
image/png 151.101.120.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/vxEo9V2.png
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 514edd92ff8426e567cabf923efbf566359c85646fd82c1a30138658a34d485f

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:44 GMT
age: 15220458
x-cache: HIT, HIT
status: 200
content-length: 11143
x-served-by: cache-iad2139-IAD, cache-cdg20778-CDG
last-modified: Fri, 04 Aug 2017 08:25:04 GMT
server: cat factory 1.0
x-timer: S1553023004.364411,VS0,VE1
etag: "9c0ee7a2914a1d8131ffbfd2c708336e"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 1360x520fa.jpg
is1-ssl.mzstatic.com/image/thumb/comp/Features123/v4/8c/20/4e/8c204e5c-c922-e09b-6181-acd4c02e9075/pr_source.png/ 198 KB
199 KB 72ms
7ms Image
image/jpeg 2a02:26f0:64:5a1::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is1-ssl.mzstatic.com/image/thumb/comp/Features123/v4/8c/20/4e/8c204e5c-c922-e09b-6181-acd4c02e9075/pr_source.png/1360x520fa.jpg?dt=dt-1547663946300-14585&fbl=en-US&cte=cte-1504292368040-10000&dk=dk-109691473-2073332709&l=en-US

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:64:5a1::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

70bce9889ec87a65a95a2d7a724fc26fd50101326320956fc357ef727ec89467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: IYOIH7HB5H5DPPR7CSYI4BHX
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:35887001:pv50p00it-hyhk12043701:7987:19C32
status: 200
date: Tue, 19 Mar 2019 19:16:44 GMT
last-modified: Fri, 08 Mar 2019 05:01:20 GMT
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-length: 203000
cache-control: no-transform, max-age=14692190
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "\"7Yyr0nWHYf2Ppj+xbJh5XQ==\""
apple-originating-system: AIImageService
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 461c83fc-e1e9-fa37-be3f-14b08e04f7

GET
H2 200 1360x520fa.jpg
is3-ssl.mzstatic.com/image/thumb/comp/Features124/v4/44/b9/ec/44b9ec35-57d2-eea4-e0ba-98438612c5db/mza_2909005320830228152.png/ 433 KB
435 KB 63ms
8ms Image
image/jpeg 2a02:26f0:64:596::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is3-ssl.mzstatic.com/image/thumb/comp/Features124/v4/44/b9/ec/44b9ec35-57d2-eea4-e0ba-98438612c5db/mza_2909005320830228152.png/1360x520fa.jpg?dt=dt-1540510676194-11304&fbl=en-US&cte=cte-1504292368040-10000&dk=dk-1801909984-2078872670&l=en-US
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:596::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 90964c12f526c417ddef74a4c17d48bc712492a9a9e856c2f7a52d518a053376

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: XU7ZN3HHBIHDGFCQZHOURAR4AA
date: Tue, 19 Mar 2019 19:16:44 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"du9H9WpJ4yiKGIDle0RKfA==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: bd3f96ec-e70a-0e33-1450-c9dd48823c00
last-modified: Fri, 15 Mar 2019 04:17:23 GMT
content-length: 443814
cache-control: no-transform, max-age=15596364

GET
H2 200 1360x520fa.jpg
is2-ssl.mzstatic.com/image/thumb/comp/Features123/v4/87/1f/23/871f239a-995c-598a-69ec-6f750f709c6b/mza_857526831644603488.png/ 222 KB
223 KB 44ms
7ms Image
image/jpeg 2a02:26f0:64:596::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is2-ssl.mzstatic.com/image/thumb/comp/Features123/v4/87/1f/23/871f239a-995c-598a-69ec-6f750f709c6b/mza_857526831644603488.png/1360x520fa.jpg?dt=dt-1474406596286-11292&fbl=en-US&cte=cte-1504292368040-10000&dk=dk-544264169-2077963273&l=en-US
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:596::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: b91788a0c72d3a52027909f2e1df0564ebd582a62dbdec211fe7cc5c491a14ae

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: 645GZCTLE5DRWCWTZEKKVZVSAQ
date: Tue, 19 Mar 2019 19:16:44 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"p6it4seXr/KZ1PPpdkwZTQ==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: f73a6c8a-6b27-471b-0ad3-c914aae6b204
last-modified: Fri, 15 Mar 2019 05:12:55 GMT
content-length: 227139
cache-control: no-transform, max-age=16605015

GET
H2 200 1360x520fa.jpg
is2-ssl.mzstatic.com/image/thumb/comp/Features113/v4/44/25/1a/44251a0d-22e0-d299-85c6-30af8a6479b3/mza_5241629079670502079.png/ 208 KB
209 KB 8ms
8ms Image
image/jpeg 2a02:26f0:64:596::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is2-ssl.mzstatic.com/image/thumb/comp/Features113/v4/44/25/1a/44251a0d-22e0-d299-85c6-30af8a6479b3/mza_5241629079670502079.png/1360x520fa.jpg?dt=dt-1473180439090-11260&fbl=en-US&cte=cte-1504292368040-10000&dk=dk-631182446-2077963277&l=en-US
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:596::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 46894e6d4d290d4f3ed0b4a7162a9778f14d38ca7997057dc66e2a86239cefb9

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: HHAIBZJKBRHYWNRG6D27RUCQFY
date: Tue, 19 Mar 2019 19:16:44 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"D01xXjV1DblL0ciT/brStA==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 39c080e5-2a0c-4f8b-3626-f0f5f8d0502e
last-modified: Fri, 15 Mar 2019 05:12:54 GMT
content-length: 212997
cache-control: no-transform, max-age=13798390

GET
H2 200 1360x520fa.jpg
is1-ssl.mzstatic.com/image/thumb/comp/Features113/v4/3b/62/59/3b6259fd-7a18-0382-aa1d-ec77bfa7e9dd/mza_1808145641081088041.png/ 265 KB
266 KB 10ms
9ms Image
image/jpeg 2a02:26f0:64:5a1::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is1-ssl.mzstatic.com/image/thumb/comp/Features113/v4/3b/62/59/3b6259fd-7a18-0382-aa1d-ec77bfa7e9dd/mza_1808145641081088041.png/1360x520fa.jpg?dt=dt-1473180439090-11260&fbl=en-US&cte=cte-1504292368040-10000&dk=dk-607941916-2077963271&l=en-US
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:5a1::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 7a79cd1f9ff235a25fa18640da8e56f45715e265ac8415f23b89653ff6f3bcb1

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: 4JBBBKOCTB4BYLCOW2J5GSPOQQ
date: Tue, 19 Mar 2019 19:16:44 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"dtR97DRmdBwZ0nIN3egWjQ==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: e24210a9-c298-781c-2c4e-b693d349ee84
last-modified: Fri, 15 Mar 2019 05:12:54 GMT
content-length: 271675
cache-control: no-transform, max-age=14844861

GET
H2 200 1360x520fa.jpg
is1-ssl.mzstatic.com/image/thumb/comp/Features123/v4/00/88/a5/0088a586-f311-2f23-15f8-a6e7e80015f7/pr_source.png/ 92 KB
92 KB 9ms
8ms Image
image/jpeg 2a02:26f0:64:5a1::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is1-ssl.mzstatic.com/image/thumb/comp/Features123/v4/00/88/a5/0088a586-f311-2f23-15f8-a6e7e80015f7/pr_source.png/1360x520fa.jpg?dt=dt-1517603108089-11528&fbl=en-US&cte=cte-1504292368040-10000&dk=dk-1663808877-2078964598&l=en-US
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:5a1::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: eb7d23495a360a0fbbb45c436eb0219fffec389a900e6320ffa40fb1908af591

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: R45RNJQ6IIAY5LA2HBSI7DDP5A
date: Tue, 19 Mar 2019 19:16:44 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"sQBJkUPnPFjpU2A3KVHPCg==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 8f3b16a6-1e42-018e-ac1a-38648f8c6fe8
last-modified: Fri, 15 Mar 2019 04:39:30 GMT
content-length: 93746
cache-control: no-transform, max-age=15995202

GET
H2 200 1360x520fa.jpg
is5-ssl.mzstatic.com/image/thumb/comp/Features123/v4/b8/3c/61/b83c61bc-2868-d9ca-5755-89964fec3b96/pr_source.png/ 314 KB
315 KB 66ms
8ms Image
image/jpeg 2a02:26f0:64:5a7::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is5-ssl.mzstatic.com/image/thumb/comp/Features123/v4/b8/3c/61/b83c61bc-2868-d9ca-5755-89964fec3b96/pr_source.png/1360x520fa.jpg?dt=dt-1517603108089-11528&fbl=en-US&cte=cte-1504292368040-10000&dk=dk-939037214-2080791658&l=en-US
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:5a7::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: f0bf583bc1eee6c18b37dc0fccf185f595af80ec6db1be2dc1efc840e0e259d6

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: PZNAMJJZXUFBCTP2DU6HHDCJCY
date: Tue, 19 Mar 2019 19:16:44 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"jcJEx43Hns5hjdd38/bIVA==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 7e5a0625-39bd-0a11-4dfa-1d3c738c4916
last-modified: Fri, 15 Mar 2019 04:17:41 GMT
content-length: 321826
cache-control: no-transform, max-age=14690749

GET
H2 200 Iwu0FM4.png
i.imgur.com/ 3 KB
3 KB 23ms
23ms Image
image/png 151.101.120.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/Iwu0FM4.png
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 24be48987f5c810cc4da83edd006ff0babcdaf775fdd025affa78665184be2ed

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:44 GMT
age: 26467712
x-cache: HIT, HIT
status: 200
content-length: 2967
x-served-by: cache-iad2150-IAD, cache-cdg20778-CDG
last-modified: Wed, 18 Feb 2015 01:18:16 GMT
server: cat factory 1.0
x-timer: S1553023005.791693,VS0,VE1
etag: "51f23bb796e1dd8f47dc1f2c5e89ff89"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 nQbTo3H.png
i.imgur.com/ 3 KB
3 KB 26ms
26ms Image
image/png 151.101.120.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/nQbTo3H.png
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 546e033d0713f9bd6914588d5a397cee6fda41e2a4e3696734c4c50395f21535

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:44 GMT
age: 1677727
x-cache: HIT, HIT
status: 200
content-length: 2963
x-served-by: cache-bwi5140-BWI, cache-cdg20778-CDG
last-modified: Wed, 18 Feb 2015 01:18:19 GMT
server: cat factory 1.0
x-timer: S1553023005.817783,VS0,VE1
etag: "57f797aed9eeb24e6c9b70edd0a2dfe4"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
614 B 28ms
5ms Image
image/png 2a00:1450:4001:818::2009
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 16 Mar 2019 03:53:50 GMT
x-content-type-options: nosniff
last-modified: Fri, 15 Mar 2019 08:17:17 GMT
server: sffe
age: 314574
content-type: image/png
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 475
x-xss-protection: 1; mode=block
expires: Sat, 23 Mar 2019 03:53:50 GMT

GET
H2 200 wwxlNM6.png
i.imgur.com/ 2 KB
2 KB 23ms
23ms Image
image/png 151.101.120.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/wwxlNM6.png
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: a23aea465cadef5f04d7982020be48dbfbfe6651df86543ff9465ca6ecfe84c2

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:44 GMT
age: 19991637
x-cache: HIT, HIT
status: 200
content-length: 1595
x-served-by: cache-iad2143-IAD, cache-cdg20778-CDG
last-modified: Sun, 06 May 2018 09:08:45 GMT
server: cat factory 1.0
x-timer: S1553023005.872533,VS0,VE1
etag: "474f698019df982eabccacbbd4119d35"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 42, 1

GET
H2 200 4iRUwOX.png
i.imgur.com/ 1 KB
1 KB 25ms
23ms Image
image/png 151.101.120.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/4iRUwOX.png
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 91c77f90045e1bc81c2df95782901488eb739da5760dcf0344fb8707826a864a

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:44 GMT
age: 2368214
x-cache: HIT, HIT
status: 200
content-length: 1061
x-served-by: cache-bwi5139-BWI, cache-cdg20778-CDG
last-modified: Wed, 13 Dec 2017 09:29:52 GMT
server: cat factory 1.0
x-timer: S1553023005.901752,VS0,VE1
etag: "94d7d04f9e08dde6cbaded8c0de07af8"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 XJBKja7.png
i.imgur.com/ 2 KB
2 KB 25ms
24ms Image
image/png 151.101.120.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/XJBKja7.png
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 26ce6b52e4a425a2678d33452eec0c7c9fc2806f5eccd0726e66c25b83490eb6

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:44 GMT
age: 27424467
x-cache: HIT, HIT
status: 200
content-length: 1603
x-served-by: cache-iad2130-IAD, cache-cdg20778-CDG
last-modified: Sun, 06 May 2018 09:22:14 GMT
server: cat factory 1.0
x-timer: S1553023005.901782,VS0,VE1
etag: "42cf77d7a4005fa39428ed8f6889acab"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 email-decode.min.js Show response
www.pluspremieres.ch/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
823 B 9ms
9ms Script
application/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
cookie: __cfduid=d2720fa0f88afa2eccc9107584e333f841553023003
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:44 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Tue, 12 Mar 2019 14:46:04 GMT
server: cloudflare
etag: W/"5c87c62c-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800 public
cf-ray: 4ba1c8518c1b6505-FRA
expires: Thu, 21 Mar 2019 19:16:44 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
28 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40E3) /
Resource Hash: 460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:44 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:40:21 GMT
Server: ECS (fcn/40E3)
Etag: "4cf9f34505e9344b9a7e4d00e67b6c88+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Content-Length: 28028

GET
H2 200 y9IuLFJ.png
i.imgur.com/ 14 KB
14 KB 25ms
24ms Image
image/png 151.101.120.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/y9IuLFJ.png
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 30ff4d6f8c955c07d5b5c528a9f1a570e05a3b5ffeb6e8b9aa62d6ce8e0fbc83

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:44 GMT
age: 26690398
x-cache: HIT, HIT
status: 200
content-length: 14329
x-served-by: cache-iad2151-IAD, cache-cdg20778-CDG
last-modified: Fri, 04 Aug 2017 08:37:18 GMT
server: cat factory 1.0
x-timer: S1553023005.901853,VS0,VE1
etag: "d36d5c32366cab580eec7add6b744788"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 226, 1

GET
H2 200 platform.js Show response
apis.google.com/js/ 43 KB
17 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:80b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b8ae015b0b76e15dd9946a1f3a4ce2ed3d7a3cf9420e617bfe34741bc657f9d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-8jJSbfCKDy3lk9sUjI7E0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "d105390ef66c341d99309568eade3614"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Tue, 19 Mar 2019 19:16:44 GMT

GET
H2 200 cookienotice.js Show response
www.pluspremieres.ch/js/ 6 KB
2 KB 12ms
11ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/js/cookienotice.js

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /js/cookienotice.js
pragma: no-cache
cookie: __cfduid=d2720fa0f88afa2eccc9107584e333f841553023003
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sat, 16 Mar 2019 16:16:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
cf-ray: 4ba1c85498536505-FRA
x-xss-protection: 1; mode=block
expires: Tue, 26 Mar 2019 19:16:44 GMT

GET
H2 200 965588152-widgets.js Show response
www.blogger.com/static/v1/widgets/ 147 KB
53 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:818::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/965588152-widgets.js

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

af3d6b04b51759ab615d9b09b0674cc8087849b09dc857a572af983e9f62c3c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 17 Mar 2019 23:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 17 Mar 2019 21:20:41 GMT
server: sffe
age: 157632
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 54089
x-xss-protection: 1; mode=block
expires: Mon, 16 Mar 2020 23:29:32 GMT

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
656 B 124ms
123ms Stylesheet
text/css 2a00:1450:4001:818::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7153054935638188411&zx=d56d895a-bdd1-4d74-856b-73c9daed5769

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 19 Mar 2019 19:16:44 GMT
server: GSE
date: Tue, 19 Mar 2019 19:16:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 12ms
12ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

c18778f6b11083144eddc64bd02f3179e3684d5f3d703330e40647401c268530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-type-options: nosniff
content-md5: NVcBOzpYkdCqNBen1PNxvw==
status: 200
date: Tue, 19 Mar 2019 19:16:44 GMT
content-length: 3221
x-fb-debug: hmWK6aoMOBU8/OHRmZefEDxOKVt88Q1NVHCHHR3yX+bdEDMU9M/Wjmsx1NdjNO+cwAACuVJqLk++DhQ0nu45ew==
x-fb-content-md5: 3557013b3a5891d0aa3417a7d4f371bf
etag: "3b757d18b4855eac13297c0747c476ca"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Mar 2019 19:26:41 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d7c184f73407fd0b6e92743095a0d2a5cb5d3b853ce898798c24ef87d622db1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://www.pluspremieres.ch

Response headers

date: Sat, 09 Mar 2019 00:34:30 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:23:56 GMT
server: sffe
age: 931334
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13828
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 00:34:30 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v14/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://www.pluspremieres.ch

Response headers

date: Fri, 08 Mar 2019 23:44:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:23:20 GMT
server: sffe
age: 934364
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13944
x-xss-protection: 1; mode=block
expires: Sat, 07 Mar 2020 23:44:00 GMT

GET
H2 200 5c0e4f0046e0fb0001b734e1.enc Show response
hb.vntsm.com/v2/live/ 24 KB
4 KB 8ms
7ms XHR
text/plain 108.161.188.138
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v2/live/5c0e4f0046e0fb0001b734e1.enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.138 Los Angeles, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 7e4eba86367c61f61229d3a46526d36c63c5976bacd90e2a82c7625f56db0486

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.pluspremieres.ch/
Origin: https://www.pluspremieres.ch

Response headers

date: Tue, 19 Mar 2019 19:16:44 GMT
content-encoding: gzip
venatus-cdn-hb-rule-version: 1.1
x-cache: HIT
status: 200
x-ip: 83.97.23.52
last-modified: Tue, 19 Mar 2019 16:01:26 GMT
server: NetDNA-cache/2.2
etag: W/"63f1ef88bb61146f10e999241ebe8beb"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.pluspremieres.ch
access-control-expose-headers: X-Geo, Content-Type
cache-control: max-age=3600
access-control-allow-credentials: true
access-control-allow-headers: X-Geo, Content-Type
x-geo: DE

GET
H/1.1 200
OK searchwhite.svg
host.pluspremieres.us/files/ 663 B
940 B 181ms
181ms Image
image/svg+xml 199.192.25.127
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://host.pluspremieres.us/files/searchwhite.svg
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.192.25.127 New York, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: a9c2a6ffdcef18f4a7ce28d02bafe9ec525931a4d919b046df52f13ab7a61319

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:45 GMT
Last-Modified: Mon, 14 May 2018 23:02:32 GMT
Server: Apache
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 663

GET
H/1.1 200
OK gearblack.svg
host.pluspremieres.us/files/ 2 KB
3 KB 366ms
185ms Image
image/svg+xml 199.192.25.127
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://host.pluspremieres.us/files/gearblack.svg
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.192.25.127 New York, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 66a4cd925666b4f0bfb9c5ea5104d62843ff202a8701c12082c0849d64c6d127

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:45 GMT
Last-Modified: Mon, 14 May 2018 23:02:26 GMT
Server: Apache
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2333

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:300,400,700,900
Origin: https://www.pluspremieres.ch

Response headers

date: Fri, 08 Mar 2019 23:20:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:24:00 GMT
server: sffe
age: 935771
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14076
x-xss-protection: 1; mode=block
expires: Sat, 07 Mar 2020 23:20:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:816::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48007615-1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 5391
date: Tue, 19 Mar 2019 17:46:54 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Tue, 19 Mar 2019 19:46:54 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 192 KB
193 KB 44ms
12ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=dbeb858be0d0de85c6cd8196657d71ee&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

8a829aa1ce77555b15b678abd75628ff42e96c12eaacfcb940572c38c5250b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.pluspremieres.ch/
Origin: https://www.pluspremieres.ch

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-type-options: nosniff
content-md5: oTWs0CqQDvP9ld0mRapFuQ==
status: 200
date: Tue, 19 Mar 2019 19:16:45 GMT
content-length: 197094
x-fb-debug: yC/RUCf3MIb6aXlnIUsv7b0MgpV75zvu4mVyitzUX6r2N6+NtUCNS/YSBGmrZ5vJ3nXg1L3fc52kShTLjAW5AA==
x-fb-content-md5: a135acd02a900ef3fd95dd2645aa45b9
etag: "157a29182844658e5e3bfa9e592e657d"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Wed, 18 Mar 2020 18:37:15 GMT

GET
H/1.1 200
OK tag.js Show response
mc.yandex.ru/metrika/ 330 KB
85 KB 24ms
23ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

162072d3665e40d8eca37c2a59f53e28b12274559de9105ffe0f0c173d2e93d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:45 GMT
Content-Encoding: br
Last-Modified: Tue, 19 Mar 2019 10:40:32 GMT
Server: nginx/1.12.2
ETag: "5c90c720-15240"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 86592
Expires: Tue, 19 Mar 2019 20:16:45 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v11/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro
Origin: https://www.pluspremieres.ch

Response headers

date: Sat, 09 Mar 2019 00:12:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:25:48 GMT
server: sffe
age: 932638
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12960
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 00:12:47 GMT

GET
H2 200 / Show response
www.pluspremieres.ch/feeds/posts/default/-/Album/New%20Music/ 255 KB
52 KB 225ms
224ms XHR
application/json 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/-/Album/New%20Music/?start-index=1&max-results=40&orderby=published&alt=json

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e0de245c61049a28b1d09f12f2ec0f8bd49dc22d1bf0b10b83957e6a482b03d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/-/Album/New%20Music/?start-index=1&max-results=40&orderby=published&alt=json
pragma: no-cache
cookie: __cfduid=d2720fa0f88afa2eccc9107584e333f841553023003
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.pluspremieres.ch
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.pluspremieres.ch/
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pluspremieres.ch/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2019 19:08:56 GMT
server: cloudflare
etag: W/"f1f18776c471e2fdb15982ac40230dc9281f90457b523ade7e58a4de155845f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c85579646505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:46 GMT

GET
H2 200 GloToven.jpg
1.bp.blogspot.com/-mx0dzFCGYj4/XIrEoOWQ2sI/AAAAAAAAAC4/RaxlZQnYQsktebnp-hFhMbTqCNn_Bfz_gCK4BGAYYCw/s300-c/ 72 KB
72 KB 22ms
18ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-mx0dzFCGYj4/XIrEoOWQ2sI/AAAAAAAAAC4/RaxlZQnYQsktebnp-hFhMbTqCNn_Bfz_gCK4BGAYYCw/s300-c/GloToven.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

5fe15c5edf2a7553badaa88c0d4c11539d73277770de5da7a4ae36a2493e01dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 17:57:07 GMT
x-content-type-options: nosniff
age: 4778
status: 200
content-disposition: inline;filename="GloToven.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 73222
x-xss-protection: 1; mode=block
server: fife
etag: "v2f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 13:53:37 GMT

GET
H2 200 Crazy%2BBut%2BIt%2527s%2BTrue.jpg
2.bp.blogspot.com/-S9JE2eZ0wKQ/XImtnYxh5SI/AAAAAAAAAAw/nUey40_ZmPAY5MF1cYP4se2C_OPhrBoXwCK4BGAYYCw/s300-c/ 32 KB
32 KB 25ms
7ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-S9JE2eZ0wKQ/XImtnYxh5SI/AAAAAAAAAAw/nUey40_ZmPAY5MF1cYP4se2C_OPhrBoXwCK4BGAYYCw/s300-c/Crazy%2BBut%2BIt%2527s%2BTrue.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

2a9097c57761880f31cf1f2efe2ad086aec265c2facb09b103f97c61036b92dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 17:58:43 GMT
x-content-type-options: nosniff
age: 4682
status: 200
content-disposition: inline;filename="Crazy But It's True.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 32297
x-xss-protection: 1; mode=block
server: fife
etag: "ve"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 13:57:54 GMT

GET
H2 200 300x300sr.jpg
is5-ssl.mzstatic.com/image/thumb/Music114/v4/3b/32/c6/3b32c61e-0d4a-6dcb-4c75-d55248b780f2/source/ 20 KB
20 KB 13ms
10ms Image
image/jpeg 2a02:26f0:64:5a7::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is5-ssl.mzstatic.com/image/thumb/Music114/v4/3b/32/c6/3b32c61e-0d4a-6dcb-4c75-d55248b780f2/source/300x300sr.jpg
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:5a7::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: b93de7d6f42a7dc726a339610ffe8d21b0aafadf4b2593b05aea0ee3fa3fd248

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: EOQP7B2L6ZY3YQRF4EBWJ2Y7OU
date: Tue, 19 Mar 2019 19:16:45 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"IEPyKASFp6uo8jjwjLdg2A==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 23a0ff87-4bf6-71bc-4225-e10364eb1f75
last-modified: Thu, 07 Mar 2019 03:04:13 GMT
content-length: 20322
cache-control: no-transform, max-age=14311338

GET
H2 200 Run%2BWild%2BRun%2BFree%2B-%2BEP%2B7.jpg
1.bp.blogspot.com/-L6nj0DIe63k/XIp3Yx4BlVI/AAAAAAAAACI/b99QYq5zcR4JtEks6Idjqa7O3peD_P_zwCK4BGAYYCw/s300-c/ 49 KB
49 KB 18ms
14ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-L6nj0DIe63k/XIp3Yx4BlVI/AAAAAAAAACI/b99QYq5zcR4JtEks6Idjqa7O3peD_P_zwCK4BGAYYCw/s300-c/Run%2BWild%2BRun%2BFree%2B-%2BEP%2B7.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

e34b4151f81a537467097e21d56ff8c2079f823bd6127ec700fe307ec2153428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 17:58:43 GMT
x-content-type-options: nosniff
age: 4682
status: 200
content-disposition: inline;filename="Run Wild Run Free - EP 7.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 49810
x-xss-protection: 1; mode=block
server: fife
etag: "v23"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 09:56:19 GMT

GET
H2 200 Greyson%2BChance%2B-%2Bportraits.jpg
1.bp.blogspot.com/-RFJXL1S62f0/XIphiLaA3TI/AAAAAAAAAbg/ij6yiaJ_Q0oi-q3AnvlkvlTMI9SG5jtHgCLcBGAs/s300-c/ 18 KB
18 KB 16ms
12ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-RFJXL1S62f0/XIphiLaA3TI/AAAAAAAAAbg/ij6yiaJ_Q0oi-q3AnvlkvlTMI9SG5jtHgCLcBGAs/s300-c/Greyson%2BChance%2B-%2Bportraits.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

c379e2ec030ae5c8656f91f13391e6772b5501348eb35288c9e920fa768340bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 18:54:35 GMT
x-content-type-options: nosniff
age: 1330
status: 200
content-disposition: inline;filename="Greyson Chance - portraits.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 18191
x-xss-protection: 1; mode=block
server: fife
etag: "v1b9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 14:41:30 GMT

GET
H2 200 4.jpg
2.bp.blogspot.com/-owPVQjyUxU0/XIr6oiaSkRI/AAAAAAAAAbA/dhKkR9h6xaEuUbsHmIrhyjeoc69l0vULACLcBGAs/s300-c/ 27 KB
27 KB 25ms
9ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-owPVQjyUxU0/XIr6oiaSkRI/AAAAAAAAAbA/dhKkR9h6xaEuUbsHmIrhyjeoc69l0vULACLcBGAs/s300-c/4.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

3bab57e4509bc59558dedc4a01bdd70472f11c0af541bb9ce027e20923e218a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 17:58:43 GMT
x-content-type-options: nosniff
age: 4682
status: 200
content-disposition: inline;filename="4.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27693
x-xss-protection: 1; mode=block
server: fife
etag: "v1b1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 09:56:18 GMT

GET
H2 200 300x300sr.jpg
is3-ssl.mzstatic.com/image/thumb/Music124/v4/2f/2b/20/2f2b2094-b55e-b1be-ca90-ec6cbfee1d60/source/ 22 KB
22 KB 10ms
7ms Image
image/jpeg 2a02:26f0:64:596::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is3-ssl.mzstatic.com/image/thumb/Music124/v4/2f/2b/20/2f2b2094-b55e-b1be-ca90-ec6cbfee1d60/source/300x300sr.jpg
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:596::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: d1f66bdf33eb7f40a883d9571db4b219d538bf2216c6af873b5dccfb2054d951

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: LHP2JNX2XSLEXWHLBOD535QOSU
date: Tue, 19 Mar 2019 19:16:45 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"5/ztblSFGY8dBNrIcnCPxw==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 59dfa4b6-fabc-964b-d8eb-0b87ddf60e95
last-modified: Fri, 15 Mar 2019 05:27:41 GMT
content-length: 22029
cache-control: no-transform, max-age=16248937

GET
H2 200 4%25281%2529.jpg
1.bp.blogspot.com/-DyR9PBGyGKs/XIoTNZF9FkI/AAAAAAAAAa0/kjWb4OYbQQgvM71OHYwDLtIDZxrT0PEMQCLcBGAs/s300-c/ 52 KB
52 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-DyR9PBGyGKs/XIoTNZF9FkI/AAAAAAAAAa0/kjWb4OYbQQgvM71OHYwDLtIDZxrT0PEMQCLcBGAs/s300-c/4%25281%2529.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

ade11d0b14b1cfb98bcc37875b55d09a498a697e24f520eb76701afdd8928223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 17:58:43 GMT
x-content-type-options: nosniff
age: 4682
status: 200
content-disposition: inline;filename="4(1).jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 53129
x-xss-protection: 1; mode=block
server: fife
etag: "v1ae"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 09:56:19 GMT

GET
H2 200 300x300sr.jpg
is1-ssl.mzstatic.com/image/thumb/Music124/v4/01/74/e9/0174e966-f6d1-1307-8afb-2b20113a4408/source/ 31 KB
32 KB 15ms
12ms Image
image/jpeg 2a02:26f0:64:5a1::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is1-ssl.mzstatic.com/image/thumb/Music124/v4/01/74/e9/0174e966-f6d1-1307-8afb-2b20113a4408/source/300x300sr.jpg
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:5a1::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: ed29b9a8658091a5d931c6e65d11783ae4414e1d13e565522202622c319e0dc0

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: SPGRLPTEHWHWMHDBGIQ3SNKZLI
date: Tue, 19 Mar 2019 19:16:45 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"ek4y6zvxdwZ/hCAtfs+13g==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 93cd15be-643d-8f66-1c61-3221b935595a
last-modified: Thu, 14 Mar 2019 22:46:56 GMT
content-length: 32114
cache-control: no-transform, max-age=14389904

GET
H2 200 300x300sr.jpg
is2-ssl.mzstatic.com/image/thumb/Music124/v4/11/6f/c6/116fc640-c64d-b38d-986d-e09b11eb518b/source/ 18 KB
18 KB 10ms
8ms Image
image/jpeg 2a02:26f0:64:596::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Music124/v4/11/6f/c6/116fc640-c64d-b38d-986d-e09b11eb518b/source/300x300sr.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:64:596::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

2ee672ac0b18a5805e5f164891e45e7597a0897cb2b6f44c671fed2a59bc445f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: XD2YC6IF3IXXLB2D4YFFC7ZX
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:35887001:pv50p00it-hyhk12043701:7987:19C37
status: 200
date: Tue, 19 Mar 2019 19:16:45 GMT
last-modified: Thu, 14 Mar 2019 22:46:54 GMT
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-length: 18181
cache-control: no-transform, max-age=15431923
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "\"P4EzxPs244fkfJNWoJft8w==\""
apple-originating-system: AIImageService
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: b8f58179-05da-2f75-8743-e60a517f37

GET
H2 200 / Show response
www.pluspremieres.ch/feeds/posts/default/-/Single/New%20Music/ 258 KB
50 KB 148ms
147ms XHR
application/json 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/-/Single/New%20Music/?start-index=1&max-results=40&orderby=published&alt=json

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1c7f2f5d3b783bdc442a883c83237abfcbd440426589bdc913dc6f2e53f8c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/-/Single/New%20Music/?start-index=1&max-results=40&orderby=published&alt=json
pragma: no-cache
cookie: __cfduid=d2720fa0f88afa2eccc9107584e333f841553023003
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.pluspremieres.ch
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.pluspremieres.ch/
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pluspremieres.ch/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2019 19:08:56 GMT
server: cloudflare
etag: W/"f1b2c8752c954ffc70c95d1ae9d0abecd5a4cdccad9c5045b4b5197a809c6776"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c857abf66505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:46 GMT

GET
H2 200 4.jpg
3.bp.blogspot.com/-LlpLk-9_I2I/XJE-LlWT3zI/AAAAAAAAAdI/eldP-trj6YYsPhaZ2xtjOzfmOCMJcwdFQCLcBGAs/s120-c/ 5 KB
6 KB 34ms
2ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-LlpLk-9_I2I/XJE-LlWT3zI/AAAAAAAAAdI/eldP-trj6YYsPhaZ2xtjOzfmOCMJcwdFQCLcBGAs/s120-c/4.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

de0f5de75752225e3f2f1900b0e1f708d80e83f5b60c3abba34d024c0e18760c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:10:25 GMT
x-content-type-options: nosniff
age: 380
status: 200
content-disposition: inline;filename="4.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 5543
x-xss-protection: 1; mode=block
server: fife
etag: "v1d2"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 19:10:25 GMT

GET
H2 200 4.jpg
3.bp.blogspot.com/-6S-PcrraYxo/XJE9txdNlYI/AAAAAAAAAdA/ZKKedUdSDZ0otoV4hXPnpRonOj-FxthDACLcBGAs/s120-c/ 5 KB
5 KB 38ms
7ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-6S-PcrraYxo/XJE9txdNlYI/AAAAAAAAAdA/ZKKedUdSDZ0otoV4hXPnpRonOj-FxthDACLcBGAs/s120-c/4.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

fe8e1aa1d1154caa81c9a86669f899bdd92be36cd2141f7d9ab94e2b53a09d5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:08:12 GMT
x-content-type-options: nosniff
age: 513
status: 200
content-disposition: inline;filename="4.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 5083
x-xss-protection: 1; mode=block
server: fife
etag: "v1d1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 19:08:12 GMT

GET
H2 200 120x120sr.jpg
is5-ssl.mzstatic.com/image/thumb/Music123/v4/3d/e7/d7/3de7d70f-79c4-8933-f0aa-2bddff635617/source/ 7 KB
8 KB 24ms
18ms Image
image/jpeg 2a02:26f0:64:5a7::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is5-ssl.mzstatic.com/image/thumb/Music123/v4/3d/e7/d7/3de7d70f-79c4-8933-f0aa-2bddff635617/source/120x120sr.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:64:5a7::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

9bb4ebc60847e8f711f8633aed4b077ea76a3c4d329ec687e7a1c02be35978ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: TBP4ROVD737YCVKNFUYBLKLW
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:35887001:pv50p00it-hyhk12043701:7987:19C37
status: 200
date: Tue, 19 Mar 2019 19:16:45 GMT
last-modified: Mon, 18 Mar 2019 18:44:12 GMT
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-length: 7657
cache-control: no-transform, max-age=16589999
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "\"2tP6DRLuyLNGX5oTMEM33Q==\""
apple-originating-system: AIImageService
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 985fc8ba-a3fe-ff81-554d-2d3015a976

GET
H2 200 4.jpg
1.bp.blogspot.com/-uVSDrofafyU/XI_tAFr26sI/AAAAAAAAAck/eR84Fb-pmUo-Nhj4opPfyfZQ_q4AUDuRgCEwYBhgL/s120-c/ 9 KB
10 KB 22ms
16ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-uVSDrofafyU/XI_tAFr26sI/AAAAAAAAAck/eR84Fb-pmUo-Nhj4opPfyfZQ_q4AUDuRgCEwYBhgL/s120-c/4.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

32df04a768f587b2b319d24353504f771ca9dd7d7554ba2fc1f4e4b7d2e6b820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 16:22:33 GMT
x-content-type-options: nosniff
age: 10452
status: 200
content-disposition: inline;filename="4.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 9692
x-xss-protection: 1; mode=block
server: fife
etag: "v1ca"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Mar 2019 19:12:51 GMT

GET
H2 200 4.jpg
1.bp.blogspot.com/-D7EwHUd55pk/XI_ps7NU2qI/AAAAAAAAAcQ/NBClKg4MNbUa5HmKiSeyJ_CfJNp-4SiKQCLcBGAs/s120-c/ 11 KB
11 KB 21ms
16ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-D7EwHUd55pk/XI_ps7NU2qI/AAAAAAAAAcQ/NBClKg4MNbUa5HmKiSeyJ_CfJNp-4SiKQCLcBGAs/s120-c/4.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

f2b0112894aebb887551cc82a618f8792c983f5f2b353771e37d6e1af4ce128d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 15:25:42 GMT
x-content-type-options: nosniff
age: 13863
status: 200
content-disposition: inline;filename="4.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 11223
x-xss-protection: 1; mode=block
server: fife
etag: "v1c4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Mar 2019 19:01:53 GMT

GET
H2 200 4.jpg
1.bp.blogspot.com/-H4-wFXfnqQc/XI_pNr7rJ5I/AAAAAAAAAcI/jVQxdnq07Kw3JaHWDw30qmsnrH6Kf-5QgCLcBGAs/s120-c/ 8 KB
8 KB 20ms
14ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-H4-wFXfnqQc/XI_pNr7rJ5I/AAAAAAAAAcI/jVQxdnq07Kw3JaHWDw30qmsnrH6Kf-5QgCLcBGAs/s120-c/4.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

1cab89fb914e3917a52f693063b431815b3ba125b904364c4fe72a582bd70eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 15:25:42 GMT
x-content-type-options: nosniff
age: 13863
status: 200
content-disposition: inline;filename="4.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 8068
x-xss-protection: 1; mode=block
server: fife
etag: "v1c3"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Mar 2019 19:01:53 GMT

GET
H2 200 01%2BSober%2B%2528feat.%2BRae%2BSremmurd%2B%2526%2BStana.jpg
1.bp.blogspot.com/-TpvrQ5lHGcc/XJAM-M_BbwI/AAAAAAAAAdk/FPZjHo5Fkk4h1ZK41jes_FJHneir5TI8gCLcBGAs/s120-c/ 2 KB
3 KB 22ms
17ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-TpvrQ5lHGcc/XJAM-M_BbwI/AAAAAAAAAdk/FPZjHo5Fkk4h1ZK41jes_FJHneir5TI8gCLcBGAs/s120-c/01%2BSober%2B%2528feat.%2BRae%2BSremmurd%2B%2526%2BStana.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

fc159f07b81acd720040974f40fd632b00715cf636882b2aace9227d98dd4366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 18:10:49 GMT
x-content-type-options: nosniff
age: 3956
status: 200
content-disposition: inline;filename="01 Sober (feat. Rae Sremmurd & Stana.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 2511
x-xss-protection: 1; mode=block
server: fife
etag: "v1d9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Mar 2019 21:26:44 GMT

GET
H2 200 4%25281%2529.jpg
1.bp.blogspot.com/-ADeyCuMNJiE/XInTPJTuW7I/AAAAAAAAAac/Rn0o0NQ_VAMnpA3RdMD9tXbVjNMTj_U8wCLcBGAs/s120-c/ 4 KB
4 KB 21ms
16ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ADeyCuMNJiE/XInTPJTuW7I/AAAAAAAAAac/Rn0o0NQ_VAMnpA3RdMD9tXbVjNMTj_U8wCLcBGAs/s120-c/4%25281%2529.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

5d5e52a8e6869d32c466730c6f77b3749a6ad42f348b8ad4bbfd929762a48abf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 17:57:08 GMT
x-content-type-options: nosniff
age: 4777
status: 200
content-disposition: inline;filename="4(1).jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 3678
x-xss-protection: 1; mode=block
server: fife
etag: "v1a8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 13:53:39 GMT

GET
H2 200 120x120sr.jpg
is1-ssl.mzstatic.com/image/thumb/Music123/v4/df/76/73/df7673c3-6afe-d79e-8080-435ddd6b9053/source/ 4 KB
5 KB 22ms
18ms Image
image/jpeg 2a02:26f0:64:5a1::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is1-ssl.mzstatic.com/image/thumb/Music123/v4/df/76/73/df7673c3-6afe-d79e-8080-435ddd6b9053/source/120x120sr.jpg
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:5a1::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 2f7b4f6bda461b47c9d42d29441dc049607f613facbdd721582f126cea66ef36

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: VZYURM2NPORPHBZIFHPGQQ2XX4
date: Tue, 19 Mar 2019 19:16:45 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"IN8e/pbrcR+MQBZM7j7PHQ==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: ae7148b3-4d7b-a2f3-8728-29de684357bf
last-modified: Fri, 15 Mar 2019 05:04:26 GMT
content-length: 4150
cache-control: no-transform, max-age=15987743

GET
H2 200 120x120sr.jpg
is3-ssl.mzstatic.com/image/thumb/Music113/v4/d2/5d/3e/d25d3e70-48f2-cf8b-9fbb-844f282ea920/source/ 7 KB
7 KB 17ms
13ms Image
image/jpeg 2a02:26f0:64:596::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is3-ssl.mzstatic.com/image/thumb/Music113/v4/d2/5d/3e/d25d3e70-48f2-cf8b-9fbb-844f282ea920/source/120x120sr.jpg
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:596::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: b7f80ad4e6759fe2fd089ed1a3066a10fbc0d0e740655bdd0ff517234bb79942

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: MIJMFH5G6BLRBCVPIXMA5FOGKY
date: Tue, 19 Mar 2019 19:16:45 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"HvZyIUXhvcpdVKvqH/p25w==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 6212c29f-a6f0-5710-8aaf-45d80e95c656
last-modified: Fri, 15 Mar 2019 04:40:07 GMT
content-length: 6771
cache-control: no-transform, max-age=14165561

GET
H2 200 Beast%2BCoast%2B-%2BLeft%2BHand%2B-%2BSingle%2B%2528feat.%2BJoey%2BBada%2524%2524%252C%2BFlatbush%2BZombies%252C%2BThe%2BUnderachievers%252C%2BKirk%2BKnight%252C%2BNyck%2BCaution%2B%2526%2BCJ%2BFly...
2.bp.blogspot.com/-5qAitVI09D0/XIbtw097VSI/AAAAAAAAAZg/o8wNrKqzf2I9i5aVncu_hr9MqVPHqfwoACLcBGAs/s120-c/ 9 KB
9 KB 14ms
8ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-5qAitVI09D0/XIbtw097VSI/AAAAAAAAAZg/o8wNrKqzf2I9i5aVncu_hr9MqVPHqfwoACLcBGAs/s120-c/Beast%2BCoast%2B-%2BLeft%2BHand%2B-%2BSingle%2B%2528feat.%2BJoey%2BBada%2524%2524%252C%2BFlatbush%2BZombies%252C%2BThe%2BUnderachievers%252C%2BKirk%2BKnight%252C%2BNyck%2BCaution%2B%2526%2BCJ%2BFly%2529%2B-%2BSingle.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

766636ed6485a0dd20cb23781e841074a2219e03fb77a5869f7ead96586cbb07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 17:58:43 GMT
x-content-type-options: nosniff
age: 4682
status: 200
content-disposition: inline;filename="Beast Coast - Left Hand - Single (feat. Joey Bada$$, Flatbush Zombies, The Underachievers, Kirk Knight, Nyck Caution & CJ Fly) - Single.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 8763
x-xss-protection: 1; mode=block
server: fife
etag: "v199"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 13:57:55 GMT

GET
H2 200 120x120sr.jpg
is1-ssl.mzstatic.com/image/thumb/Music113/v4/23/6d/a5/236da5c2-b414-e907-bdd1-a362868c59e2/source/ 4 KB
5 KB 15ms
10ms Image
image/jpeg 2a02:26f0:64:5a1::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is1-ssl.mzstatic.com/image/thumb/Music113/v4/23/6d/a5/236da5c2-b414-e907-bdd1-a362868c59e2/source/120x120sr.jpg
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:5a1::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 9c2fc94345cb107425b4eb959acb88b0086d9fd8b2b3982b95bfa86f36aa0320

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: TQADWOSYMPD4XUV5ODIPR3MCZY
date: Tue, 19 Mar 2019 19:16:45 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"X5niwm8d54xeOzFIPYhNUg==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 9c003b3a-5863-c7cb-d2bd-70d0f8ed82ce
last-modified: Thu, 14 Mar 2019 14:50:07 GMT
content-length: 4238
cache-control: no-transform, max-age=14447864

GET
H2 200 authorization.css
www.blogger.com/dyn-css/ 1 B
114 B 135ms
132ms Stylesheet
text/css 2a00:1450:4001:818::2009
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7153054935638188411&zx=d56d895a-bdd1-4d74-856b-73c9daed5769

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2009 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 21
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 19 Mar 2019 19:16:45 GMT
server: GSE
date: Tue, 19 Mar 2019 19:16:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK explicit.svg
host.pluspremieres.us/files/ 3 KB
3 KB 181ms
180ms Image
image/svg+xml 199.192.25.127
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://host.pluspremieres.us/files/explicit.svg
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.192.25.127 New York, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: afc02d5cf160664e3cf76fdf5c8595daff9deab1542c71919592982b055bec5f

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:45 GMT
Last-Modified: Mon, 14 May 2018 23:02:25 GMT
Server: Apache
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2844

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=2014933441&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pluspremieres.ch%2F&ul=en-us&de=UTF-8&dt=Plus%20Premieres%20%7C%20New%20music%20every%20Thurs...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-48007615-1&cid=1225878782.1553023006&jid=1855353240&_gid=1344836576.1553023006&gjid=303338761&_v=j73&z=29388285
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48007615-1&cid=1225878782.1553023006&jid=1855353240&_v=j73&z=29388285
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48007615-1&cid=1225878782.1553023006&jid=1855353240&_v=j73&z=29388285&slf_rd=1&random=2644174431

42 B
109 B

23ms
20ms

Image
image/gif

2a00:1450:4001:820::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48007615-1&cid=1225878782.1553023006&jid=1855353240&_v=j73&z=29388285&slf_rd=1&random=2644174431

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Mar 2019 19:16:47 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Mar 2019 19:16:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48007615-1&cid=1225878782.1553023006&jid=1855353240&_v=j73&z=29388285&slf_rd=1&random=2644174431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.pluspremieres.ch/feeds/posts/default/-/Pre-Order/Album/ 237 KB
49 KB 152ms
150ms XHR
application/json 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/-/Pre-Order/Album/?start-index=1&max-results=40&orderby=published&alt=json

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a015e76f3770c9b8c0c0979c8ada33b9c6414ec26b69c54c1d8ae963463e0cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/-/Pre-Order/Album/?start-index=1&max-results=40&orderby=published&alt=json
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.pluspremieres.ch
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.pluspremieres.ch/
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pluspremieres.ch/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:45 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
x-xss-protection: 0
last-modified: Tue, 19 Mar 2019 19:08:56 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"9922895c8993bff7eb5f8e999988e005ef1bd75cfb1f8fde615fe463bd6df524"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
set-cookie: __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; expires=Wed, 18-Mar-20 19:16:45 GMT; path=/; domain=.pluspremieres.ch; HttpOnly
cf-ray: 4ba1c85a0f266505-FRA
expires: Tue, 19 Mar 2019 19:16:46 GMT

GET
H2 200 The%2BWorld%2BIs%2BYours%2B2.jpg
2.bp.blogspot.com/-3xEiRCR5eyw/XD6mPF_Bo3I/AAAAAAAAABE/S2nmZbYT3vI9OT9p7qYCXLiCQs1IG633ACK4BGAYYCw/s300-c/ 32 KB
33 KB 10ms
6ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-3xEiRCR5eyw/XD6mPF_Bo3I/AAAAAAAAABE/S2nmZbYT3vI9OT9p7qYCXLiCQs1IG633ACK4BGAYYCw/s300-c/The%2BWorld%2BIs%2BYours%2B2.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

ce9196efb3ebaaf596f737ee958a2a4775cd1d63570253a96f6932267325a932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 16:27:08 GMT
x-content-type-options: nosniff
age: 10178
status: 200
content-disposition: inline;filename="The World Is Yours 2.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 33208
x-xss-protection: 1; mode=block
server: fife
etag: "v12"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Mar 2019 19:55:51 GMT

GET
H2 200 4%25283%2529.jpg
2.bp.blogspot.com/-fVA5DExP4lY/XFIA3l05_yI/AAAAAAAAAFM/MXUJoD1-RVQGOZTR1Ylud9mVr-Wcq-XPwCEwYBhgL/s300-c/ 12 KB
12 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-fVA5DExP4lY/XFIA3l05_yI/AAAAAAAAAFM/MXUJoD1-RVQGOZTR1Ylud9mVr-Wcq-XPwCEwYBhgL/s300-c/4%25283%2529.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

946d49c91f0be02de2248185fd72c788f3f9a5eef93db8459fabf09e05856bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 17:34:50 GMT
x-content-type-options: nosniff
age: 6116
status: 200
content-disposition: inline;filename="4(3).jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 12280
x-xss-protection: 1; mode=block
server: fife
etag: "v54"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 09:23:33 GMT

GET
H2 200 300x300sr.jpg
is5-ssl.mzstatic.com/image/thumb/Music118/v4/32/bd/64/32bd6499-4e72-7003-e715-1a70c36645ef/source/ 21 KB
21 KB 11ms
8ms Image
image/jpeg 2a02:26f0:64:5a7::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is5-ssl.mzstatic.com/image/thumb/Music118/v4/32/bd/64/32bd6499-4e72-7003-e715-1a70c36645ef/source/300x300sr.jpg
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:5a7::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: ff90b55df39d73a961ce8eaed2359b99f06ae460e39b9e558af6a595abf1562e

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: 3AHPV2QY54P53Y6GVP6UZXYLKU
date: Tue, 19 Mar 2019 19:16:46 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"+DlqXDST608eG+uHQKDxFg==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: d80efaea-18ef-1fdd-e3c6-abfd4cdf0b55
last-modified: Wed, 27 Feb 2019 21:56:03 GMT
content-length: 21482
cache-control: no-transform, max-age=16076458

GET
H2 200 300x300sr.jpg
is3-ssl.mzstatic.com/image/thumb/Music114/v4/b4/f8/66/b4f866d5-0534-939f-daa5-5980bfc03e5b/source/ 30 KB
30 KB 13ms
9ms Image
image/jpeg 2a02:26f0:64:596::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is3-ssl.mzstatic.com/image/thumb/Music114/v4/b4/f8/66/b4f866d5-0534-939f-daa5-5980bfc03e5b/source/300x300sr.jpg
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:596::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: ecc5654be8efbcc7918a742c688b5a766e61af569e5f1d1009cafc4d9c9a1338

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: WQEV7ERNY5PAA75DD3MW4SR3L4
date: Tue, 19 Mar 2019 19:16:46 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"XNnt/sK/0JPVoq4/dT0p4g==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: b4095f92-2dc7-5e00-7fa3-1ed96e4a3b5f
last-modified: Thu, 14 Mar 2019 23:35:58 GMT
content-length: 30687
cache-control: no-transform, max-age=15693633

GET
H2 200 4.jpg
1.bp.blogspot.com/-uVSDrofafyU/XI_tAFr26sI/AAAAAAAAAck/NyHROv4WDkQTXLZj_uMW_7g7OkMgH6p7QCLcBGAs/s300-c/ 43 KB
44 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-uVSDrofafyU/XI_tAFr26sI/AAAAAAAAAck/NyHROv4WDkQTXLZj_uMW_7g7OkMgH6p7QCLcBGAs/s300-c/4.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

494becc937f3e98c3de5df1f4f693d5edc9d77ac38608171e16eb180c1167a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 16:27:08 GMT
x-content-type-options: nosniff
age: 10178
status: 200
content-disposition: inline;filename="4.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 44459
x-xss-protection: 1; mode=block
server: fife
etag: "v1c9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Mar 2019 19:10:36 GMT

GET
H2 200 300x300sr.jpg
is2-ssl.mzstatic.com/image/thumb/Music114/v4/9f/ad/52/9fad5203-5f44-df61-41f5-65e833f2be84/source/ 8 KB
9 KB 18ms
12ms Image
image/jpeg 2a02:26f0:64:596::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is2-ssl.mzstatic.com/image/thumb/Music114/v4/9f/ad/52/9fad5203-5f44-df61-41f5-65e833f2be84/source/300x300sr.jpg
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:596::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 6c4b4056e38fbaef425792a87708636d324e9709fe385bfc036bc8ee67522835

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: POPYTX7PGVP6XSHTXOG237IXPU
date: Tue, 19 Mar 2019 19:16:46 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"LmZfIyDvJ7/pRiCzkCsJaA==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 7b9f89df-ef35-5feb-c8f3-bb8dadfd177d
last-modified: Wed, 27 Feb 2019 21:49:31 GMT
content-length: 8558
cache-control: no-transform, max-age=13708536

GET
H2 200 300x300sr.jpg
is3-ssl.mzstatic.com/image/thumb/Music124/v4/a1/08/bf/a108bf78-7e36-9762-5906-b5b5b31c1e61/source/ 23 KB
23 KB 18ms
13ms Image
image/jpeg 2a02:26f0:64:596::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is3-ssl.mzstatic.com/image/thumb/Music124/v4/a1/08/bf/a108bf78-7e36-9762-5906-b5b5b31c1e61/source/300x300sr.jpg
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:596::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 7718cbd0ca1f3556f995e69403036f21b519246fb08012d7fc120155b2fe0f2a

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: AWXCY6ID23L2YO3NCDSD7QSILI
date: Tue, 19 Mar 2019 19:16:46 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"XGAPe6zDpQa7r2q7sSWsYA==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 05ae2c79-03d6-d7ac-3b6d-10e43fc2485a
last-modified: Thu, 14 Mar 2019 23:35:52 GMT
content-length: 23208
cache-control: no-transform, max-age=16375274

GET
H2 200 Norman%2BFucking%2BRockwell.jpg
4.bp.blogspot.com/-E9bTA87mLmI/XIrjdWb2T-I/AAAAAAAAAD4/JcjM9ok9CX8o9s_pF-eXoKodUPfkzVqCgCK4BGAYYCw/s300-c/ 30 KB
30 KB 40ms
12ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-E9bTA87mLmI/XIrjdWb2T-I/AAAAAAAAAD4/JcjM9ok9CX8o9s_pF-eXoKodUPfkzVqCgCK4BGAYYCw/s300-c/Norman%2BFucking%2BRockwell.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

c7f2a667648f4b844f77e1db1ab95591280b302d689e67475850e86f16e0f55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 16:27:08 GMT
x-content-type-options: nosniff
age: 10178
status: 200
content-disposition: inline;filename="Norman Fucking Rockwell.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 30529
x-xss-protection: 1; mode=block
server: fife
etag: "v3f"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Mar 2019 15:57:56 GMT

GET
H2 200 Free%2BSpirit.jpg
2.bp.blogspot.com/-oj51YP0p4ZA/XIE_RS4dF7I/AAAAAAAAACI/JR6XH0ne5L4yAoRYniUvm1sdaMNEAImVwCK4BGAYYCw/s300-c/ 35 KB
36 KB 10ms
6ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-oj51YP0p4ZA/XIE_RS4dF7I/AAAAAAAAACI/JR6XH0ne5L4yAoRYniUvm1sdaMNEAImVwCK4BGAYYCw/s300-c/Free%2BSpirit.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

bf2d030e40d06be6ebc568ad4a185fe915573fdec86624975d5f9c38eab1ee2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 16:27:08 GMT
x-content-type-options: nosniff
age: 10178
status: 200
content-disposition: inline;filename="Free Spirit.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 36324
x-xss-protection: 1; mode=block
server: fife
etag: "v23"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 00:02:13 GMT

GET
H2 200 300x300sr.jpg
is5-ssl.mzstatic.com/image/thumb/Music123/v4/a3/2c/ad/a32cad24-70d3-27a0-e462-674aa9c1760a/source/ 9 KB
9 KB 9ms
8ms Image
image/jpeg 2a02:26f0:64:5a7::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is5-ssl.mzstatic.com/image/thumb/Music123/v4/a3/2c/ad/a32cad24-70d3-27a0-e462-674aa9c1760a/source/300x300sr.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:64:5a7::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

ed1b380e036de59fea5b588c8b77e3f07988483dc0921b2d37bcbc8d1b1514e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: AOHKEYV6BRKCZLT2CLIEVF7P
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:35887001:pv50p00it-hyhk12043701:7987:19C32
status: 200
date: Tue, 19 Mar 2019 19:16:46 GMT
last-modified: Thu, 14 Mar 2019 14:43:21 GMT
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-length: 8734
cache-control: no-transform, max-age=15675381
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "\"z/917kjjob/qUYlOn3cgNg==\""
apple-originating-system: AIImageService
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 038ea262-be0c-542c-ae7a-12d04a97ef

GET
H2 200 / Show response
www.pluspremieres.ch/feeds/posts/default/ 245 KB
49 KB 216ms
213ms XHR
application/json 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/?start-index=1&max-results=40&orderby=updated&alt=json

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5580f18519ebd4d9a6acc8135532b915d2bb5677a83b8567fc970e4a97b573a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/?start-index=1&max-results=40&orderby=updated&alt=json
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.pluspremieres.ch
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.pluspremieres.ch/
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pluspremieres.ch/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2019 19:08:56 GMT
server: cloudflare
etag: W/"070b0407ea29b0f3da9568334ccfbe67aa867aded06c919ab7cea214996538b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c85bc9276505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:47 GMT

GET
H2 200 4.jpg
3.bp.blogspot.com/-LlpLk-9_I2I/XJE-LlWT3zI/AAAAAAAAAdI/eldP-trj6YYsPhaZ2xtjOzfmOCMJcwdFQCLcBGAs/s300-c/ 30 KB
30 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-LlpLk-9_I2I/XJE-LlWT3zI/AAAAAAAAAdI/eldP-trj6YYsPhaZ2xtjOzfmOCMJcwdFQCLcBGAs/s300-c/4.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

cbcaf50acbed1b528bc0fd71b6e637a3508fd7365d2dca0590d6a00d31543bd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:10:25 GMT
x-content-type-options: nosniff
age: 381
status: 200
content-disposition: inline;filename="4.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 30413
x-xss-protection: 1; mode=block
server: fife
etag: "v1d2"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 19:10:25 GMT

GET
H2 200 4.jpg
3.bp.blogspot.com/-6S-PcrraYxo/XJE9txdNlYI/AAAAAAAAAdA/ZKKedUdSDZ0otoV4hXPnpRonOj-FxthDACLcBGAs/s300-c/ 23 KB
23 KB 25ms
24ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-6S-PcrraYxo/XJE9txdNlYI/AAAAAAAAAdA/ZKKedUdSDZ0otoV4hXPnpRonOj-FxthDACLcBGAs/s300-c/4.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

144379243353aa6052f8f7b9568db548267a5fac359db22df7d90ebfe88d1b28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:08:16 GMT
x-content-type-options: nosniff
age: 510
status: 200
content-disposition: inline;filename="4.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 23204
x-xss-protection: 1; mode=block
server: fife
etag: "v1d1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 19:08:16 GMT

GET
H2 200 4.jpg
1.bp.blogspot.com/-XLrTyUpIaWI/XJE9VgDClNI/AAAAAAAAAc4/P3YCjYVS-_YBLXLf3i_6iH1tIcy4reJ0wCLcBGAs/s300-c/ 34 KB
34 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-XLrTyUpIaWI/XJE9VgDClNI/AAAAAAAAAc4/P3YCjYVS-_YBLXLf3i_6iH1tIcy4reJ0wCLcBGAs/s300-c/4.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

75eb4c7ee95ae88e7de2a29fe8adf0934378b1bd6f4596d394c3c409289e0879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:10:26 GMT
x-content-type-options: nosniff
age: 380
status: 200
content-disposition: inline;filename="4.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 34987
x-xss-protection: 1; mode=block
server: fife
etag: "v1ce"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 19:10:26 GMT

GET
H2 200 01%2BSober%2B%2528feat.%2BRae%2BSremmurd%2B%2526%2BStana.jpg
1.bp.blogspot.com/-TpvrQ5lHGcc/XJAM-M_BbwI/AAAAAAAAAdk/FPZjHo5Fkk4h1ZK41jes_FJHneir5TI8gCLcBGAs/s300-c/ 11 KB
11 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-TpvrQ5lHGcc/XJAM-M_BbwI/AAAAAAAAAdk/FPZjHo5Fkk4h1ZK41jes_FJHneir5TI8gCLcBGAs/s300-c/01%2BSober%2B%2528feat.%2BRae%2BSremmurd%2B%2526%2BStana.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

54a43c4c3c87d700747e591e3bce2ec67c9bed30764ff19bd5fb62acd96f00e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:13:51 GMT
x-content-type-options: nosniff
age: 175
status: 200
content-disposition: inline;filename="01 Sober (feat. Rae Sremmurd & Stana.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10953
x-xss-protection: 1; mode=block
server: fife
etag: "v1d9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Mar 2019 21:45:43 GMT

GET
H2 200 4.jpg
1.bp.blogspot.com/-uVSDrofafyU/XI_tAFr26sI/AAAAAAAAAck/eR84Fb-pmUo-Nhj4opPfyfZQ_q4AUDuRgCEwYBhgL/s300-c/ 43 KB
44 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-uVSDrofafyU/XI_tAFr26sI/AAAAAAAAAck/eR84Fb-pmUo-Nhj4opPfyfZQ_q4AUDuRgCEwYBhgL/s300-c/4.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

494becc937f3e98c3de5df1f4f693d5edc9d77ac38608171e16eb180c1167a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 16:27:08 GMT
x-content-type-options: nosniff
age: 10178
status: 200
content-disposition: inline;filename="4.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 44459
x-xss-protection: 1; mode=block
server: fife
etag: "v1c9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Mar 2019 19:12:57 GMT

GET
H2 200 4.jpg
1.bp.blogspot.com/-H4-wFXfnqQc/XI_pNr7rJ5I/AAAAAAAAAcI/jVQxdnq07Kw3JaHWDw30qmsnrH6Kf-5QgCLcBGAs/s300-c/ 41 KB
41 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-H4-wFXfnqQc/XI_pNr7rJ5I/AAAAAAAAAcI/jVQxdnq07Kw3JaHWDw30qmsnrH6Kf-5QgCLcBGAs/s300-c/4.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

ef2a2a8eaac8e13cd86da62eaad075df76f1f56baf9e29fa57ab815d92257394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 15:58:42 GMT
x-content-type-options: nosniff
age: 11884
status: 200
content-disposition: inline;filename="4.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42181
x-xss-protection: 1; mode=block
server: fife
etag: "v1c3"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Mar 2019 19:02:15 GMT

GET
H2 200 4.jpg
1.bp.blogspot.com/-D7EwHUd55pk/XI_ps7NU2qI/AAAAAAAAAcQ/NBClKg4MNbUa5HmKiSeyJ_CfJNp-4SiKQCLcBGAs/s300-c/ 41 KB
42 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-D7EwHUd55pk/XI_ps7NU2qI/AAAAAAAAAcQ/NBClKg4MNbUa5HmKiSeyJ_CfJNp-4SiKQCLcBGAs/s300-c/4.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

a22c538cafcf9490937689c55f40f26892939515c99dd25cfb33c0e04f748c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 15:58:42 GMT
x-content-type-options: nosniff
age: 11884
status: 200
content-disposition: inline;filename="4.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42399
x-xss-protection: 1; mode=block
server: fife
etag: "v1c5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Mar 2019 19:02:15 GMT

GET
H2 200 4.jpg
1.bp.blogspot.com/-75jccxu8rhQ/XI_qBWZNpcI/AAAAAAAAAcY/pn5YqwytFrISTo-MB93agQIUFftzDdTtgCLcBGAs/s300-c/ 34 KB
34 KB 13ms
13ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-75jccxu8rhQ/XI_qBWZNpcI/AAAAAAAAAcY/pn5YqwytFrISTo-MB93agQIUFftzDdTtgCLcBGAs/s300-c/4.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

ec497fbc62eb2beef18d04815a41343513806d866b6a351c213ebcf2d4fe55c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 15:58:42 GMT
x-content-type-options: nosniff
age: 11884
status: 200
content-disposition: inline;filename="4.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 34369
x-xss-protection: 1; mode=block
server: fife
etag: "v1c7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Mar 2019 19:02:15 GMT

GET
H2 200 300x300sr.jpg
is5-ssl.mzstatic.com/image/thumb/Music123/v4/3d/e7/d7/3de7d70f-79c4-8933-f0aa-2bddff635617/source/ 32 KB
32 KB 9ms
9ms Image
image/jpeg 2a02:26f0:64:5a7::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is5-ssl.mzstatic.com/image/thumb/Music123/v4/3d/e7/d7/3de7d70f-79c4-8933-f0aa-2bddff635617/source/300x300sr.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:64:5a7::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

6371e40771495e27a435f9a17e1bbc6b8181fd7d1298c870dd3a235102eae204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: A5LWTTL45T4BPI7FTXDLSZNF
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:35887001:pv50p00it-hyhk12043701:7987:19C37
status: 200
date: Tue, 19 Mar 2019 19:16:46 GMT
last-modified: Mon, 18 Mar 2019 18:44:00 GMT
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-length: 32260
cache-control: no-transform, max-age=15090835
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "\"2tP6DRLuyLNGX5oTMEM33Q==\""
apple-originating-system: AIImageService
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 075769cd-7cec-f817-a3e5-9dc6b965a5

GET
H2 200 Say%2BLess.jpg
4.bp.blogspot.com/-6X9OYMTz7f8/Wg5nFgDVYaI/AAAAAAAAAJ0/IMebkAcsVsUxqu0eqfrqjOs0q3PakEmMACK4BGAYYCw/s300-c/ 20 KB
21 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-6X9OYMTz7f8/Wg5nFgDVYaI/AAAAAAAAAJ0/IMebkAcsVsUxqu0eqfrqjOs0q3PakEmMACK4BGAYYCw/s300-c/Say%2BLess.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

e798f49c77aaba7132b330342adf1a35ff7dd952473ad329beba9a3d60962c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 15:42:19 GMT
x-content-type-options: nosniff
age: 12867
status: 200
content-disposition: inline;filename="Say Less.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 20910
x-xss-protection: 1; mode=block
server: fife
etag: "v9e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Mar 2019 18:55:56 GMT

GET
H2 200 / Show response
www.pluspremieres.ch/feeds/posts/default/-/Music%20Video/ 244 KB
49 KB 218ms
215ms XHR
application/json 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/-/Music%20Video/?start-index=1&max-results=40&orderby=published&alt=json

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef4cac106591d884953b17d04478eb863b4f6b94b233a768b0459c803f5360c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/-/Music%20Video/?start-index=1&max-results=40&orderby=published&alt=json
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.pluspremieres.ch
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.pluspremieres.ch/
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pluspremieres.ch/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2019 19:08:56 GMT
server: cloudflare
etag: W/"af7ac4c1e503ad6cead7bb876810c1f73b2a7d02dc0cbc1537dd596e5f39a03b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c85dbb446505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:47 GMT

GET
H2 200 Sof%25C3%25ADa%2BReyes%2B-%2B.jpg
2.bp.blogspot.com/-bbAviShHjiU/XIw86J9DYDI/AAAAAAAAAcg/A_UiGozb4NcBarp-ZdgF8Z_qNkuVd7FuACLcBGAs/w400-h225-c/ 35 KB
35 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-bbAviShHjiU/XIw86J9DYDI/AAAAAAAAAcg/A_UiGozb4NcBarp-ZdgF8Z_qNkuVd7FuACLcBGAs/w400-h225-c/Sof%25C3%25ADa%2BReyes%2B-%2B.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

1d0591172dcd892d204e6fbb0f35ab060c2c2d6628a0f33b5f36975c6079ccb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 16:31:24 GMT
x-content-type-options: nosniff
age: 9922
status: 200
content-disposition: inline;filename="Sof_a Reyes - .jpg";filename*=UTF-8''Sof%C3%ADa%20Reyes%20-%20.jpg
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35349
x-xss-protection: 1; mode=block
server: fife
etag: "v1c9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Mar 2019 19:49:29 GMT

GET
H2 200 Julia%2BMichaels%2B-%2B.jpg
1.bp.blogspot.com/-MJuxHUzyYCM/XIw8Je2B_GI/AAAAAAAAAcY/JDeSXzMNCx4RNJTVTUr54RQJSHVg2k0eACLcBGAs/w400-h225-c/ 32 KB
32 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-MJuxHUzyYCM/XIw8Je2B_GI/AAAAAAAAAcY/JDeSXzMNCx4RNJTVTUr54RQJSHVg2k0eACLcBGAs/w400-h225-c/Julia%2BMichaels%2B-%2B.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

cacd8e4e72416d39edc5f812f9b2a4ae4f5c4a26eaaeeedd8e364126556f2bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 18:54:38 GMT
x-content-type-options: nosniff
age: 1328
status: 200
content-disposition: inline;filename="Julia Michaels - .jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 32711
x-xss-protection: 1; mode=block
server: fife
etag: "v1c7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 14:41:31 GMT

GET
H2 200 benny%2Bblanco%252C%2BTainy%252C%2BSelena%2BGomez%2B%2526%2BJ%2BBalvin%2B-%2B.jpg
2.bp.blogspot.com/-vFlgIEyPawc/XIw6jkHj6II/AAAAAAAAAcM/_zvLtZ5ZjX4KZHmjFt7-o47bhv7EtwVAACLcBGAs/w400-h225-c/ 15 KB
15 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-vFlgIEyPawc/XIw6jkHj6II/AAAAAAAAAcM/_zvLtZ5ZjX4KZHmjFt7-o47bhv7EtwVAACLcBGAs/w400-h225-c/benny%2Bblanco%252C%2BTainy%252C%2BSelena%2BGomez%2B%2526%2BJ%2BBalvin%2B-%2B.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

c62de18fac9ecbc24f12038f397458de2cffc21519b2187d43adc5973fc4533e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 16:08:44 GMT
x-content-type-options: nosniff
age: 11282
status: 200
content-disposition: inline;filename="benny blanco, Tainy, Selena Gomez & J Balvin - .jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 15670
x-xss-protection: 1; mode=block
server: fife
etag: "v1c4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 16:08:44 GMT

GET
H2 200 400x225sr.jpg
is3-ssl.mzstatic.com/image/thumb/Video114/v4/47/8b/25/478b25b4-6787-45d5-54e7-f58cd81c71da/source/ 10 KB
10 KB 9ms
7ms Image
image/jpeg 2a02:26f0:64:596::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is3-ssl.mzstatic.com/image/thumb/Video114/v4/47/8b/25/478b25b4-6787-45d5-54e7-f58cd81c71da/source/400x225sr.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:64:596::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

1bb228dbc400599f44061b031aaf653671bb60e0cc8609b48aa3f4d10f14f9ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: VLKYLHMZIWP2IBFDZLMMT2EG
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:35887001:pv50p00it-hyhk12043701:7987:19C32
status: 200
date: Tue, 19 Mar 2019 19:16:46 GMT
last-modified: Thu, 14 Mar 2019 14:33:59 GMT
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-length: 10033
cache-control: no-transform, max-age=16420795
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "\"6XVtlv9fAlLkPIQMuRTymQ==\""
apple-originating-system: AIImageService
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: aad5859d-9945-9fa4-04a3-cad8c9e886

GET
H2 200 download.jpg
1.bp.blogspot.com/-XQhNFE-MEXs/XImAZxYH9_I/AAAAAAAAAaE/3k0wpZaO-fY1Dtu75yBMO6-0KZxdXz4XQCLcBGAs/w400-h225-c/ 29 KB
29 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-XQhNFE-MEXs/XImAZxYH9_I/AAAAAAAAAaE/3k0wpZaO-fY1Dtu75yBMO6-0KZxdXz4XQCLcBGAs/w400-h225-c/download.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

c20164627645916e7eba943b7331e1bb17740beef5a3ce8595d929e256c8ceab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 18:54:38 GMT
x-content-type-options: nosniff
age: 1328
status: 200
content-disposition: inline;filename="download.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 29324
x-xss-protection: 1; mode=block
server: fife
etag: "v1a2"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 14:41:31 GMT

GET
H2 200 400x225sr.jpg
is3-ssl.mzstatic.com/image/thumb/Video124/v4/ec/82/b4/ec82b463-4614-185b-b9d8-7dc5465ebfe8/source/ 19 KB
20 KB 9ms
8ms Image
image/jpeg 2a02:26f0:64:596::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is3-ssl.mzstatic.com/image/thumb/Video124/v4/ec/82/b4/ec82b463-4614-185b-b9d8-7dc5465ebfe8/source/400x225sr.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:64:596::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

871ed0c82f4e550f206f4e0dcb309d6da8ee57e3a737c842a2c8c51e3ddea034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: MNXBQCQXEWQWF6NOXQS76ON7
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:35887001:pv50p00it-hyhk12043701:7987:19C32
status: 200
date: Tue, 19 Mar 2019 19:16:46 GMT
last-modified: Tue, 01 Jan 1980 00:00:00 GMT
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-length: 19480
cache-control: no-transform, max-age=14132744
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "\"jZb8ZsEwukGICST83Hg/dQ==\""
apple-originating-system: AIImageService
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 636e180a-1725-a162-f9ae-bc25ff39bf

GET
H2 200 / Show response
www.pluspremieres.ch/feeds/posts/default/-/Re-Uploads/ 240 KB
48 KB 184ms
183ms XHR
application/json 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/-/Re-Uploads/?start-index=1&max-results=40&orderby=published&alt=json

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b1db424b9255c7eb1b3d8636cac300d1f5e58014a631c067d012ade7c40bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/-/Re-Uploads/?start-index=1&max-results=40&orderby=published&alt=json
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.pluspremieres.ch
x-requested-with: XMLHttpRequest
:scheme: https
referer: https://www.pluspremieres.ch/
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pluspremieres.ch/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:46 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2019 19:08:56 GMT
server: cloudflare
etag: W/"0d35b8e69d3eef1e0db4c70b155dd555d5121821796837ab484b34e5241a277f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c85fde256505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:47 GMT

GET
H2 200 Daylyt%2B-%2BThe%2BEnd%2Bof%2BMy%2B2018.jpg
3.bp.blogspot.com/-f1c9-O37x20/XI8CekxLz5I/AAAAAAAAAdY/In4LxQFvVBQMDCB2rYVcBLNaGswWoT1KQCLcBGAs/s300-c/ 18 KB
18 KB 9ms
5ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-f1c9-O37x20/XI8CekxLz5I/AAAAAAAAAdY/In4LxQFvVBQMDCB2rYVcBLNaGswWoT1KQCLcBGAs/s300-c/Daylyt%2B-%2BThe%2BEnd%2Bof%2BMy%2B2018.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

127b93e99862db3608584b1045e8672187331708838292454320f308987d9ad4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 16:49:06 GMT
x-content-type-options: nosniff
age: 8860
status: 200
content-disposition: inline;filename="Daylyt - The End of My 2018.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 18623
x-xss-protection: 1; mode=block
server: fife
etag: "v1d7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 19 Mar 2019 02:55:59 GMT

GET
H2 200 Marr%2BGrey%2B-%2BRider.jpg
4.bp.blogspot.com/-d2X3tSnth14/XI7fC_DXX5I/AAAAAAAAAdM/DMDHCOx7oYATeIhB_pA_7Mrb16Rtd6LdwCLcBGAs/s300-c/ 20 KB
20 KB 9ms
6ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-d2X3tSnth14/XI7fC_DXX5I/AAAAAAAAAdM/DMDHCOx7oYATeIhB_pA_7Mrb16Rtd6LdwCLcBGAs/s300-c/Marr%2BGrey%2B-%2BRider.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

a70c4470df28a5dbf3d51a212d1d12433b7583fd2b3b6502ce714c6726cfc012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:06:44 GMT
x-content-type-options: nosniff
age: 602
status: 200
content-disposition: inline;filename="Marr Grey - Rider.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 20030
x-xss-protection: 1; mode=block
server: fife
etag: "v1d4"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 10:54:31 GMT

GET
H2 200 300x300sr.jpg
is2-ssl.mzstatic.com/image/thumb/Music/v4/87/4e/7c/874e7c1c-8670-84d7-9412-cf4c902212ee/source/ 26 KB
27 KB 23ms
20ms Image
image/jpeg 2a02:26f0:64:596::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Music/v4/87/4e/7c/874e7c1c-8670-84d7-9412-cf4c902212ee/source/300x300sr.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:64:596::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

c4e2af094917c2b1b85d3679f2ae7ca7ed50f4427cf320ad3dd731807e24dcf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: NWIF4MKBG5HV2KKY77HW3BGM
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:35887001:pv50p00it-hyhk12043701:7987:19C37
status: 200
date: Tue, 19 Mar 2019 19:16:46 GMT
last-modified: Tue, 01 Jan 1980 00:00:00 GMT
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-length: 27080
cache-control: no-transform, max-age=15748459
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "\"ZX8SejojuLPb49EVO4yKEg==\""
apple-originating-system: AIImageService
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 6d905e31-4137-4f5d-2958-ffcf6d84cc

GET
H2 200 300x300sr.jpg
is1-ssl.mzstatic.com/image/thumb/Music5/v4/eb/97/e2/eb97e24c-54a1-6550-3363-3a105ae5742f/source/ 18 KB
18 KB 15ms
12ms Image
image/jpeg 2a02:26f0:64:5a1::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is1-ssl.mzstatic.com/image/thumb/Music5/v4/eb/97/e2/eb97e24c-54a1-6550-3363-3a105ae5742f/source/300x300sr.jpg
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:5a1::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: e16c24eae8d77d18cfc23b569a1b1b4aed66af1df932d8649e30f1c1cd9bde54

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: BFGVRNL2ELKNYU4XHT3PC33NQI
date: Tue, 19 Mar 2019 19:16:46 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"e1HFdAXT0ITCzZ8WOp7zsw==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 094d58b5-7a22-d4dc-5397-3cf6f16f6d82
last-modified: Sun, 17 Mar 2019 00:15:05 GMT
content-length: 18272
cache-control: no-transform, max-age=14564405

GET
H2 200 300x300sr.jpg
is4-ssl.mzstatic.com/image/thumb/Music/v4/90/c5/72/90c572d7-3bad-d2f1-b4eb-e4ff5c13b3f5/source/ 12 KB
12 KB 82ms
13ms Image
image/jpeg 2a02:26f0:64:595::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is4-ssl.mzstatic.com/image/thumb/Music/v4/90/c5/72/90c572d7-3bad-d2f1-b4eb-e4ff5c13b3f5/source/300x300sr.jpg
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:595::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: dd37032266d875714bc2ea4ce6181c64377d139d7dd4564b7bc7426c95179066

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: INTUNTFF24LQ54JIWVLI5AT2A4
date: Tue, 19 Mar 2019 19:16:47 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"KxisamrSH87GE41uEbssXA==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 436746cc-a5d7-170e-f128-b5568e827a07
last-modified: Sun, 17 Mar 2019 00:05:07 GMT
content-length: 11925
cache-control: no-transform, max-age=14492641

GET
H2 200 300x300sr.jpg
is2-ssl.mzstatic.com/image/thumb/Music/v4/eb/83/74/eb837489-ffbe-7799-8ad2-8906b88a0622/source/ 22 KB
22 KB 15ms
12ms Image
image/jpeg 2a02:26f0:64:596::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Music/v4/eb/83/74/eb837489-ffbe-7799-8ad2-8906b88a0622/source/300x300sr.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:64:596::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

5022e62371fa00943cc7a184921d8f3bd6d0de16d0369182399c535dc92e7e06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: V55ABU7LXJNUMIP4YYGTFNWT
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:35887001:pv50p00it-hyhk12043701:7987:19C37
status: 200
date: Tue, 19 Mar 2019 19:16:46 GMT
last-modified: Sun, 17 Mar 2019 00:04:36 GMT
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-length: 22420
cache-control: no-transform, max-age=16433987
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "\"9tMVE1aDvutBSKrR62DsjQ==\""
apple-originating-system: AIImageService
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: af7a00d3-ebba-5b46-21fc-c60d32b6d3

GET
H2 200 300x300sr.jpg
is2-ssl.mzstatic.com/image/thumb/Music62/v4/c0/52/3f/c0523f51-0efc-f67d-fe75-8de581bc4dd5/source/ 16 KB
16 KB 15ms
13ms Image
image/jpeg 2a02:26f0:64:596::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is2-ssl.mzstatic.com/image/thumb/Music62/v4/c0/52/3f/c0523f51-0efc-f67d-fe75-8de581bc4dd5/source/300x300sr.jpg
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:596::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: ef3f9b6aa52a911cde65d93f00f1811049e8ca7bc01e5e99a8f3f4d17c1c8bf1

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: USP6K26XJ2P7BIVVGJ6C7ZMVPY
date: Tue, 19 Mar 2019 19:16:46 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"S8AUw3a9+G2LI7DJsjk5RA==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: a49fe56b-d74e-9ff0-a2b5-327c2fe5957e
last-modified: Sun, 17 Mar 2019 00:02:26 GMT
content-length: 16085
cache-control: no-transform, max-age=16628718

GET
H2 200 300x300sr.jpg
is2-ssl.mzstatic.com/image/thumb/Music/v4/24/e5/13/24e513d0-2aeb-4603-9e80-3a326a57776a/source/ 14 KB
14 KB 22ms
20ms Image
image/jpeg 2a02:26f0:64:596::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://is2-ssl.mzstatic.com/image/thumb/Music/v4/24/e5/13/24e513d0-2aeb-4603-9e80-3a326a57776a/source/300x300sr.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:64:596::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

daiquiri/3.0.0 /

Resource Hash

b7696a5ed68d182dd519f5a7aafe54ae14318769855fb363581ebeb39a4d4de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: RVEPX77OUPH7SY2XA4R6J6E6
strict-transport-security: max-age=31536000; includeSubDomains
x-daiquiri-instance: daiquiri:35887001:pv50p00it-hyhk12043701:7987:19C37
status: 200
date: Tue, 19 Mar 2019 19:16:46 GMT
last-modified: Sun, 17 Mar 2019 00:00:34 GMT
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-length: 14040
cache-control: no-transform, max-age=15316804
apple-tk: false
server: daiquiri/3.0.0
apple-seq: 0.0
etag: "\"cfMuBgfhY1UE2OlDk3gghQ==\""
apple-originating-system: AIImageService
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 8d48fbff-eea3-cff9-6357-0723e4f89e

GET
H2 200 300x300sr.jpg
is4-ssl.mzstatic.com/image/thumb/Music/v4/5f/f1/3f/5ff13f0b-3f1f-0270-e152-46fa16968dae/source/ 21 KB
22 KB 79ms
11ms Image
image/jpeg 2a02:26f0:64:595::2a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://is4-ssl.mzstatic.com/image/thumb/Music/v4/5f/f1/3f/5ff13f0b-3f1f-0270-e152-46fa16968dae/source/300x300sr.jpg
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:64:595::2a1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 42058b83339f1e7e2d4e28460c522b409b699a622fe1af2c4060ecc2e52f4028

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-apple-jingle-correlation-key: BXAFBXIECPDLBB6VPDSYQCHRVU
date: Tue, 19 Mar 2019 19:16:47 GMT
apple-tk: false
apple-seq: 0
access-control-allow-origin: *
etag: "\"Sou4gO+DjvAFvTeNft0Kzw==\""
apple-originating-system: AIImageService
x-cache: TCP_HIT from a2-20-132-20.deploy.akamaitechnologies.com (AkamaiGHost/9.6.0-24900238) (-)
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid: 0dc050dd-0413-c6b0-87d5-78e58808f1ad
last-modified: Sun, 17 Mar 2019 00:00:10 GMT
content-length: 21857
cache-control: no-transform, max-age=14722081

GET
H/1.1 200
OK clean.svg
host.pluspremieres.us/files/ 744 B
1021 B 186ms
185ms Image
image/svg+xml 199.192.25.127
Namecheap

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://host.pluspremieres.us/files/clean.svg
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.192.25.127 New York, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 63f8bee273d293a685bc634099e7547302784a62296ef170905c88b1cd4b0772

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:47 GMT
Last-Modified: Mon, 14 May 2018 23:02:25 GMT
Server: Apache
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 744

GET /
www5.cbox.ws/box/ Frame C49E 0
0

GET
H2 200 /
www5.cbox.ws/box/ Frame F30F 0
0 60ms
16ms Document
text/html 144.76.209.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.cbox.ws/box/?boxid=518294&boxtag=m3ww8d
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.209.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: four.cbox.ws
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: www5.cbox.ws
:scheme: https
:path: /box/?boxid=518294&boxtag=m3ww8d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.pluspremieres.ch/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.pluspremieres.ch/

Response headers

status: 200
server: nginx
date: Tue, 19 Mar 2019 19:16:47 GMT
content-type: text/html
p3p: CP="NOI DSP COR NID CURa OUR NOR"
expires: Wed, 17 Nov 2004 05:00:00 GMT
cache-control: private, must-revalidate, max-age=20
last-modified: Tue, 19 Mar 2019 19:16:47 GMT
content-encoding: gzip

GET
H/1.1 200
OK follow_button.fd774b599f565016d763dd860cb31c79.en.html
platform.twitter.com/widgets/ Frame 0E98 0
0 13ms
9ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.fd774b599f565016d763dd860cb31c79.en.html
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AB) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.pluspremieres.ch/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.pluspremieres.ch/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315569260
Content-Type: text/html; charset=utf-8
Date: Tue, 19 Mar 2019 19:16:47 GMT
Etag: "0a07a0bca349443c50e7e63a392e26cb+gzip"
Last-Modified: Thu, 07 Apr 2016 17:46:04 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41AB)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 13614

GET
H2 200 like.php
www.facebook.com/plugins/ Frame 4AD5 0
0 83ms
82ms Document
text/html 2a03:2880:f107:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/PlusPremieres&show_faces=false&layout=button_count

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https://www.facebook.com/PlusPremieres&show_faces=false&layout=button_count
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.pluspremieres.ch/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.pluspremieres.ch/

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expect-ct: max-age=86400, report-uri="https://reports.fb.com/expectct/"
content-type: text/html; charset="utf-8"
x-fb-debug: k8Lp21HbbPiZoZSjFgGNeWjU16PzDX1Qj7w4mQqcEA800dBix7ZZe8+69IZqiRzNvAahkN0TZOXZGJaHNRBLtA==
date: Tue, 19 Mar 2019 19:16:47 GMT

GET
H/1.1 200
OK time.php Show response
host.pluspremieres.us/files/ 27 B
266 B 855ms
219ms XHR
text/html 199.192.25.127
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://host.pluspremieres.us/files/time.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.192.25.127 New York, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: f1ebeb0dc171b344a46faf763ce2b3d425dfe22831ebdb3cd7f421993071948b

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.pluspremieres.ch/
Origin: https://www.pluspremieres.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 19 Mar 2019 19:16:48 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK myriad-set-pro_text.ttf
host.pluspremieres.us/files/ 236 KB
237 KB 677ms
179ms Font
font/ttf 199.192.25.127
Namecheap

General

Check archive.org

Show headers Download Go to

Full URL: https://host.pluspremieres.us/files/myriad-set-pro_text.ttf
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.192.25.127 New York, United States, ASN22612 (NAMECHEAP-NET - Namecheap, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 65e419e8a290281f0b4cc3e5c158d2b2e4607f36c7f58b7044024ca36bb23242

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.pluspremieres.ch/
Origin: https://www.pluspremieres.ch

Response headers

Date: Tue, 19 Mar 2019 19:16:47 GMT
Last-Modified: Mon, 14 May 2018 23:02:30 GMT
Server: Apache
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 242060

GET
H2 200 4%25281%2529.jpg
1.bp.blogspot.com/-ADeyCuMNJiE/XInTPJTuW7I/AAAAAAAAAac/Rn0o0NQ_VAMnpA3RdMD9tXbVjNMTj_U8wCLcBGAs/s80/ 2 KB
2 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ADeyCuMNJiE/XInTPJTuW7I/AAAAAAAAAac/Rn0o0NQ_VAMnpA3RdMD9tXbVjNMTj_U8wCLcBGAs/s80/4%25281%2529.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

78a1e7a3a1c81bfc10139570c344962793cf333af955ee06181d2d39a6709451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 16:49:07 GMT
x-content-type-options: nosniff
age: 8860
status: 200
content-disposition: inline;filename="4(1).jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 2195
x-xss-protection: 1; mode=block
server: fife
etag: "v1a8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 08:23:00 GMT

GET
H2 200 1163059035706876965 Show response
www.pluspremieres.ch/feeds/posts/default/ 3 KB
1 KB 204ms
203ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/1163059035706876965?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8116dc0be6d3934620bcdf3270de6b37e2e6bba229e7896cdb28ac80c00704e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/1163059035706876965?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 17:22:18 GMT
server: cloudflare
etag: W/"80a6177d3279ad1e1a59f30f1d1bb6d7a83255dca4c6651b94bdff994769f5b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c8648c6d6505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:48 GMT

GET
H2 200 2568685104273995263 Show response
www.pluspremieres.ch/feeds/posts/default/ 4 KB
2 KB 209ms
208ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/2568685104273995263?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4f985119be2c9729b139fcf3aa07d80607e79922b1fc731355145cbd888ec20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/2568685104273995263?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 22:56:18 GMT
server: cloudflare
etag: W/"220e007dc06468afa6808e93302527ccc9a070fe24bb9f6987ae798acb0b30b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c8648c6e6505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:48 GMT

GET
H2 200 2157205540452343200 Show response
www.pluspremieres.ch/feeds/posts/default/ 3 KB
1 KB 199ms
197ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/2157205540452343200?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

f325b19690fea4c752eef3aa7fcdf5a8a28439de01e29640a71af03e72d2ea84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/2157205540452343200?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 11 Mar 2019 14:25:32 GMT
server: cloudflare
etag: W/"9dea2962f18523113e75367f93a9635aaca4cc649dbbd85730e0c005b5ced199"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c8649c736505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:48 GMT

GET
H2 200 1318179168101059983 Show response
www.pluspremieres.ch/feeds/posts/default/ 4 KB
2 KB 205ms
204ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/1318179168101059983?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

19191cfd350580341f90062ca3328621c00a65391b8600c9102c784b1b54360e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/1318179168101059983?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 17:38:22 GMT
server: cloudflare
etag: W/"d0553a615f63e39cd2cc7f752848c7ef16665b030ddd6d29d5712dff45d9b9d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c8649c746505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:48 GMT

GET
H2 200 zZS4klY.jpg
i.imgur.com/ 5 KB
5 KB 75ms
75ms Image
image/jpeg 151.101.120.193
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.imgur.com/zZS4klY.jpg
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.193 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: cat factory 1.0 /
Resource Hash: 97d99e04ff8ca9ee3d2831e7a5b92465ac58a908237208af7e4716fbe6bffd8a

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:47 GMT
age: 30202745
x-cache: HIT, HIT
status: 200
content-length: 5217
x-served-by: cache-iad2150-IAD, cache-cdg20778-CDG
last-modified: Wed, 18 Mar 2015 21:56:42 GMT
server: cat factory 1.0
x-timer: S1553023007.463910,VS0,VE1
etag: "bfa7102a8062aa4c84c8f4bfccce7562"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 1620452767966369471 Show response
www.pluspremieres.ch/feeds/posts/default/ 3 KB
1 KB 304ms
249ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/1620452767966369471?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d2a76cd3cf60a6ee8940913c44befda0930f9f2645084c5e3078e7a0c2a4494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/1620452767966369471?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 15 Mar 2019 04:50:07 GMT
server: cloudflare
etag: W/"208426ae485771970059b91c1daae02161ec663d439c39cd457c5ac3d6a5fe0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c8650cfb6505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:48 GMT

GET
H2 200 8543100088755014328 Show response
www.pluspremieres.ch/feeds/posts/default/ 3 KB
1 KB 295ms
241ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/8543100088755014328?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3f49cfabebb9462e08ebaf0af5f078392ea48152f6b4a3667a5c6c8b025eda4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/8543100088755014328?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 14 Mar 2019 17:36:07 GMT
server: cloudflare
etag: W/"1eaecf2ff6eddaf09a9ab9c39d53e40b7b4639324d90a22b5006c62413bc3236"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c8651d046505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:48 GMT

GET
H2 200 d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 9A20 0
0 47ms
9ms Document
text/html 2a03:2880:f007:8:face:b00c:0:1
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=dbeb858be0d0de85c6cd8196657d71ee&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.pluspremieres.ch/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.pluspremieres.ch/

Response headers

status: 200
content-encoding: br
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Tue, 17 Mar 2020 16:18:22 GMT
cache-control: public,max-age=31536000,immutable
x-fb-debug: 6Olh5BabMq/2llpiaHzsVdaiWJ02Ir3LRlQs0kEwJxhvSs3roxBXcvOQWboy8oPblbbr32WxFj7Sl5ummREjlg==
content-length: 10985
date: Tue, 19 Mar 2019 19:16:47 GMT

GET
H/1.1

302
Found

1 Show response
mc.yandex.ru/watch/52686883/
Redirect Chain

https://mc.yandex.ru/watch/52686883?wmode=7&page-url=https%3A%2F%2Fwww.pluspremieres.ch%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1553023003840%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3...
https://mc.yandex.ru/watch/52686883/1?wmode=7&page-url=https%3A%2F%2Fwww.pluspremieres.ch%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1553023003840%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101...

0
-1 B

17ms
17ms

XHR

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/52686883/1?wmode=7&page-url=https%3A%2F%2Fwww.pluspremieres.ch%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1553023003840%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190319191647%3Aet%3A1553023008%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A786745898%3Ahid%3A68218608%3Ads%3A0%2C0%2C179%2C126%2C114%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A1069%3Agdpr%3A14%3Av%3A1500%3Awv%3A2%3Ast%3A1553023008%3Au%3A1553023008152183709%3At%3APlus%20Premieres%20%7C%20New%20music%20every%20Thursday%20%E2%80%A2%2010AM%20%E2%80%93%20Midnight%20EST

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Mar 2019 19:16:47 GMT
Last-Modified: Tue, 19-Mar-2019 19:16:47 GMT
Server: nginx/1.12.2
Location: /watch/52686883/1?wmode=7&page-url=https%3A%2F%2Fwww.pluspremieres.ch%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1553023003840%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190319191647%3Aet%3A1553023008%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A786745898%3Ahid%3A68218608%3Ads%3A0%2C0%2C179%2C126%2C114%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A1069%3Agdpr%3A14%3Av%3A1500%3Awv%3A2%3Ast%3A1553023008%3Au%3A1553023008152183709%3At%3APlus%20Premieres%20%7C%20New%20music%20every%20Thursday%20%E2%80%A2%2010AM%20%E2%80%93%20Midnight%20EST
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Origin: https://www.pluspremieres.ch
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Tue, 19-Mar-2019 19:16:47 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 19 Mar 2019 19:16:47 GMT
Last-Modified: Tue, 19-Mar-2019 19:16:47 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: https://www.pluspremieres.ch
Strict-Transport-Security: max-age=31536000
Location: /watch/52686883/1?wmode=7&page-url=https%3A%2F%2Fwww.pluspremieres.ch%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1553023003840%3As%3A1600x1200x24%3Ask%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Ai%3A20190319191647%3Aet%3A1553023008%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A786745898%3Ahid%3A68218608%3Ads%3A0%2C0%2C179%2C126%2C114%2C0%2C0%2C%2C%2C%2C%2C%2C%3Afp%3A1069%3Agdpr%3A14%3Av%3A1500%3Awv%3A2%3Ast%3A1553023008%3Au%3A1553023008152183709%3At%3APlus%20Premieres%20%7C%20New%20music%20every%20Thursday%20%E2%80%A2%2010AM%20%E2%80%93%20Midnight%20EST
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Tue, 19-Mar-2019 19:16:47 GMT

GET
H2 200 FATHER%2BOF%2B4%2B1.jpg
2.bp.blogspot.com/-n3KnbPiL0Mc/XG-bMqoeQZI/AAAAAAAAAEk/2NxV8w_YWNAUP5ysbCxEXgSKUpvJPa4YwCK4BGAYYCw/s80/ 4 KB
4 KB 10ms
8ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-n3KnbPiL0Mc/XG-bMqoeQZI/AAAAAAAAAEk/2NxV8w_YWNAUP5ysbCxEXgSKUpvJPa4YwCK4BGAYYCw/s80/FATHER%2BOF%2B4%2B1.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

292762208010c6258db612556e8c5e9fdfd40f7d57cce8fb9f83854bfa3ff5d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 16:34:00 GMT
x-content-type-options: nosniff
age: 9767
status: 200
content-disposition: inline;filename="FATHER OF 4 1.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 4373
x-xss-protection: 1; mode=block
server: fife
etag: "v4a"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 16:34:00 GMT

GET
H2 200 3592861395601389736 Show response
www.pluspremieres.ch/feeds/posts/default/ 3 KB
1 KB 189ms
187ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/3592861395601389736?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

95cca80935e8ab3229cf1df03eb77ce29238911e8f708d129acf51e442793308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/3592861395601389736?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; _ym_uid=1553023008152183709; _ym_d=1553023008
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 28 Feb 2019 17:15:47 GMT
server: cloudflare
etag: W/"40cbfb9861169d8fdebb8c79fcf6cef92097b3ef34f57730a6ad19bc2297455e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c8660e306505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:48 GMT

GET
H2 200 2427769028440935006 Show response
www.pluspremieres.ch/feeds/posts/default/ 3 KB
1 KB 186ms
185ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/2427769028440935006?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cec149c5d30ed7839696f0191cf5e6fc78b96673612ef4de4ed1fe459644deb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/2427769028440935006?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; _ym_uid=1553023008152183709; _ym_d=1553023008
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 01 Mar 2019 20:15:55 GMT
server: cloudflare
etag: W/"8d2cab28851784ba55e6239cf28b4081bef052b8c533a4b269007aedf9162d4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c8660e316505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:48 GMT

GET
H2 200 7430879737206186987 Show response
www.pluspremieres.ch/feeds/posts/default/ 3 KB
1 KB 172ms
158ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/7430879737206186987?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

07962a325041c358cd1c26eb1e602fa664aac7c496c9f20f03070cd147f472f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/7430879737206186987?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; _ym_uid=1553023008152183709; _ym_d=1553023008
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 04 Mar 2019 10:58:25 GMT
server: cloudflare
etag: W/"52ccd825733197b431dfc0fd7af7f898ac2609c8827fc0f91d81518d852e4bbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c8663e656505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:48 GMT

GET
H2 200 4299508000583782115 Show response
www.pluspremieres.ch/feeds/posts/default/ 3 KB
1 KB 163ms
161ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/4299508000583782115?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7c3c23dfaa14b5b2ffe097ae827a6d832ec04b8f1b54d7942c74a41dea6438f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/4299508000583782115?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; _ym_uid=1553023008152183709; _ym_d=1553023008
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 22 Feb 2019 05:46:44 GMT
server: cloudflare
etag: W/"c33c70f467c9af5815a19c9cc36c818b7ac7e079fd1fb93e181c6e9ba745cd38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c8663e676505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:48 GMT

GET
H2 200 4226120647049274816 Show response
www.pluspremieres.ch/feeds/posts/default/ 3 KB
1 KB 182ms
181ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/4226120647049274816?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

90f10b5236f465257317834a95e94e0fbdccb9d5f4c433d37d2c97d9bffec96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/4226120647049274816?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; _ym_uid=1553023008152183709; _ym_d=1553023008
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 21 Feb 2019 17:40:15 GMT
server: cloudflare
etag: W/"e32b30b5520c565b8e403f0e5f0ee77575c7c0c01c8a6311e0f1d1ac120eda44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c866bf346505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:48 GMT

GET
H2 200 1797833216408208779 Show response
www.pluspremieres.ch/feeds/posts/default/ 4 KB
1 KB 181ms
180ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/1797833216408208779?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d3adaefc6eedd7208846595138214ec35159fd4a566bc1e960ff6ab68092526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/1797833216408208779?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; _ym_uid=1553023008152183709; _ym_d=1553023008
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 21 Feb 2019 18:25:34 GMT
server: cloudflare
etag: W/"50466ef9125a81b84de8450203767396e768ddb7075aef217aca210d1aee9fbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c866bf356505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:48 GMT

GET
H2 200 3461187113091553289 Show response
www.pluspremieres.ch/feeds/posts/default/ 3 KB
1 KB 175ms
171ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/3461187113091553289?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

013e3aa2efe94e14a8a4feeb4f890ba3d04bba060828198313b28c52180fa7e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/3461187113091553289?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; _ym_uid=1553023008152183709; _ym_d=1553023008
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 11 Mar 2019 14:25:30 GMT
server: cloudflare
etag: W/"2c4aeb25fdebee6c4ec272eaa15af5bebdf5f08d5bdd7cd39ab6b0fd54c022e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c867383d6505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:48 GMT

GET
H2 200 5687571281042318691 Show response
www.pluspremieres.ch/feeds/posts/default/ 4 KB
1 KB 176ms
173ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/5687571281042318691?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6019882b556e458001e861329dac6e25ea59de66f59e50fad239f0a6cc09da38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/5687571281042318691?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; _ym_uid=1553023008152183709; _ym_d=1553023008
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 01 Mar 2019 20:15:56 GMT
server: cloudflare
etag: W/"9059bf26c51ce8c8cf417bab41c9111959f9ea71b34895dbdd859e38dc11cb33"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c867383e6505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:48 GMT

GET
H/1.1 200
OK 1 Show response
mc.yandex.ru/watch/52686883/ 133 B
689 B 67ms
43ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

735e084216a7bc246b6e734b9fcbe577edfa4dfbbc075486e2110dd123cb2920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
Origin: https://www.pluspremieres.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 19 Mar 2019 19:16:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19-Mar-2019 19:16:47 GMT
Server: nginx/1.12.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.pluspremieres.ch
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 133
X-XSS-Protection: 1; mode=block
Expires: Tue, 19-Mar-2019 19:16:47 GMT

GET
H2 200 Scorpion.jpg
3.bp.blogspot.com/-gPajk8lIMKI/WzWyVT8KSBI/AAAAAAAAAAc/obuvcMkQGhUvaCb8K5d-9nL2z_QkRR_9wCK4BGAYYCw/s80/ 2 KB
2 KB 29ms
10ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-gPajk8lIMKI/WzWyVT8KSBI/AAAAAAAAAAc/obuvcMkQGhUvaCb8K5d-9nL2z_QkRR_9wCK4BGAYYCw/s80/Scorpion.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

fife /

Resource Hash

8e39d480dce4b8cb98f7a7f679df3f4d4383a234d379834d58ecc89ac9ff01b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 16:26:59 GMT
x-content-type-options: nosniff
age: 10188
status: 200
content-disposition: inline;filename="Scorpion.jpg"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 2099
x-xss-protection: 1; mode=block
server: fife
etag: "v9"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 20 Mar 2019 12:16:42 GMT

GET
H2 200 907935939113653872 Show response
www.pluspremieres.ch/feeds/posts/default/ 3 KB
1 KB 175ms
174ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/907935939113653872?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

06ae3dad0d03f28702f4618fa23e42ceb785a534f45dd138cd8f13639b1efa21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/907935939113653872?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; _ym_uid=1553023008152183709; _ym_d=1553023008
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 11 Jan 2019 23:49:13 GMT
server: cloudflare
etag: W/"90db44f068a9342298240887953000f8c324a42296ffe255bea37eca3456fa0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c86738406505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:48 GMT

GET
H2 200 4532736959641110811 Show response
www.pluspremieres.ch/feeds/posts/default/ 4 KB
2 KB 173ms
173ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/4532736959641110811?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

27b81050a0f9e38e48b72699b441e83173df95b8d733cbf2aba60006421d668e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/4532736959641110811?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; _ym_uid=1553023008152183709; _ym_d=1553023008
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 11 Jan 2019 23:49:12 GMT
server: cloudflare
etag: W/"bbe4d97444315b4b3cbafcbc44ed26739fb694a3e2e442ba1a4886001240a137"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c86738416505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:48 GMT

GET
H2 200 4262644168369807606 Show response
www.pluspremieres.ch/feeds/posts/default/ 3 KB
1 KB 187ms
179ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/4262644168369807606?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

851a559cf2bddeaceb6bb0b4b935c082eebc1a91ec738fa7ffd0b11313f2e321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/4262644168369807606?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; _ym_uid=1553023008152183709; _ym_d=1553023008; _ym_visorc_52686883=w
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 11 Jan 2019 23:49:12 GMT
server: cloudflare
etag: W/"75b953a5fee870312eabb30565ba76a6796ab6b8b0de24c29f75339e2ac5969d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c867e91a6505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:49 GMT

GET
H2 200 2623632259106396559 Show response
www.pluspremieres.ch/feeds/posts/default/ 3 KB
1 KB 186ms
178ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/2623632259106396559?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb1acd981299688eee42df64599a5a70eeec536996ee2e4aa2c7c36a55f1e3e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/2623632259106396559?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; _ym_uid=1553023008152183709; _ym_d=1553023008; _ym_visorc_52686883=w
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 11 Jan 2019 23:49:12 GMT
server: cloudflare
etag: W/"18409b1a7b56c8a5324146657a84e2ab02dc99e066042f5b8f51ae0d3da18fa6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c867e91c6505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:49 GMT

GET
H2 200 6631926704137977094 Show response
www.pluspremieres.ch/feeds/posts/default/ 3 KB
1 KB 271ms
269ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/6631926704137977094?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

280c10f011ddc1d80b9580e71f19b612c2e45174991946df109cb1120547c6f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/6631926704137977094?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; _ym_uid=1553023008152183709; _ym_d=1553023008; _ym_visorc_52686883=w; _ym_isad=2
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 11 Jan 2019 23:49:48 GMT
server: cloudflare
etag: W/"f6a98ea77b0311eebf5999bc46c758f0f66fd2af80bdd91ddc9aac92364b426b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c86859cc6505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:49 GMT

GET
H2 200 3667970835442699330 Show response
www.pluspremieres.ch/feeds/posts/default/ 3 KB
1 KB 184ms
182ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/3667970835442699330?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5e738f2910f19ba4d12a117460379faa49f66661dd5ea7d66347dc21a14ef9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/3667970835442699330?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; _ym_uid=1553023008152183709; _ym_d=1553023008; _ym_visorc_52686883=w; _ym_isad=2
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 11 Jan 2019 23:49:12 GMT
server: cloudflare
etag: W/"d78d766f742278cecb21bc4b7d8b9ca7209a91833d3407bbe2185d42aaa57c72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c86859cd6505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:49 GMT

GET
H2 200 210451288589772903 Show response
www.pluspremieres.ch/feeds/posts/default/ 4 KB
1 KB 184ms
182ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/210451288589772903?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

52605b97aa8b049c4f6f2c02f4488356048e07e9ddd70442b14e040e9ad39dfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/210451288589772903?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; _ym_uid=1553023008152183709; _ym_d=1553023008; _ym_visorc_52686883=w; _ym_isad=2
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 11 Jan 2019 23:49:12 GMT
server: cloudflare
etag: W/"9bac5d0f3532f924a1c3eb64e293a4539a717c848da5e3d2b685ea5b045eb6eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c86859ce6505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:49 GMT

GET
H2 200 1385935823839011842 Show response
www.pluspremieres.ch/feeds/posts/default/ 4 KB
1 KB 179ms
178ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/1385935823839011842?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

53ee4ae2a0102c1413a89075ca10d5652511ebda7b57920e9d34dbdd6a958841

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/1385935823839011842?alt=json-in-script&callback=getIcons
pragma: no-cache
cookie: _ga=GA1.2.1225878782.1553023006; _gid=GA1.2.1344836576.1553023006; _gat_gtag_UA_48007615_1=1; __cfduid=d1dedf58d71e9b205e3546dd85e01dca21553023005; _ym_uid=1553023008152183709; _ym_d=1553023008; _ym_visorc_52686883=w; _ym_isad=2
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 05 Jul 2018 11:04:55 GMT
server: cloudflare
etag: W/"e8a3d33500b38880f7f903b5ce1fea10a9b4f685c3888880d2020695a70cee79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cf-ray: 4ba1c86859cf6505-FRA
vary: Accept-Encoding
x-xss-protection: 0
expires: Tue, 19 Mar 2019 19:16:49 GMT

GET
H2 200 1093284788269926502 Show response
www.pluspremieres.ch/feeds/posts/default/ 3 KB
1 KB 172ms
172ms Script
text/javascript 2606:4700:30::681f:5f35
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pluspremieres.ch/feeds/posts/default/1093284788269926502?alt=json-in-script&callback=getIcons

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681f:5f35 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

79919194d48ba632efa034a4dee4c8247597b69dc23f6e6dc037f527d2865ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: /feeds/posts/default/1093284788269926502?alt=json-in-script&callback=getIcons
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.pluspremieres.ch
referer: https://www.pluspremieres.ch/
:scheme: https
:method: GET
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:48 GMT
content-encoding: br
x-content-type-options: nosniff
status: 200
x-xss-protection: 0
last-modified: Thu, 14 Mar 2019 17:36:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"852265b23b41da5df16b1836a9c1a028691e5ab1e187f1d8870147321005a7a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
set-cookie: __cfduid=d7cb28e9c06cbfdf1193db7c6e2a712101553023008; expires=Wed, 18-Mar-20 19:16:48 GMT; path=/; domain=.pluspremieres.ch; HttpOnly
cf-ray: 4ba1c8690a926505-FRA
expires: Tue, 19 Mar 2019 19:16:49 GMT

GET
H/1.1 200
OK usa.png
www.apple.com/global/elements/flags/22x22/ 2 KB
2 KB 173ms
14ms Image
image/png 2a02:26f0:64:588::1aca
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.apple.com/global/elements/flags/22x22/usa.png

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:64:588::1aca , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

57a90aba66c961fb59eec0e56fe73371e321a5620cca105eb90672f3123fb6d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 03 Apr 2017 20:17:28 GMT
Server: Apache
Content-Type: image/png
Access-Control-Allow-Origin: https://www.apple.com
Cache-Control: max-age=125
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1930
Expires: Tue, 19 Mar 2019 19:18:52 GMT

GET
H2 200 cmp.complete.bundle.js Show response
hb.vntsm.com/cmp/ 128 KB
36 KB 13ms
12ms Script
application/javascript 108.161.188.138
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/cmp/cmp.complete.bundle.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.188.138 Los Angeles, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5df2bf758c915921240e7264a9722c7191cf0a7f53e1fb50c4d6454924a3576f

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:47 GMT
content-encoding: gzip
venatus-cdn-hb-rule-version: 1.1
x-cache: HIT
status: 200
x-ip: 83.97.23.52
last-modified: Tue, 26 Feb 2019 09:17:39 GMT
server: NetDNA-cache/2.2
etag: W/"5354ad33323a5b2cd76ad22f69b703b8"
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-expose-headers: X-Geo, Content-Type
cache-control: max-age=3600
access-control-allow-credentials: true
access-control-allow-headers: X-Geo, Content-Type
x-geo: DE

GET
H/1.1 200
OK widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
platform.twitter.com/widgets/ Frame BA47 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fwww.pluspremieres.ch&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4184) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.pluspremieres.ch/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.pluspremieres.ch/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 19 Mar 2019 19:16:47 GMT
Etag: "347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified: Thu, 07 Mar 2019 17:39:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4184)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5783

GET
H/1.1 200
OK moment~timeline~tweet.6e5b62723488aee38af0c77681396a5b.js Show response
platform.twitter.com/js/ 24 KB
8 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.6e5b62723488aee38af0c77681396a5b.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4186) /
Resource Hash: e26fdccb214e020f70cf2aede7b77d5dc51854e23b3acbb4bcff0018773a636f

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:15 GMT
Server: ECS (fcn/4186)
Etag: "da3e8002f83d92efe615008a56f12f48+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Content-Length: 7925

GET
H/1.1 200
OK timeline.4c6ab682148a0366f9efb1647a3f4799.js Show response
platform.twitter.com/js/ 39 KB
12 KB 8ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.4c6ab682148a0366f9efb1647a3f4799.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4186) /
Resource Hash: 68a21402dc8bbd85d41b7bf206a9819d583d6b81f39bb67f744d3c39d8d68d36

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:16 GMT
Server: ECS (fcn/4186)
Etag: "0b75ea6c252ef45cd6d3a2e31473d9d5+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Content-Length: 11574

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
445 B 12ms
12ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:47 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2015 13:09:09 GMT
Server: nginx/1.12.2
ETag: "561bb0f5-3d"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 61
Expires: Tue, 19 Mar 2019 20:16:47 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 9 KB
3 KB 293ms
237ms Script
application/javascript 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_PlusPremieresX_old&dnt=false&domain=www.pluspremieres.ch&lang=en&screen_name=PlusPremieresX&suppress_response_codes=true&t=1725581&tweet_limit=1&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

tsa_o /

Resource Hash

84751e4b0b72d99a0083394ad60718449f51d75d059f217ba0e74411a02c01e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=jsonp.jsonp
strict-transport-security: max-age=631138519
content-length: 2459
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 227
last-modified: Tue, 19 Mar 2019 19:16:48 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: e70893d62a21401b43cb0780e2855aa0
timing-allow-origin: *
x-transaction: 006150d100574522
expires: Tue, 19 Mar 2019 19:21:48 GMT

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
147 B 130ms
129ms Image
image/gif 104.244.42.200
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1553023007950%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 110
pragma: no-cache
last-modified: Tue, 19 Mar 2019 19:16:48 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d63c77f0400fd542b2c7a5fa0eb4ab73
x-transaction: 0019a905006e0c34
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 77 KB
14 KB 11ms
11ms Fetch
application/json 2600:9000:20bb:5a00:1:af78:4c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/cmp/cmp.complete.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20bb:5a00:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19c578cc052ab80b04dfc8c7b7fc372ffc7bf6be58cf79fb6fa4f89392c181cc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.pluspremieres.ch/
Origin: https://www.pluspremieres.ch

Response headers

x-amz-version-id: Yqz14Pw6ZVFTP7j06C2w8khzuTS06Ae5
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 7345
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 14 Mar 2019 16:00:21 GMT
server: AmazonS3
date: Tue, 19 Mar 2019 17:18:52 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
via: 1.1 8bbec5871de1c2a41003db8fbeafebf8.cloudfront.net (CloudFront)
cache-control: max-age=259200
x-amz-cf-id: uyMvCSMcRe59H9E30TG_bn_qIiuENvETz2hQ_XVQGHVq_AwD-Dnxig==

GET
H/1.1 200
OK timeline.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
platform.twitter.com/css/ Frame 50FD 55 KB
13 KB 8ms
7ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A4) /
Resource Hash: 7cbb0e141a91d2c3c30c06148c1a32c2437ea6452f107a4e1fb0c032708a1295

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:10 GMT
Server: ECS (fcn/41A4)
Etag: "db7cf7a65ee339eb82d0f17892ef631f+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12542

GET
H/1.1 200
OK timeline.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
platform.twitter.com/css/ 55 KB
55 KB 10ms
9ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A4) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:10 GMT
Server: ECS (fcn/41A4)
Etag: "db7cf7a65ee339eb82d0f17892ef631f+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: text/css; charset=utf-8
Content-Length: 12542

GET
H2 200 xoWwXCH6_normal.jpg
pbs.twimg.com/profile_images/1036817578512064514/ Frame 50FD 2 KB
2 KB 45ms
30ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1036817578512064514/xoWwXCH6_normal.jpg

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419C) /

Resource Hash

42bdfa1e037695e8919d905908ba8591f9636401e277bf4fa0b5df1c85b2c45a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 165
date: Tue, 19 Mar 2019 19:16:48 GMT
x-content-type-options: nosniff
surrogate-key: profile_images profile_images/bucket/8 profile_images/1036817578512064514
last-modified: Tue, 04 Sep 2018 03:23:48 GMT
server: ECS (fcn/419C)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d836b6747f576c290a8978547e6a315b
accept-ranges: bytes
content-length: 2035

GET
H2 200 D1p4qeQXcAEbgtQ
pbs.twimg.com/media/ Frame 50FD 13 KB
13 KB 25ms
11ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/D1p4qeQXcAEbgtQ?format=jpg&name=240x240

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/41AA) /

Resource Hash

a912d238126caa2f01c7449e264e756eb395d2e379bd3d71df61351fd6aacefe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 193
date: Tue, 19 Mar 2019 19:16:48 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/2 media/1106329329544425473
last-modified: Thu, 14 Mar 2019 22:58:41 GMT
server: ECS (fcn/41AA)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c527e6791db2d237f0f044961cac6086
accept-ranges: bytes
content-length: 12938

GET
H2 200 D1p4qxMXQAI5FuC
pbs.twimg.com/media/ Frame 50FD 7 KB
7 KB 24ms
10ms Image
image/jpeg 93.184.220.70
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/D1p4qxMXQAI5FuC?format=jpg&name=240x240

Requested by

Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.184.220.70 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

ECS (fcn/419D) /

Resource Hash

44da9f317e3cecd58bfff9cc26aa19a4a8997830f8ded69a15033e686297c1f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time: 150
date: Tue, 19 Mar 2019 19:16:48 GMT
x-content-type-options: nosniff
surrogate-key: media media/bucket/4 media/1106329334627909634
last-modified: Thu, 14 Mar 2019 22:58:42 GMT
server: ECS (fcn/419D)
access-control-allow-origin: *
x-cache: HIT
content-type: image/jpeg
status: 200
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b494f5370b73ad8d3ee5bcca26272f7f
accept-ranges: bytes
content-length: 6991

GET
DATA 200
OK truncated
/ Frame 50FD 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 50FD 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6

Request headers

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 50FD 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2

Request headers

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame A5B2
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

7ms
7ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DF) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 19 Mar 2019 19:16:48 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 07 Mar 2019 17:40:21 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40DF)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Tue, 19 Mar 2019 19:16:48 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Tue, 19 Mar 2019 19:16:48 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_f
strict-transport-security: max-age=631138519
x-connection-hash: d63c77f0400fd542b2c7a5fa0eb4ab73
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 119
x-transaction: 0068334e00a71cd9
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 183 B
1 KB 174ms
125ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222f606a7f4eadd5%22%3A%225c3986d1c2b45d45777d%7C728x90%22%2C%22365216b83b2c9a%22%3A%225c3986d1c2b45d45777d%7C728x90%22%2C%22453ad9d811430f%22%3A%225c3986d1c2b45d45777d%7C728x90%22%7D&ref=https%3A%2F%2Fwww.pluspremieres.ch%2F&s=fc6eb33b-16ad-421e-9a21-24795d62081b&pv=6752db81-eac0-478b-aacb-d04d6a4c7728&vp=desktop&lib_name=prebid&lib_v=2.6.0&us=5&gdpr=false&

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

3cb7d8d6e786b4101dc1bef75769100758b3f78ce90746cf244078b5c859f617

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pluspremieres.ch/
Origin: https://www.pluspremieres.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 19 Mar 2019 19:16:53 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.pluspremieres.ch
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 173
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 369 B
1 KB 130ms
80ms XHR
application/json 185.33.223.204
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.204 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

f3a099c39206a415ff991576f7454ec40908c4e73394af36deae16c3f5d34ff4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.pluspremieres.ch/
Origin: https://www.pluspremieres.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 19 Mar 2019 19:16:55 GMT
X-Proxy-Origin: 83.97.23.52; 83.97.23.52; 319.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.135:80
AN-X-Request-Uuid: 4f6f1c43-5851-4864-ae79-13b38e330093
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.pluspremieres.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 369
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content cdb Show response
bidder.criteo.com/ 0
218 B 76ms
17ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=16&wv=2.6.0&cb=82689784958
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pluspremieres.ch/
Origin: https://www.pluspremieres.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.pluspremieres.ch
Date: Tue, 19 Mar 2019 19:16:52 GMT
Access-Control-Allow-Credentials: true
Server: Finatra
Timing-Allow-Origin: *
Vary: Origin

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ Frame 8FD1 8 KB
3 KB 45ms
12ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 74ae5dc766f53462002c71356190b3b1c68b664cc15ce8c4a9a2b4be6d321850

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2774
expires: Wed, 20 Mar 2019 19:16:28 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ Frame 8FD1 260 B
417 B 51ms
19ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=24866&formatId=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: fa325cbd2532d75512e0f188e4a76af3d7af8abd891b733fea7ae2bf39aa41c1

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 209
expires: Wed, 20 Mar 2019 19:16:53 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ Frame 5C49 8 KB
3 KB 36ms
18ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 74ae5dc766f53462002c71356190b3b1c68b664cc15ce8c4a9a2b4be6d321850

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2774
expires: Wed, 20 Mar 2019 19:16:28 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ Frame 5C49 260 B
417 B 36ms
19ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=24866&formatId=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: fa325cbd2532d75512e0f188e4a76af3d7af8abd891b733fea7ae2bf39aa41c1

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 209
expires: Wed, 20 Mar 2019 19:16:53 GMT

GET
H2 200 gen.js Show response
ads.themoneytizer.com/s/ Frame 48FB 8 KB
3 KB 19ms
11ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/gen.js?type=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: 74ae5dc766f53462002c71356190b3b1c68b664cc15ce8c4a9a2b4be6d321850

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 2774
expires: Wed, 20 Mar 2019 19:16:28 GMT

GET
H2 200 requestform.js Show response
ads.themoneytizer.com/s/ Frame 48FB 260 B
417 B 26ms
19ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform.js?siteId=24866&formatId=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: fa325cbd2532d75512e0f188e4a76af3d7af8abd891b733fea7ae2bf39aa41c1

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 209
expires: Wed, 20 Mar 2019 19:16:53 GMT

GET
H/1.1 200
OK / Show response
g.tmyzer.com/g/ Frame 48FB 23 B
197 B 171ms
26ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.tmyzer.com/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: fe7d73f8dca21596a0f2b0f02cf50437153e924573994204f48fe09a89890853

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:53 GMT
Server: nginx
X-IPLB-Instance: 15015
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ Frame 48FB 12 KB
4 KB 39ms
8ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:07 GMT
server: nginx
etag: "779a-308e-582e3105a6be4"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3931
expires: Wed, 20 Mar 2019 19:16:20 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ Frame 48FB 37 KB
16 KB 44ms
14ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:00 GMT
server: nginx
etag: "7ff1-9390-582e30fefbc74"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Wed, 20 Mar 2019 19:16:20 GMT

GET
H2 200 getjs.static.js Show response
tag.contextweb.com/ Frame 48FB 32 KB
11 KB 152ms
40ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 3
content-type: application/x-javascript
content-length: 11296

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11528/ Frame 48FB 1 KB
2 KB 3094ms
20ms Script
application/javascript 143.204.214.103
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/11528/px.js?r=1f5db
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.103 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 02 Mar 2019 03:26:24 GMT
Content-Encoding: UTF-8
Last-Modified: Wed, 10 Oct 2018 10:49:46 GMT
Server: AmazonS3
Age: 1525833
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: rbmQ_n6W-7aIdUoVuTMAbqjI2kSfjDj8idVe89QqmAFXlYFCaZwcaA==

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame 48FB 25 KB
25 KB 195ms
10ms Script
text/javascript 143.204.208.51
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.51 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-208-51.fra53.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 17:01:06 GMT
Via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 8485
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: SquBi4VCtyYpmh4dowOxHD9S06RZL1fgqS25xfiRrcEkRxadA29_tQ==

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/ Frame 48FB
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

23 KB
8 KB

177ms
7ms

Script
application/x-javascript

2a02:26f0:6c00:28b::c01
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28b::c01 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 26517193e17e52b864db99512527c75112afb1290eee8b7d4548e23082f0e876

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Feb 2019 13:12:51 GMT
Server: Apache
ETag: "18d57cd29660668e0675302a0f212fc1:1549890771"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7698

Redirect headers

Location: https://ced-ns.sascdn.com/diff/js/smart.js
Date: Tue, 19 Mar 2019 19:16:54 GMT
Cache-Control: public, no-cache="Set-Cookie", max-age=3600
Content-Type: text/html; charset=utf-8
ETag: "7CC9F48E6BDAC1BFB3AA3789553AE7F9"
Content-Length: 159
Expires: Tue, 19 Mar 2019 20:16:54 GMT

GET
H/1.1 200
OK sync Show response
gum.criteo.com/ Frame 48FB 49 B
282 B 872ms
209ms Script
text/javascript 2406:2600:1::a
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL: https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 2406:2600:1::a , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 19 Mar 2019 19:16:53 GMT
Cache-Control: private, max-age=3600
Server: Microsoft-IIS/10.0
Content-Type: text/javascript; charset=utf-8
Content-Length: 49
Expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ Frame 48FB 3 KB
3 KB 267ms
20ms Script
application/javascript 147.135.143.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.44 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:53 GMT
Last-Modified: Wed, 28 Nov 2018 09:16:40 GMT
Server: nginx/1.14.2
ETag: "5bfe5cf8-a72"
X-IPLB-Instance: 13167
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET
H/1.1 200
OK / Show response
g.tmyzer.com/g/ Frame 8FD1 23 B
197 B 177ms
13ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.tmyzer.com/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: fe7d73f8dca21596a0f2b0f02cf50437153e924573994204f48fe09a89890853

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:53 GMT
Server: nginx
X-IPLB-Instance: 15015
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ Frame 8FD1 12 KB
4 KB 28ms
7ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:07 GMT
server: nginx
etag: "779a-308e-582e3105a6be4"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3931
expires: Wed, 20 Mar 2019 19:16:20 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ Frame 8FD1 37 KB
16 KB 34ms
13ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:00 GMT
server: nginx
etag: "7ff1-9390-582e30fefbc74"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Wed, 20 Mar 2019 19:16:20 GMT

GET
H2 200 getjs.static.js Show response
tag.contextweb.com/ Frame 8FD1 32 KB
11 KB 132ms
27ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 2
content-type: application/x-javascript
content-length: 11296

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11528/ Frame 8FD1 1 KB
2 KB 3087ms
20ms Script
application/javascript 143.204.214.103
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/11528/px.js?r=1079e
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.103 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Thu, 07 Mar 2019 20:37:35 GMT
Content-Encoding: UTF-8
Last-Modified: Wed, 10 Oct 2018 10:49:46 GMT
Server: AmazonS3
Age: 1031962
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 d7524ff4a82155dd51a24800cf39deec.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: lGs30ZQX35to0zhpCbPT-M83DNVJqzPJt8eh4BfFV3wKkz62RbNh9A==

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame 8FD1 25 KB
25 KB 69ms
11ms Script
text/javascript 143.204.208.51
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.51 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-208-51.fra53.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 17:01:06 GMT
Via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 8485
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: 7CKW_AS2SeBd-impmff_ZYbU3j1EuQL6_YP__ZmWFNwvGIU3sINOdQ==

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/ Frame 8FD1
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

23 KB
8 KB

155ms
7ms

Script
application/x-javascript

2a02:26f0:6c00:28b::c01
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28b::c01 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 26517193e17e52b864db99512527c75112afb1290eee8b7d4548e23082f0e876

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Feb 2019 13:12:51 GMT
Server: Apache
ETag: "18d57cd29660668e0675302a0f212fc1:1549890771"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7698

Redirect headers

Location: https://ced-ns.sascdn.com/diff/js/smart.js
Date: Tue, 19 Mar 2019 19:16:53 GMT
Cache-Control: public, no-cache="Set-Cookie", max-age=3600
Content-Type: text/html; charset=utf-8
ETag: "7CC9F48E6BDAC1BFB3AA3789553AE7F9"
Content-Length: 159
Expires: Tue, 19 Mar 2019 20:16:54 GMT

GET
H/1.1 200
OK sync Show response
gum.criteo.com/ Frame 8FD1 49 B
282 B 860ms
216ms Script
text/javascript 2406:2600:1::a
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL: https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 2406:2600:1::a , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 19 Mar 2019 19:16:53 GMT
Cache-Control: private, max-age=3600
Server: Microsoft-IIS/10.0
Content-Type: text/javascript; charset=utf-8
Content-Length: 49
Expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ Frame 8FD1 3 KB
3 KB 104ms
20ms Script
application/javascript 147.135.143.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.44 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:53 GMT
Last-Modified: Wed, 28 Nov 2018 09:16:40 GMT
Server: nginx/1.14.2
ETag: "5bfe5cf8-a72"
X-IPLB-Instance: 13167
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET
H/1.1 200
OK / Show response
g.tmyzer.com/g/ Frame 5C49 23 B
197 B 914ms
19ms Script
text/html 145.239.193.145
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://g.tmyzer.com/g/
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 145.239.193.145 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: fe7d73f8dca21596a0f2b0f02cf50437153e924573994204f48fe09a89890853

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:54 GMT
Server: nginx
X-IPLB-Instance: 15014
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 moneyvisibility.js Show response
ads.themoneytizer.com/ Frame 5C49 12 KB
4 KB 32ms
14ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneyvisibility.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:07 GMT
server: nginx
etag: "779a-308e-582e3105a6be4"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 3931
expires: Wed, 20 Mar 2019 19:16:20 GMT

GET
H2 200 moneybile.js Show response
ads.themoneytizer.com/ Frame 5C49 37 KB
16 KB 35ms
17ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybile.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
last-modified: Wed, 27 Feb 2019 16:57:00 GMT
server: nginx
etag: "7ff1-9390-582e30fefbc74"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15733
expires: Wed, 20 Mar 2019 19:16:20 GMT

GET
H2 200 getjs.static.js Show response
tag.contextweb.com/ Frame 5C49 32 KB
11 KB 21ms
20ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/getjs.static.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
server: envoy
etag: d13c8ae45565efb782b52cb7f6a3b3828e3d77a7
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: max-age=432000, public
x-envoy-upstream-service-time: 4
content-type: application/x-javascript
content-length: 11296

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/11528/ Frame 5C49 1 KB
2 KB 2903ms
16ms Script
application/javascript 143.204.214.103
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/11528/px.js?r=1fda4
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.103 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-103.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Mar 2019 23:19:52 GMT
Content-Encoding: UTF-8
Last-Modified: Wed, 10 Oct 2018 10:49:46 GMT
Server: AmazonS3
Age: 935825
ETag: "f30057c89bf67afeaf18ceba624fa4b7"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: uHl9YZr5Xa2LS6fLrGkG_768vqS6EToKlxxsN11Js_UZn7Z73xJUYQ==

GET
H/1.1 200
OK notifyme.js Show response
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ Frame 5C49 25 KB
25 KB 47ms
8ms Script
text/javascript 143.204.208.221
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.221 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-208-221.fra53.r.cloudfront.net
Software: Apache /
Resource Hash: b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 17:01:00 GMT
Via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Age: 8485
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25704
X-Amz-Cf-Id: EHHYA4FhJ2tYLLe354zg8TCJ-ylgVSqvvJRGONushhhwHyZWz85daw==

GET
H/1.1

200
OK

smart.js Show response
ced-ns.sascdn.com/diff/js/ Frame 5C49
Redirect Chain

https://ww1097.smartadserver.com/config.js?nwid=1097
https://ced-ns.sascdn.com/diff/js/smart.js

23 KB
8 KB

137ms
9ms

Script
application/x-javascript

2a02:26f0:6c00:28b::c01
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/js/smart.js
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:28b::c01 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: Apache /
Resource Hash: 26517193e17e52b864db99512527c75112afb1290eee8b7d4548e23082f0e876

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Feb 2019 13:12:51 GMT
Server: Apache
ETag: "18d57cd29660668e0675302a0f212fc1:1549890771"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7698

Redirect headers

Location: https://ced-ns.sascdn.com/diff/js/smart.js
Date: Tue, 19 Mar 2019 19:16:54 GMT
Cache-Control: public, no-cache="Set-Cookie", max-age=3600
Content-Type: text/html; charset=utf-8
ETag: "7CC9F48E6BDAC1BFB3AA3789553AE7F9"
Content-Length: 159
Expires: Tue, 19 Mar 2019 20:16:54 GMT

GET
H/1.1 200
OK sync Show response
gum.criteo.com/ Frame 5C49 49 B
282 B 768ms
211ms Script
text/javascript 2406:2600:1::a
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL: https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 2406:2600:1::a , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 19 Mar 2019 19:16:53 GMT
Cache-Control: private, max-age=3600
Server: Microsoft-IIS/10.0
Content-Type: text/javascript; charset=utf-8
Content-Length: 49
Expires: 60

GET
H/1.1 200
OK libJsLP.js Show response
tag.leadplace.fr/ Frame 5C49 3 KB
3 KB 22ms
20ms Script
application/javascript 147.135.143.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.leadplace.fr/libJsLP.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/gen.js?type=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.135.143.44 Waltham, United States, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:54 GMT
Last-Modified: Wed, 28 Nov 2018 09:16:40 GMT
Server: nginx/1.14.2
ETag: "5bfe5cf8-a72"
X-IPLB-Instance: 13167
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2674

GET
H2 200 requestform3.js Show response
ads.themoneytizer.com/s/ Frame 8FD1 45 KB
8 KB 29ms
21ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=24866&formatId=1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=24866&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: d910437091c56144051002255f7f254107c53c06e0de38492a4aed56dc293d6c

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
expires: Wed, 20 Mar 2019 19:16:53 GMT

GET
H/1.1

200
OK

id5_cm
ads.creative-serving.com/ Frame 8FD1
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://id5-sync.com/c/12/0/9/1.gif
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID
https://id5-sync.com/c/12/2/8/2.gif?puid=64976051806397936
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D
https://id5-sync.com/c/12/10/7/3.gif?puid=5222556655387492395
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D

43 B
315 B

141ms
40ms

Image
image/gif

104.155.76.175
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.155.76.175 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 175.76.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D
Date: Tue, 19 Mar 2019 19:20:22 GMT
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked
P3P: CP="CAO PSA OUR"

GET
H2 200 requestform3.js Show response
ads.themoneytizer.com/s/ Frame 5C49 45 KB
8 KB 30ms
22ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=24866&formatId=1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=24866&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: d910437091c56144051002255f7f254107c53c06e0de38492a4aed56dc293d6c

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
expires: Wed, 20 Mar 2019 19:16:53 GMT

GET
H/1.1

200
OK

6.gif
id5-sync.com/c/12/108/4/ Frame 5C49
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fid5-sync.com%2Fc%2F12%2F2%2F8%2F2.gif%3Fpuid%3D%24UID
https://id5-sync.com/c/12/2/8/2.gif?puid=8232833255173715534
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D
https://id5-sync.com/c/12/10/7/3.gif?puid=5222556655387492395
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D
https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D
https://id5-sync.com/c/12/101/6/4.gif?puid=11a1a6ec-c3ae-4f71-acc4-87b149df3737
https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-SWe6fm2OrWxHTRJWlTF080cnTj01BBMa1PHQn0gCBg&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F102%2F5%2F5.gif%3Fpuid%3DSMART_U...
https://id5-sync.com/c/12/102/5/5.gif?puid=590366358645769741
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D
https://id5-sync.com/c/12/108/4/6.gif?puid=8fa6b1d2-4a7b-11e9-b596-0a580a4c042b

43 B
668 B

75ms
17ms

Image
image/gif

5.39.67.10
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id5-sync.com/c/12/108/4/6.gif?puid=8fa6b1d2-4a7b-11e9-b596-0a580a4c042b
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 5.39.67.10 , France, ASN16276 (OVH, FR),
Reverse DNS: s06.id5-sync.com
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:20:23 GMT
Server: Apache-Coyote/1.1
Content-Type: image/gif;charset=UTF-8
Transfer-Encoding: chunked
P3P: CP="CAO PSA OUR"

Redirect headers

status: 302
date: Tue, 19 Mar 2019 19:16:56 GMT
via: 1.1 google
server: Jetty(8.1.13.v20130916)
alt-svc: clear
location: https://id5-sync.com/c/12/108/4/6.gif?puid=8fa6b1d2-4a7b-11e9-b596-0a580a4c042b
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 requestform3.js Show response
ads.themoneytizer.com/s/ Frame 48FB 45 KB
8 KB 29ms
22ms Script
text/html 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=24866&formatId=1
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=24866&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / PHP/5.4.45
Resource Hash: d910437091c56144051002255f7f254107c53c06e0de38492a4aed56dc293d6c

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/5.4.45
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=86400
accept-ranges: bytes
expires: Wed, 20 Mar 2019 19:16:53 GMT

GET
H/1.1

200
OK

id5_cm
ads.creative-serving.com/ Frame 48FB
Redirect Chain

https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
https://secure.adnxs.com/getuid?https://id5-sync.com/c/12/2/8/2.gif?puid=$UID
https://id5-sync.com/c/12/2/8/2.gif?puid=8232833255173715534
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D
https://id5-sync.com/c/12/10/7/3.gif?puid=6584421482604571883
https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D

43 B
315 B

187ms
55ms

Image
image/gif

104.155.76.175
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D
Requested by: Host: www.pluspremieres.ch
URL: https://www.pluspremieres.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.155.76.175 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 175.76.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F12%2F101%2F6%2F4.gif%3Fpuid%3D%5BUID%5D
Date: Tue, 19 Mar 2019 19:20:22 GMT
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked
P3P: CP="CAO PSA OUR"

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ Frame 8FD1 12 KB
6 KB 11ms
9ms Script
application/x-javascript 18.195.154.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=24866&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.154.247 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-195-154-247.eu-central-1.compute.amazonaws.com
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19-Mar-2019 19:16:54 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Tue, 26 Mar 2019 19:16:54 GMT

GET
H2 200 becedcbb-a07e-4bbe-be7d-d3d30d62e3f0 Show response
tmzr.pubstack.io/v1/tag/ Frame 8FD1 1 KB
750 B 308ms
32ms Script
application/javascript 54.76.210.198
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tmzr.pubstack.io/v1/tag/becedcbb-a07e-4bbe-be7d-d3d30d62e3f0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=24866&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.210.198 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-76-210-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d5bd922af68bb079234e37e3ba38ff2ca4db3ce7e23d8fedc1df46f60d37b915

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Tue, 19 Mar 2019 19:16:54 GMT
cache-control: max-age=120
content-encoding: gzip
content-length: 638
content-type: application/javascript

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid1_39/build/dist/ Frame 8FD1 275 KB
87 KB 18ms
16ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=24866&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 82fcf99ccf31eeffbfe2249c1863edc0a5c6fb1be76eb82f85287e696bef306b

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 20:06:04 GMT
server: nginx
etag: "25b17-44aec-5841373bd11e2"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 88644
expires: Wed, 20 Mar 2019 19:16:20 GMT

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ Frame 48FB 12 KB
6 KB 11ms
11ms Script
application/x-javascript 18.195.154.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=24866&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.154.247 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-195-154-247.eu-central-1.compute.amazonaws.com
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19-Mar-2019 19:16:54 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Tue, 26 Mar 2019 19:16:54 GMT

GET
H2 200 becedcbb-a07e-4bbe-be7d-d3d30d62e3f0 Show response
tmzr.pubstack.io/v1/tag/ Frame 48FB 1 KB
750 B 107ms
32ms Script
application/javascript 54.76.210.198
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tmzr.pubstack.io/v1/tag/becedcbb-a07e-4bbe-be7d-d3d30d62e3f0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=24866&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.210.198 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-76-210-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d5bd922af68bb079234e37e3ba38ff2ca4db3ce7e23d8fedc1df46f60d37b915

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Tue, 19 Mar 2019 19:16:54 GMT
cache-control: max-age=120
content-encoding: gzip
content-length: 638
content-type: application/javascript

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid1_39/build/dist/ Frame 48FB 275 KB
87 KB 23ms
22ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=24866&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 82fcf99ccf31eeffbfe2249c1863edc0a5c6fb1be76eb82f85287e696bef306b

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 20:06:04 GMT
server: nginx
etag: "25b17-44aec-5841373bd11e2"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 88644
expires: Wed, 20 Mar 2019 19:16:20 GMT

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ Frame 5C49 12 KB
6 KB 9ms
9ms Script
application/x-javascript 18.195.154.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=24866&formatId=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.154.247 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-195-154-247.eu-central-1.compute.amazonaws.com
Software: QS /
Resource Hash: 404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19-Mar-2019 19:16:54 GMT
Server: QS
ETag: M0-e2b9884a
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 5456
Expires: Tue, 26 Mar 2019 19:16:54 GMT

GET
H2 200 becedcbb-a07e-4bbe-be7d-d3d30d62e3f0 Show response
tmzr.pubstack.io/v1/tag/ Frame 5C49 1 KB
750 B 97ms
33ms Script
application/javascript 54.76.210.198
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://tmzr.pubstack.io/v1/tag/becedcbb-a07e-4bbe-be7d-d3d30d62e3f0
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=24866&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.210.198 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-76-210-198.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d5bd922af68bb079234e37e3ba38ff2ca4db3ce7e23d8fedc1df46f60d37b915

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Tue, 19 Mar 2019 19:16:54 GMT
cache-control: max-age=120
content-encoding: gzip
content-length: 638
content-type: application/javascript

GET
H2 200 prebid.js Show response
ads.themoneytizer.com/moneybid1_39/build/dist/ Frame 5C49 275 KB
87 KB 24ms
23ms Script
text/javascript 151.139.241.23
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.themoneytizer.com/moneybid1_39/build/dist/prebid.js
Requested by: Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=24866&formatId=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.23 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 82fcf99ccf31eeffbfe2249c1863edc0a5c6fb1be76eb82f85287e696bef306b

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 19:16:53 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2019 20:06:04 GMT
server: nginx
etag: "25b17-44aec-5841373bd11e2"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=86400
accept-ranges: bytes
content-length: 88644
expires: Wed, 20 Mar 2019 19:16:20 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame 48FB 84 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=24866&formatId=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 01:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 927163
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 30186
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 01:44:11 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame 8FD1 84 KB
30 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=24866&formatId=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 01:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 927163
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 30186
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 01:44:11 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ Frame 5C49 84 KB
30 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:816::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js

Requested by

Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform3.js?siteId=24866&formatId=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 01:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 927163
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 30186
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 01:44:11 GMT

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ Frame 8FD1 1 KB
949 B 9ms
9ms Script
application/x-javascript 2600:9000:200d:d800:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:d800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 18:29:31 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 2846
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-id: J4K3ZUPnOwGkT-W8PxaFJerZzS-uhdNS0Amx4HTRVkCsvSemnzShqQ==
via: 1.1 09052d1a6e392e4f4a3fd97bf34a2b24.cloudfront.net (CloudFront)

OPTIONS
H2 200 track Show response
track.venatusmedia.com/dual/ 0
209 B 116ms
28ms XHR
text/plain 52.214.69.9
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.69.9 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-214-69-9.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.pluspremieres.ch
Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Tue, 19 Mar 2019 19:16:54 GMT
access-control-allow-origin: https://www.pluspremieres.ch
vary: Origin
access-control-allow-methods: POST
status: 200
access-control-max-age: 3600
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 0

POST
H2 200 track Show response
track.venatusmedia.com/dual/ 16 B
168 B 28ms
28ms XHR
application/json 52.214.69.9
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.69.9 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-214-69-9.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.pluspremieres.ch/
Origin: https://www.pluspremieres.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

status: 200
date: Tue, 19 Mar 2019 19:16:54 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.pluspremieres.ch
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ Frame 48FB 1 KB
948 B 9ms
7ms Script
application/x-javascript 2600:9000:200d:d800:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:d800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 18:29:31 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 2846
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-id: UIAvxzovvdcUG7K2bUXewF8h-URnEwWGMvzh0mul7igoT48WNalvFQ==
via: 1.1 09052d1a6e392e4f4a3fd97bf34a2b24.cloudfront.net (CloudFront)

GET
H2 200 rules-p-6Fv0cGNfc_bw8.js Show response
rules.quantcount.com/ Frame 5C49 1 KB
948 B 9ms
9ms Script
application/x-javascript 2600:9000:200d:d800:6:44e3:f8c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200d:d800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 19 Mar 2019 18:29:31 GMT
content-encoding: gzip
last-modified: Mon, 19 Mar 2018 22:28:36 GMT
server: AmazonS3
age: 2846
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=3600
x-amz-cf-id: V0tXtfhktggmFkXNPsutdPGGJYOD3BSVIcyiUTeDgEcLFpimtVdcJw==
via: 1.1 09052d1a6e392e4f4a3fd97bf34a2b24.cloudfront.net (CloudFront)

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ Frame 48FB 0
531 B 1286ms
34ms XHR
application/x-javascript 54.247.163.36
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.163.36 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-163-36.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pluspremieres.ch/
Origin: https://www.pluspremieres.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Mar 2019 19:16:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Mar 2019 19:16:55 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.pluspremieres.ch
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ Frame 8FD1 0
531 B 1313ms
36ms XHR
application/x-javascript 54.247.163.36
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.163.36 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-163-36.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pluspremieres.ch/
Origin: https://www.pluspremieres.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Mar 2019 19:16:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Mar 2019 19:16:56 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.pluspremieres.ch
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK notifyme.php Show response
adtrack.adleadevent.com/ Frame 5C49 0
531 B 1335ms
30ms XHR
application/x-javascript 54.247.163.36
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.163.36 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-163-36.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pluspremieres.ch/
Origin: https://www.pluspremieres.ch
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Mar 2019 19:16:56 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Mar 2019 19:16:56 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.pluspremieres.ch
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 monitoring.js Show response
cdn-prod.pubstack.io/ Frame 8FD1 54 KB
17 KB 62ms
8ms XHR
application/javascript 143.204.214.121
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-prod.pubstack.io/monitoring.js
Requested by: Host: tmzr.pubstack.io
URL: https://tmzr.pubstack.io/v1/tag/becedcbb-a07e-4bbe-be7d-d3d30d62e3f0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.121 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-121.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0063a9280a4551c270f5439383b8e2a739081821777288dfa8c91d7c1da81e6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.pluspremieres.ch/
Origin: https://www.pluspremieres.ch

Response headers

x-amz-version-id: NNJAxt_aYRFXq4zHf6lz2q5VGVLImzgK
content-encoding: gzip
vary: Origin
age: 1133
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 14 Feb 2019 17:40:52 GMT
server: AmazonS3
date: Tue, 19 Mar 2019 18:58:02 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-id: IpZ0kcMh_3lkF1go8Z6lBvZqTfp69DnR-YTS6x3t1tn7QqV2T6bIXg==

GET
H2 200 monitoring.js Show response
cdn-prod.pubstack.io/ Frame 48FB 54 KB
17 KB 70ms
17ms XHR
application/javascript 143.204.214.121
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-prod.pubstack.io/monitoring.js
Requested by: Host: tmzr.pubstack.io
URL: https://tmzr.pubstack.io/v1/tag/becedcbb-a07e-4bbe-be7d-d3d30d62e3f0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.121 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-121.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0063a9280a4551c270f5439383b8e2a739081821777288dfa8c91d7c1da81e6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.pluspremieres.ch/
Origin: https://www.pluspremieres.ch

Response headers

x-amz-version-id: NNJAxt_aYRFXq4zHf6lz2q5VGVLImzgK
content-encoding: gzip
vary: Origin
age: 1133
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 14 Feb 2019 17:40:52 GMT
server: AmazonS3
date: Tue, 19 Mar 2019 18:58:02 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-id: G0rk0u_vTdZODymtsqmpckRG_dRaVZVdr9WXpMZwmXKrtz7JevNdng==

GET
H2 200 monitoring.js Show response
cdn-prod.pubstack.io/ Frame 5C49 54 KB
17 KB 69ms
17ms XHR
application/javascript 143.204.214.121
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-prod.pubstack.io/monitoring.js
Requested by: Host: tmzr.pubstack.io
URL: https://tmzr.pubstack.io/v1/tag/becedcbb-a07e-4bbe-be7d-d3d30d62e3f0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.121 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-121.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0063a9280a4551c270f5439383b8e2a739081821777288dfa8c91d7c1da81e6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.pluspremieres.ch/
Origin: https://www.pluspremieres.ch

Response headers

x-amz-version-id: NNJAxt_aYRFXq4zHf6lz2q5VGVLImzgK
content-encoding: gzip
vary: Origin
age: 1133
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 14 Feb 2019 17:40:52 GMT
server: AmazonS3
date: Tue, 19 Mar 2019 18:58:02 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-id: DWkhB2_ypichGioR8NKxKkLdLA7lWeP6XCKtPd2sWxReTm3JCHYhWQ==

GET
H/1.1 200
OK publishertag.prebid.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 1078ms
19ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 49b9e18a4b833d5c0b464a8e868f333dbefba58b690fb00d90e7aad180e6e847

Request headers

Referer: https://www.pluspremieres.ch/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 19 Mar 2019 19:16:57 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 13:26:35 GMT
Server: nginx
ETag: W/"5c811c0b-9ab2"
Transfer-Encoding: chunked
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Wed, 20 Mar 2019 19:16:57 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www5.cbox.ws
URL: https://www5.cbox.ws/box/?boxid=518294&boxtag=m3ww8d

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pluspremieres.ch/	1970-01-19 08:09:19	Name: __cfduid Value: d7cb28e9c06cbfdf1193db7c6e2a712101553023008

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ads.themoneytizer.com/s/gen.js?type=1(Line 144) Message: [ID5] Exception received while calling TCF CMP
console-api	log	URL: https://ads.themoneytizer.com/s/gen.js?type=1(Line 144) Message: [ID5] Exception received while calling TCF CMP
console-api	log	URL: https://ads.themoneytizer.com/s/gen.js?type=1(Line 144) Message: [ID5] Exception received while calling TCF CMP
console-api	log	URL: https://ads.themoneytizer.com/s/gen.js?type=1(Line 144) Message: [ID5] Firing ID5 pixel at url:
console-api	log	URL: https://ads.themoneytizer.com/s/gen.js?type=1(Line 144) Message: [ID5] Firing ID5 pixel at url:
console-api	log	URL: https://ads.themoneytizer.com/s/gen.js?type=1(Line 144) Message: [ID5] Firing ID5 pixel at url:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
ads.creative-serving.com
ads.themoneytizer.com
adtrack.adleadevent.com
ajax.googleapis.com
apex.go.sonobi.com
apis.google.com
bidder.criteo.com
c1.adform.net
cdn-prod.pubstack.io
cdn.syndication.twimg.com
ced-ns.sascdn.com
code.jquery.com
connect.facebook.net
d2zur9cc2gf1tx.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
g.tmyzer.com
gum.criteo.com
hb.vntsm.com
host.pluspremieres.us
i.imgur.com
ib.adnxs.com
id5-sync.com
is1-ssl.mzstatic.com
is2-ssl.mzstatic.com
is3-ssl.mzstatic.com
is4-ssl.mzstatic.com
is5-ssl.mzstatic.com
mc.yandex.ru
p.cpx.to
pbs.twimg.com
pixel.tapad.com
platform.twitter.com
pluspremieres.ch
resources.blogblog.com
rtb-csync.smartadserver.com
rules.quantcount.com
secure.adnxs.com
secure.quantserve.com
static.criteo.net
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
tag.contextweb.com
tag.leadplace.fr
tmzr.pubstack.io
track.venatusmedia.com
vendorlist.consensu.org
ww1097.smartadserver.com
www.apple.com
www.blogger.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.pluspremieres.ch
www5.cbox.ws
www5.cbox.ws
104.155.76.175
104.244.42.200
108.161.188.138
143.204.208.221
143.204.208.51
143.204.214.103
143.204.214.121
144.76.209.249
145.239.193.145
147.135.143.44
151.101.120.193
151.139.241.23
178.162.133.150
178.250.0.130
178.250.0.165
18.195.154.247
185.33.223.204
185.33.223.209
185.33.223.80
185.86.137.32
185.86.139.29
193.70.45.171
199.192.25.127
205.185.208.52
2406:2600:1::a
2600:9000:200d:d800:6:44e3:f8c0:93a1
2600:9000:20bb:5a00:1:af78:4c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:30::681f:5f35
2a00:1450:4001:808::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:816::200a
2a00:1450:4001:816::200e
2a00:1450:4001:818::2009
2a00:1450:4001:819::2001
2a00:1450:4001:820::2003
2a00:1450:4001:820::200a
2a00:1450:4001:824::2004
2a00:1450:4001:825::2003
2a00:1450:400c:c08::9a
2a02:26f0:64:588::1aca
2a02:26f0:64:595::2a1
2a02:26f0:64:596::2a1
2a02:26f0:64:5a1::2a1
2a02:26f0:64:5a7::2a1
2a02:26f0:6c00:28b::c01
2a02:6b8::1:119
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
35.227.197.177
37.157.4.25
46.105.114.118
5.39.67.10
52.214.69.9
54.247.163.36
54.36.123.231
54.36.123.232
54.76.210.198
74.214.194.131
93.184.220.70
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
013e3aa2efe94e14a8a4feeb4f890ba3d04bba060828198313b28c52180fa7e2
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06ae3dad0d03f28702f4618fa23e42ceb785a534f45dd138cd8f13639b1efa21
07962a325041c358cd1c26eb1e602fa664aac7c496c9f20f03070cd147f472f4
127b93e99862db3608584b1045e8672187331708838292454320f308987d9ad4
144379243353aa6052f8f7b9568db548267a5fac359db22df7d90ebfe88d1b28
162072d3665e40d8eca37c2a59f53e28b12274559de9105ffe0f0c173d2e93d0
19191cfd350580341f90062ca3328621c00a65391b8600c9102c784b1b54360e
19c578cc052ab80b04dfc8c7b7fc372ffc7bf6be58cf79fb6fa4f89392c181cc
19cda205f1d4e140aabeda5f0a6c395ba0b8bd0ab63771b5f2002176bee7022a
1bb228dbc400599f44061b031aaf653671bb60e0cc8609b48aa3f4d10f14f9ff
1cab89fb914e3917a52f693063b431815b3ba125b904364c4fe72a582bd70eed
1d0591172dcd892d204e6fbb0f35ab060c2c2d6628a0f33b5f36975c6079ccb0
24be48987f5c810cc4da83edd006ff0babcdaf775fdd025affa78665184be2ed
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26517193e17e52b864db99512527c75112afb1290eee8b7d4548e23082f0e876
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
26ce6b52e4a425a2678d33452eec0c7c9fc2806f5eccd0726e66c25b83490eb6
27b81050a0f9e38e48b72699b441e83173df95b8d733cbf2aba60006421d668e
280c10f011ddc1d80b9580e71f19b612c2e45174991946df109cb1120547c6f5
292762208010c6258db612556e8c5e9fdfd40f7d57cce8fb9f83854bfa3ff5d9
2a9097c57761880f31cf1f2efe2ad086aec265c2facb09b103f97c61036b92dd
2ee672ac0b18a5805e5f164891e45e7597a0897cb2b6f44c671fed2a59bc445f
2f7b4f6bda461b47c9d42d29441dc049607f613facbdd721582f126cea66ef36
30ff4d6f8c955c07d5b5c528a9f1a570e05a3b5ffeb6e8b9aa62d6ce8e0fbc83
32df04a768f587b2b319d24353504f771ca9dd7d7554ba2fc1f4e4b7d2e6b820
3bab57e4509bc59558dedc4a01bdd70472f11c0af541bb9ce027e20923e218a3
3cb7d8d6e786b4101dc1bef75769100758b3f78ce90746cf244078b5c859f617
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
42058b83339f1e7e2d4e28460c522b409b699a622fe1af2c4060ecc2e52f4028
42bdfa1e037695e8919d905908ba8591f9636401e277bf4fa0b5df1c85b2c45a
44da9f317e3cecd58bfff9cc26aa19a4a8997830f8ded69a15033e686297c1f8
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
45ac199b2a6a10c7f4eb6d7d2ea87ca0239ac8a7a9e2cbb8c72031dd93f1fbdf
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19
46894e6d4d290d4f3ed0b4a7162a9778f14d38ca7997057dc66e2a86239cefb9
46d5273d735391f5c05f0fb82df9a363a290419c3aeea2d64dfc0d46de9a9681
494becc937f3e98c3de5df1f4f693d5edc9d77ac38608171e16eb180c1167a01
49b9e18a4b833d5c0b464a8e868f333dbefba58b690fb00d90e7aad180e6e847
5022e62371fa00943cc7a184921d8f3bd6d0de16d0369182399c535dc92e7e06
514edd92ff8426e567cabf923efbf566359c85646fd82c1a30138658a34d485f
52605b97aa8b049c4f6f2c02f4488356048e07e9ddd70442b14e040e9ad39dfc
52726fb580d6bffc46615863ddbf4c319524b5a68fb484be2972bdad4fd0310d
53ee4ae2a0102c1413a89075ca10d5652511ebda7b57920e9d34dbdd6a958841
546e033d0713f9bd6914588d5a397cee6fda41e2a4e3696734c4c50395f21535
547ea67155dac1c27efb550426c4848b7364357ed040fd531719c4797e356a1d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a43c4c3c87d700747e591e3bce2ec67c9bed30764ff19bd5fb62acd96f00e5
57a90aba66c961fb59eec0e56fe73371e321a5620cca105eb90672f3123fb6d6
5a015e76f3770c9b8c0c0979c8ada33b9c6414ec26b69c54c1d8ae963463e0cd
5d5e52a8e6869d32c466730c6f77b3749a6ad42f348b8ad4bbfd929762a48abf
5d7c184f73407fd0b6e92743095a0d2a5cb5d3b853ce898798c24ef87d622db1
5df2bf758c915921240e7264a9722c7191cf0a7f53e1fb50c4d6454924a3576f
5fe15c5edf2a7553badaa88c0d4c11539d73277770de5da7a4ae36a2493e01dc
6019882b556e458001e861329dac6e25ea59de66f59e50fad239f0a6cc09da38
6371e40771495e27a435f9a17e1bbc6b8181fd7d1298c870dd3a235102eae204
63f8bee273d293a685bc634099e7547302784a62296ef170905c88b1cd4b0772
65e419e8a290281f0b4cc3e5c158d2b2e4607f36c7f58b7044024ca36bb23242
66a4cd925666b4f0bfb9c5ea5104d62843ff202a8701c12082c0849d64c6d127
68a21402dc8bbd85d41b7bf206a9819d583d6b81f39bb67f744d3c39d8d68d36
6c4b4056e38fbaef425792a87708636d324e9709fe385bfc036bc8ee67522835
6d3adaefc6eedd7208846595138214ec35159fd4a566bc1e960ff6ab68092526
70bce9889ec87a65a95a2d7a724fc26fd50101326320956fc357ef727ec89467
735e084216a7bc246b6e734b9fcbe577edfa4dfbbc075486e2110dd123cb2920
74ae5dc766f53462002c71356190b3b1c68b664cc15ce8c4a9a2b4be6d321850
759d88dd7c8fa0d1e31323bd2ebf3f238156fdcbd1ed108215f69fece482d0c2
75eb4c7ee95ae88e7de2a29fe8adf0934378b1bd6f4596d394c3c409289e0879
7665c874bc98e44bd494def2883069f2f4c14cdef48d52d517cbbfce75440f37
766636ed6485a0dd20cb23781e841074a2219e03fb77a5869f7ead96586cbb07
7718cbd0ca1f3556f995e69403036f21b519246fb08012d7fc120155b2fe0f2a
78a1e7a3a1c81bfc10139570c344962793cf333af955ee06181d2d39a6709451
79919194d48ba632efa034a4dee4c8247597b69dc23f6e6dc037f527d2865ae5
7a79cd1f9ff235a25fa18640da8e56f45715e265ac8415f23b89653ff6f3bcb1
7cbb0e141a91d2c3c30c06148c1a32c2437ea6452f107a4e1fb0c032708a1295
7e4eba86367c61f61229d3a46526d36c63c5976bacd90e2a82c7625f56db0486
814ed3598b0b3cc66c62ee854d3a6651d1202299a4a18b09b3a58356f832a0fa
82fcf99ccf31eeffbfe2249c1863edc0a5c6fb1be76eb82f85287e696bef306b
84751e4b0b72d99a0083394ad60718449f51d75d059f217ba0e74411a02c01e8
851a559cf2bddeaceb6bb0b4b935c082eebc1a91ec738fa7ffd0b11313f2e321
853f90b3f3829a8cb42b31b7ba0058aae3127bb5da43174157cdf85073460461
871ed0c82f4e550f206f4e0dcb309d6da8ee57e3a737c842a2c8c51e3ddea034
87fed00c9704c16935288172fc45ce7933df3090a8b98006978950eb0e078939
8a829aa1ce77555b15b678abd75628ff42e96c12eaacfcb940572c38c5250b47
8d2a76cd3cf60a6ee8940913c44befda0930f9f2645084c5e3078e7a0c2a4494
8e0de245c61049a28b1d09f12f2ec0f8bd49dc22d1bf0b10b83957e6a482b03d
8e39d480dce4b8cb98f7a7f679df3f4d4383a234d379834d58ecc89ac9ff01b7
90964c12f526c417ddef74a4c17d48bc712492a9a9e856c2f7a52d518a053376
90e6f92e956b0b2b6e655f63d36cd44cef727f54c2b2a175ab5144de14ba2a31
90f10b5236f465257317834a95e94e0fbdccb9d5f4c433d37d2c97d9bffec96e
91c77f90045e1bc81c2df95782901488eb739da5760dcf0344fb8707826a864a
94666aec361fee9a9294bb32a5bc11867e479d41c199dd6ec8053122ae105a4b
946d49c91f0be02de2248185fd72c788f3f9a5eef93db8459fabf09e05856bc4
95cca80935e8ab3229cf1df03eb77ce29238911e8f708d129acf51e442793308
97d99e04ff8ca9ee3d2831e7a5b92465ac58a908237208af7e4716fbe6bffd8a
9bb4ebc60847e8f711f8633aed4b077ea76a3c4d329ec687e7a1c02be35978ff
9c2fc94345cb107425b4eb959acb88b0086d9fd8b2b3982b95bfa86f36aa0320
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a22c538cafcf9490937689c55f40f26892939515c99dd25cfb33c0e04f748c7f
a23aea465cadef5f04d7982020be48dbfbfe6651df86543ff9465ca6ecfe84c2
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
a3f49cfabebb9462e08ebaf0af5f078392ea48152f6b4a3667a5c6c8b025eda4
a5580f18519ebd4d9a6acc8135532b915d2bb5677a83b8567fc970e4a97b573a
a70c4470df28a5dbf3d51a212d1d12433b7583fd2b3b6502ce714c6726cfc012
a87f4fd815fc95288f2da6efc536c950ef940bd9eb52176fd9e8e56107cc65e2
a912d238126caa2f01c7449e264e756eb395d2e379bd3d71df61351fd6aacefe
a9c2a6ffdcef18f4a7ce28d02bafe9ec525931a4d919b046df52f13ab7a61319
abd2a457215e60ab60b2a6b4f25a17583c5d80e13935f76e097236f729c5dcd6
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ade11d0b14b1cfb98bcc37875b55d09a498a697e24f520eb76701afdd8928223
af3d6b04b51759ab615d9b09b0674cc8087849b09dc857a572af983e9f62c3c4
afc02d5cf160664e3cf76fdf5c8595daff9deab1542c71919592982b055bec5f
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b7696a5ed68d182dd519f5a7aafe54ae14318769855fb363581ebeb39a4d4de8
b7f80ad4e6759fe2fd089ed1a3066a10fbc0d0e740655bdd0ff517234bb79942
b8116dc0be6d3934620bcdf3270de6b37e2e6bba229e7896cdb28ac80c00704e
b8ae015b0b76e15dd9946a1f3a4ce2ed3d7a3cf9420e617bfe34741bc657f9d8
b91788a0c72d3a52027909f2e1df0564ebd582a62dbdec211fe7cc5c491a14ae
b93de7d6f42a7dc726a339610ffe8d21b0aafadf4b2593b05aea0ee3fa3fd248
bf0e17523e8f57ccb02223b6e5adea462a5479afc4e79d9cbf80ca7f6186dc69
bf2d030e40d06be6ebc568ad4a185fe915573fdec86624975d5f9c38eab1ee2d
c18778f6b11083144eddc64bd02f3179e3684d5f3d703330e40647401c268530
c1c7f2f5d3b783bdc442a883c83237abfcbd440426589bdc913dc6f2e53f8c1e
c20164627645916e7eba943b7331e1bb17740beef5a3ce8595d929e256c8ceab
c379e2ec030ae5c8656f91f13391e6772b5501348eb35288c9e920fa768340bf
c3b1db424b9255c7eb1b3d8636cac300d1f5e58014a631c067d012ade7c40bec
c4e2af094917c2b1b85d3679f2ae7ca7ed50f4427cf320ad3dd731807e24dcf8
c62de18fac9ecbc24f12038f397458de2cffc21519b2187d43adc5973fc4533e
c7f2a667648f4b844f77e1db1ab95591280b302d689e67475850e86f16e0f55d
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cacd8e4e72416d39edc5f812f9b2a4ae4f5c4a26eaaeeedd8e364126556f2bbd
cb1acd981299688eee42df64599a5a70eeec536996ee2e4aa2c7c36a55f1e3e4
cbcaf50acbed1b528bc0fd71b6e637a3508fd7365d2dca0590d6a00d31543bd0
cdf4dea20ba12b371d0e4decc6bb3a8beb3f67dbadec461e7e1b90662609240b
ce9196efb3ebaaf596f737ee958a2a4775cd1d63570253a96f6932267325a932
cec149c5d30ed7839696f0191cf5e6fc78b96673612ef4de4ed1fe459644deb8
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d1f66bdf33eb7f40a883d9571db4b219d538bf2216c6af873b5dccfb2054d951
d5bd922af68bb079234e37e3ba38ff2ca4db3ce7e23d8fedc1df46f60d37b915
d910437091c56144051002255f7f254107c53c06e0de38492a4aed56dc293d6c
dd37032266d875714bc2ea4ce6181c64377d139d7dd4564b7bc7426c95179066
de0f5de75752225e3f2f1900b0e1f708d80e83f5b60c3abba34d024c0e18760c
e148e9cbbd9ddc0157f58078b776400881afdda74c05e5b75815c260f38af28b
e16c24eae8d77d18cfc23b569a1b1b4aed66af1df932d8649e30f1c1cd9bde54
e26fdccb214e020f70cf2aede7b77d5dc51854e23b3acbb4bcff0018773a636f
e34b4151f81a537467097e21d56ff8c2079f823bd6127ec700fe307ec2153428
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f985119be2c9729b139fcf3aa07d80607e79922b1fc731355145cbd888ec20
e59bb1c1a8eaa68f2848a1fbddd7c69f2c19ee03889f900c77eefdc69bd443dd
e5e738f2910f19ba4d12a117460379faa49f66661dd5ea7d66347dc21a14ef9e
e798f49c77aaba7132b330342adf1a35ff7dd952473ad329beba9a3d60962c94
e7c3c23dfaa14b5b2ffe097ae827a6d832ec04b8f1b54d7942c74a41dea6438f
eb7d23495a360a0fbbb45c436eb0219fffec389a900e6320ffa40fb1908af591
ec497fbc62eb2beef18d04815a41343513806d866b6a351c213ebcf2d4fe55c7
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ecc5654be8efbcc7918a742c688b5a766e61af569e5f1d1009cafc4d9c9a1338
ed1b380e036de59fea5b588c8b77e3f07988483dc0921b2d37bcbc8d1b1514e9
ed29b9a8658091a5d931c6e65d11783ae4414e1d13e565522202622c319e0dc0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2a2a8eaac8e13cd86da62eaad075df76f1f56baf9e29fa57ab815d92257394
ef3f9b6aa52a911cde65d93f00f1811049e8ca7bc01e5e99a8f3f4d17c1c8bf1
ef4cac106591d884953b17d04478eb863b4f6b94b233a768b0459c803f5360c8
f0063a9280a4551c270f5439383b8e2a739081821777288dfa8c91d7c1da81e6
f0bf583bc1eee6c18b37dc0fccf185f595af80ec6db1be2dc1efc840e0e259d6
f1ebeb0dc171b344a46faf763ce2b3d425dfe22831ebdb3cd7f421993071948b
f2b0112894aebb887551cc82a618f8792c983f5f2b353771e37d6e1af4ce128d
f325b19690fea4c752eef3aa7fcdf5a8a28439de01e29640a71af03e72d2ea84
f3a099c39206a415ff991576f7454ec40908c4e73394af36deae16c3f5d34ff4
fa325cbd2532d75512e0f188e4a76af3d7af8abd891b733fea7ae2bf39aa41c1
fc159f07b81acd720040974f40fd632b00715cf636882b2aace9227d98dd4366
fcdcd258a0e3a1095a4c5edfd147c63f707762e5718adee7e1453d51d031375a
fe7d73f8dca21596a0f2b0f02cf50437153e924573994204f48fe09a89890853
fe8e1aa1d1154caa81c9a86669f899bdd92be36cd2141f7d9ab94e2b53a09d5c
ff90b55df39d73a961ce8eaed2359b99f06ae460e39b9e558af6a595abf1562e

www.pluspremieres.ch Open in urlscan Pro 2606:4700:30::681f:5f35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

226 Requests

100 %HTTPS

42 %IPv6

45 Domains

62 Subdomains

49 IPs

10 Countries

5288 kBTransfer

9097 kBSize

1 Cookies

22 Outgoing links

Page URL History

Redirected requests

226 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pluspremieres.ch Open in urlscan Pro
2606:4700:30::681f:5f35 Public Scan

Screenshot
Live screenshot

Full Image

226
Requests

100 %
HTTPS

42 %
IPv6

45
Domains

62
Subdomains

49
IPs

10
Countries

5288 kB
Transfer

9097 kB
Size

1
Cookies

226 HTTP transactions
3 data transactions