ch.fidanto.com Open in urlscan Pro
34.142.63.26 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Submission: On March 15 via manual (March 15th 2023, 10:37:32 pm UTC) from US — Scanned from GB

Summary HTTP 73 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 12 domains to perform 73 HTTP transactions. The main IP is 34.142.63.26, located in London, United Kingdom and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is ch.fidanto.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 8th 2022. Valid for: a year.

This is the only time ch.fidanto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	34.142.63.26 34.142.63.26	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
9	95.211.66.34 95.211.66.34	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	13.225.31.77 13.225.31.77	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	52.222.247.205 52.222.247.205	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
73	19

16 34.142.63.26 (London, United Kingdom)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: mail-eu.fidanto.com

ch.fidanto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

s.clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 95.211.66.34 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.31.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-31-77.cdg3.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.247.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-247-205.fra60.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

11077ec82b710058626374cb55b75b30.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1985 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68	110 KB
16	fidanto.com ch.fidanto.com	364 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134 11077ec82b710058626374cb55b75b30.safeframe.googlesyndication.com	208 KB
10	clickiocdn.com s.clickiocdn.com — Cisco Umbrella Rank: 45527 clickiocdn.com — Cisco Umbrella Rank: 36487	168 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188	145 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 283 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 471	59 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	914 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8720	531 B
1	google.ca adservice.google.ca — Cisco Umbrella Rank: 13100	531 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	27 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2388	253 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	81 KB
73	12

	Domain	Requested by
16	ch.fidanto.com	ch.fidanto.com
14	fundingchoicesmessages.google.com	ch.fidanto.com
9	clickiocdn.com	s.clickiocdn.com
7	pagead2.googlesyndication.com	ch.fidanto.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	s.clickiocdn.com c.amazon-adsystem.com
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	partner.googleadservices.com	www.google.com pagead2.googlesyndication.com
2	www.google.com	ch.fidanto.com tpc.googlesyndication.com
1	11077ec82b710058626374cb55b75b30.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	adservice.google.ca	pagead2.googlesyndication.com
1	www.googletagservices.com	s.clickiocdn.com
1	region1.google-analytics.com	www.googletagmanager.com
1	s.clickiocdn.com	ch.fidanto.com
1	www.googletagmanager.com	ch.fidanto.com
73	19

This site contains links to these domains. Also see Links.

Domain
fidanto.com
www.facebook.com
www.linkedin.com
clickio.com

Subject Issuer	Validity	Valid
*.fidanto.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-08` - `2023-08-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
s.clickiocdn.com R3	`2023-01-22` - `2023-04-22`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
adlmerge.com R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.google.ca GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Frame ID: 6487D3A8ADDFC74150539F89D87A2987
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20190131/zrt_lookup.html
Frame ID: A403FE3E8E4936E49ABBBBD65BECA6F2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0395552592979143&output=html&adk=1812271804&adf=3025194257&lmt=1678919848&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fch.fidanto.com%2Farbeitsplatze%2Fstellenangebote%2Fmar-2023%2Fbaufuhrerin-technische-leiterin-80100-wm-in-bern-951832374&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678919848050&bpp=5&bdt=372&idt=322&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8394675603344&frm=20&pv=2&ga_vid=2113481275.1678919848&ga_sid=1678919848&ga_hid=1662156530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31071756%2C31072953%2C44774292&oid=2&pvsid=4178492500422697&tmod=745456525&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=343
Frame ID: CB591A5F92431F85821D72995E077446
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0395552592979143&output=html&h=280&slotname=6420452047&adk=304266974&adf=4106258812&pi=t.ma~as.6420452047&w=413&fwrn=4&fwrnh=100&lmt=1678919848&rafmt=1&format=413x280&url=https%3A%2F%2Fch.fidanto.com%2Farbeitsplatze%2Fstellenangebote%2Fmar-2023%2Fbaufuhrerin-technische-leiterin-80100-wm-in-bern-951832374&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678919848055&bpp=2&bdt=376&idt=345&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8394675603344&frm=20&pv=1&ga_vid=2113481275.1678919848&ga_sid=1678919848&ga_hid=1662156530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=156&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31071756%2C31072953%2C44774292&oid=2&pvsid=4178492500422697&tmod=745456525&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IYSW85mNuJ&p=https%3A//ch.fidanto.com&dtd=351
Frame ID: CBBB6D47347ACE6572794F6BE8F895CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0395552592979143&output=html&h=280&slotname=8998475933&adk=916995485&adf=175616407&pi=t.ma~as.8998475933&w=817&fwrn=4&fwrnh=100&lmt=1678919848&rafmt=1&format=817x280&url=https%3A%2F%2Fch.fidanto.com%2Farbeitsplatze%2Fstellenangebote%2Fmar-2023%2Fbaufuhrerin-technische-leiterin-80100-wm-in-bern-951832374&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678919848057&bpp=1&bdt=378&idt=362&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C413x280&nras=1&correlator=8394675603344&frm=20&pv=1&ga_vid=2113481275.1678919848&ga_sid=1678919848&ga_hid=1662156530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31071756%2C31072953%2C44774292&oid=2&pvsid=4178492500422697&tmod=745456525&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1JSQqyvOGx&p=https%3A//ch.fidanto.com&dtd=366
Frame ID: 84C1BD04316F8A59F85F65103F1DCA77
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A6AAAA5D6824A10802F2D25B0C25DD43
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 557BE88D6EA9341F46858E71A7117339
Requests: 2 HTTP requests in this frame

Frame: https://11077ec82b710058626374cb55b75b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EB816357594D418AC2B251E04B438088
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Manpower - BauführerIn / technische LeiterIn 80–100% (w/m) in Bern

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

73
Requests

100 %
HTTPS

72 %
IPv6

12
Domains

19
Subdomains

19
IPs

4
Countries

1165 kB
Transfer

2988 kB
Size

7
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://fidanto.com/avisos/terms-use.php
Title: Nutzungsbedingungen

Search URL Search Domain Scan URL

URL: https://fidanto.com/avisos/privacy-policy.php
Title: Datenschutzrichtlinien

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fidantoads

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/64676341/admin/

Search URL Search Domain Scan URL

URL: https://clickio.com/?utm_source=ch.fidanto.com&utm_medium=banner_ad&utm_campaign=hor_sticky_desktop_ch.fidanto.com
Title: Ads by

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374 Show response
ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/ 107 KB
23 KB 203ms
71ms Document
text/html 34.142.63.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.142.63.26 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: mail-eu.fidanto.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 24a2bf35c3d7dab503c10c619d5849384772e5f935115e75530d1347b84e737d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-length: 23325
content-type: text/html; charset=UTF-8
date: Wed, 15 Mar 2023 22:37:27 GMT
server: Apache/2.4.52 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
81 KB 186ms
71ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XBG0V08G1N

Requested by

Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

645f2b6e237d2a8227136139f4b40b50a0867e96352c4254b3294fd302d8b8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82973
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 Mar 2023 22:37:27 GMT

GET
H2 200 bootstrap.min.css
ch.fidanto.com/libraries/bootstrap-5.2.2-dist/css/ 190 KB
27 KB 62ms
62ms Stylesheet
text/css 34.142.63.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ch.fidanto.com/libraries/bootstrap-5.2.2-dist/css/bootstrap.min.css
Requested by: Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.142.63.26 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: mail-eu.fidanto.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 20:31:17 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "2f955-5ee8dc0dc0f40-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27518
expires: Fri, 14 Apr 2023 22:37:27 GMT

GET
H2 200 custom.css
ch.fidanto.com/resources/ 3 KB
1 KB 68ms
67ms Stylesheet
text/css 34.142.63.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ch.fidanto.com/resources/custom.css?v=1678919847
Requested by: Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.142.63.26 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: mail-eu.fidanto.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: fa16b5d9d99736d81797ec7acb624eed8578e6bee226a21782df186db08e9562

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
content-encoding: gzip
last-modified: Tue, 31 Jan 2023 19:04:08 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "c20-5f393ff07da00-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1175
expires: Fri, 14 Apr 2023 22:37:27 GMT

GET
H2 200 pub-0395552592979143 Show response
fundingchoicesmessages.google.com/b/ 10 KB
6 KB 193ms
70ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/b/pub-0395552592979143

Requested by

Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aabba2532b07741f633d4af2996d99d9ee04905cb5192760f6536af1c36a1bc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ObyFSbrtrpyAjkwduDpX-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ObyFSbrtrpyAjkwduDpX-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads.js Show response
www.google.com/adsense/search/ 140 KB
52 KB 190ms
69ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/search/ads.js

Requested by

Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cee20fd2a5e2f86f36423ce75f6070e825e28f798b0dc979a70f396c7893d9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "4112427034919293123"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
expires: Wed, 15 Mar 2023 22:37:27 GMT

GET
H2 200 fidanto_logo.webp
ch.fidanto.com/resources/images/ 3 KB
3 KB 68ms
67ms Image
image/webp 34.142.63.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch.fidanto.com/resources/images/fidanto_logo.webp
Requested by: Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.142.63.26 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: mail-eu.fidanto.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 39ff1da361a42b3d750b4de7b8b288f374bef957a84f46dafdccd07e5da14234

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
last-modified: Sat, 17 Dec 2022 01:37:18 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "da6-5effc2075806c"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3494
expires: Fri, 14 Apr 2023 22:37:27 GMT

GET
H2 200 logo100x100.png
ch.fidanto.com/resources/images/ 5 KB
5 KB 67ms
66ms Image
image/png 34.142.63.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch.fidanto.com/resources/images/logo100x100.png
Requested by: Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.142.63.26 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: mail-eu.fidanto.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 35dce9895c456bea83be2fb985a9baa444b975a71bce58d0887b7bafeac8710a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
last-modified: Sat, 17 Dec 2022 01:37:18 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "13a2-5effc206989a8"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5026
expires: Fri, 14 Apr 2023 22:37:27 GMT

GET
H2 200 icon_facebook.webp
ch.fidanto.com/resources/images/ 422 B
493 B 67ms
66ms Image
image/webp 34.142.63.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch.fidanto.com/resources/images/icon_facebook.webp
Requested by: Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.142.63.26 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: mail-eu.fidanto.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: ed93bb876b8d90637836406cfd761d8c6e656a1bbb70eccd83c81a0332dc64da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
last-modified: Sat, 17 Dec 2022 01:37:17 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "1a6-5effc20634025"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 422
expires: Fri, 14 Apr 2023 22:37:27 GMT

GET
H2 200 icon_twitter.webp
ch.fidanto.com/resources/images/ 266 B
338 B 66ms
65ms Image
image/webp 34.142.63.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch.fidanto.com/resources/images/icon_twitter.webp
Requested by: Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.142.63.26 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: mail-eu.fidanto.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 1bffa4ca3450e2252481e59d9f5f8102be677c71bf34391bfd53dd146d88774a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
last-modified: Sat, 17 Dec 2022 01:37:19 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "10a-5effc2079a703"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 266
expires: Fri, 14 Apr 2023 22:37:27 GMT

GET
H2 200 icon_linkedin.webp
ch.fidanto.com/resources/images/ 200 B
270 B 66ms
65ms Image
image/webp 34.142.63.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch.fidanto.com/resources/images/icon_linkedin.webp
Requested by: Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.142.63.26 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: mail-eu.fidanto.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 67925ae4c202198a2210e24bb163a9a536f335b30212d96be2bf10aa276dbe29

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
last-modified: Sat, 17 Dec 2022 01:37:18 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "c8-5effc2072c13c"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 200
expires: Fri, 14 Apr 2023 22:37:27 GMT

GET
H2 200 user.webp
ch.fidanto.com/resources/images/ 354 B
426 B 56ms
56ms Image
image/webp 34.142.63.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch.fidanto.com/resources/images/user.webp
Requested by: Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.142.63.26 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: mail-eu.fidanto.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 4c39747cab4943179d2d9bcdf41e50df3e2df7bab112bbd70a8723a97c84a707

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
last-modified: Sat, 17 Dec 2022 01:37:16 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "162-5effc20581486"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 354
expires: Fri, 14 Apr 2023 22:37:27 GMT

GET
H2 200 facebook-footer.webp
ch.fidanto.com/resources/images/ 100 B
147 B 78ms
77ms Image
image/webp 34.142.63.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch.fidanto.com/resources/images/facebook-footer.webp
Requested by: Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.142.63.26 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: mail-eu.fidanto.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 8e0026163657cecc9718ff4a1e925a4d44f15f791013efbcc30a4e30b8c4ae3d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
last-modified: Sat, 17 Dec 2022 01:37:17 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "64-5effc2058ef4b"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 100
expires: Fri, 14 Apr 2023 22:37:27 GMT

GET
H2 200 linkedin-footer.webp
ch.fidanto.com/resources/images/ 152 B
199 B 78ms
77ms Image
image/webp 34.142.63.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch.fidanto.com/resources/images/linkedin-footer.webp
Requested by: Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.142.63.26 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: mail-eu.fidanto.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 72996357cf647d3e794d1c71ef61e68353ac0b1c1f29d20c4e237b4fea770200

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
last-modified: Sat, 17 Dec 2022 01:37:17 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "98-5effc205efa4d"
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 152
expires: Fri, 14 Apr 2023 22:37:27 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 209ms
82ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0395552592979143

Requested by

Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f223e99e1685905fb8a4502d9d72c4870b24a568fef1c7dd51aeeee7fd6032f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ch.fidanto.com/
Origin: https://ch.fidanto.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48561
x-xss-protection: 0
server: cafe
etag: 13180854925194589025
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:37:27 GMT

GET
H2 200 360_light.js Show response
s.clickiocdn.com/t/227250/ 441 KB
167 KB 224ms
49ms Script
application/javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clickiocdn.com/t/227250/360_light.js
Requested by: Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 7513e90bb4f62623e0ab1b647bd50483bcdc772faa3e7c628b1fd9f85a85ec98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
content-encoding: gzip
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
iseu: eu
cache-control: max-age=300
expires: Wed, 15 Mar 2023 22:42:27 GMT

GET
H2 200 pub-0395552592979143 Show response
fundingchoicesmessages.google.com/i/ 126 KB
43 KB 201ms
93ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/pub-0395552592979143?ers=1

Requested by

Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8febcb6d069d5a22f5bf9dfd271faedead308d9c118bbc71d0fb85fdfba2fa62

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GK-HT7Lug4xn4HJwuCNznA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-GK-HT7Lug4xn4HJwuCNznA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingWebSwitchboardHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 custom.js Show response
ch.fidanto.com/resources/ 27 KB
6 KB 62ms
62ms Script
text/javascript 34.142.63.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ch.fidanto.com/resources/custom.js?v=1678919847
Requested by: Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.142.63.26 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: mail-eu.fidanto.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 7d244994fc1ca485493697e19e0080de940283e457cfbbf094180848bb5f42a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
content-encoding: gzip
last-modified: Wed, 15 Mar 2023 10:44:55 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "6b6c-5f6ee08dea761-gzip"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6019
expires: Fri, 14 Apr 2023 22:37:27 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
ch.fidanto.com/libraries/bootstrap-5.2.2-dist/js/ 79 KB
23 KB 63ms
63ms Script
text/javascript 34.142.63.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ch.fidanto.com/libraries/bootstrap-5.2.2-dist/js/bootstrap.bundle.min.js
Requested by: Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.142.63.26 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: mail-eu.fidanto.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: c4b2394a30fa0e4a23c6b308541353e20872a6fd765ed8fb70e6b402029deb00

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 20:31:27 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "13a70-5ee8dc174a5c0-gzip"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23324
expires: Fri, 14 Apr 2023 22:37:27 GMT

GET
H2 200 job-detail.js Show response
ch.fidanto.com/resources/ 7 KB
2 KB 58ms
58ms Script
text/javascript 34.142.63.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ch.fidanto.com/resources/job-detail.js?time=1678919847
Requested by: Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.142.63.26 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: mail-eu.fidanto.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: b8210134300377e56db7b3eb509bce67c45a0baab92c396b47b246d7232d92ae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
content-encoding: gzip
last-modified: Wed, 15 Mar 2023 22:08:33 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "1a8c-5f6f795bb7a40-gzip"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1771
expires: Fri, 14 Apr 2023 22:37:27 GMT

GET
H2 200 Nunito-VariableFont_wght.ttf
ch.fidanto.com/resources/fonts/Nunito/ 269 KB
271 KB 56ms
56ms Font
font/ttf 34.142.63.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ch.fidanto.com/resources/fonts/Nunito/Nunito-VariableFont_wght.ttf
Requested by: Host: ch.fidanto.com
URL: https://ch.fidanto.com/resources/custom.css?v=1678919847
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.142.63.26 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: mail-eu.fidanto.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: a51464dfe4b8e7a768c8e14bbfdd8dbbd20d403970827a5bfd4eed5ecf79b297

Request headers

Referer: https://ch.fidanto.com/resources/custom.css?v=1678919847
Origin: https://ch.fidanto.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:27 GMT
last-modified: Sat, 17 Dec 2022 01:37:16 GMT
server: Apache/2.4.52 (Ubuntu)
etag: "434bc-5effc204c1dc3"
content-type: font/ttf
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 275644
expires: Fri, 14 Apr 2023 22:37:27 GMT

GET
DATA 200
OK truncated
/ 281 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 949aeae32555f7b3778cc85d65c4bf7b0135edd78f70bfb791efe6932276337d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 AGSKWxX-aTuiuIvyaIUaoftnaMZ2865hg2K1a4ThpH8-klH1QEa1Ed3Rv6trC4IcOnC6011glvV8bz30GJBficn06Va4hg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 176ms
67ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX-aTuiuIvyaIUaoftnaMZ2865hg2K1a4ThpH8-klH1QEa1Ed3Rv6trC4IcOnC6011glvV8bz30GJBficn06Va4hg==

Requested by

Host: ch.fidanto.com
URL: https://ch.fidanto.com/arbeitsplatze/stellenangebote/mar-2023/baufuhrerin-technische-leiterin-80100-wm-in-bern-951832374

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aujLpKH4Bro91vgWw5TxzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:28 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-aujLpKH4Bro91vgWw5TxzQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ch.fidanto.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 185ms
64ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XBG0V08G1N&gtm=45je33d0&_p=1662156530&cid=2113481275.1678919848&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678919848&sct=1&seg=0&dl=https%3A%2F%2Fch.fidanto.com%2Farbeitsplatze%2Fstellenangebote%2Fmar-2023%2Fbaufuhrerin-technische-leiterin-80100-wm-in-bern-951832374&dt=Manpower%20-%20Bauf%C3%BChrerIn%20%2F%20technische%20LeiterIn%2080%E2%80%93100%25%20(w%2Fm)%20in%20Bern&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XBG0V08G1N
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 22:37:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ch.fidanto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 362 B
591 B 244ms
65ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ch.fidanto.com&client=partner-pub-0395552592979143&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/search/ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5b2f82490f24578dd392267b2b8a159baf146e93128d07d3f66f52263e60218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 240
x-xss-protection: 0

GET
H2 200 AGSKWxW1GgyF1ryzTW9GvMm_8CbNcoDWk8AKruoxscLmMPN9atTjg9mBy5HC5COxb4og4K-9GhV_p3rtrSxtJMlPdl8= Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 96ms
96ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW1GgyF1ryzTW9GvMm_8CbNcoDWk8AKruoxscLmMPN9atTjg9mBy5HC5COxb4og4K-9GhV_p3rtrSxtJMlPdl8=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc4OTE5ODQ4LDM2MDAwMDAwXSwiQUU3OTM4RUMtMTUyNC00REFCLUE5MDEtRDkyRjlDNkE5QUZCIixudWxsLG51bGwsW251bGwsWzddLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCx0cnVlLHRydWVdLCJodHRwczovL2NoLmZpZGFudG8uY29tL2FyYmVpdHNwbGF0emUvc3RlbGxlbmFuZ2Vib3RlL21hci0yMDIzL2JhdWZ1aHJlcmluLXRlY2huaXNjaGUtbGVpdGVyaW4tODAxMDAtd20taW4tYmVybi05NTE4MzIzNzQiLG51bGwsW1s4LCJpM2xaUUNtZTR4OCJdLFs5LCJlbi1HQiJdLFsxNiwiW3RydWUsdHJ1ZSx0cnVlXSJdLFsxNywiW2ZhbHNlXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.i3lZQCme4x8.es5.O/d=1/rs=AJlcJMzVsfZj4_82BkKsGeXqHADpMjA9TA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fcc55a7337cb59740ca8f1634ff3ba3bd9f7f81bda1cd98c2cd39e0109df5b60

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9NQEGXV9d1qukW5q4L-Iag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-9NQEGXV9d1qukW5q4L-Iag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/ 365 KB
121 KB 197ms
88ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0395552592979143

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7c13db18e003c4573e82b1e2a419a34ecb921ebe873cddc81aad7c53770c5f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123388
x-xss-protection: 0
server: cafe
etag: 1396169980412954168
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:37:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230313/r20190131/ Frame A403 10 KB
5 KB 174ms
53ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230313/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-0395552592979143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ch.fidanto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 4794
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 21:17:34 GMT
etag: 2378337311435320485
expires: Wed, 29 Mar 2023 21:17:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 193ms
64ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/227250/360_light.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e10bc86eb0589ef26eb47d966ad7b9caa85b7eb5ace3bb013ebf2ed2cbd75f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27375
x-xss-protection: 0
server: sffe
etag: "1512 / 36 of 1000 / last-modified: 1678918158"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Mar 2023 22:37:28 GMT

GET
H2 200 / Show response
clickiocdn.com/hbadx/ 46 B
175 B 169ms
52ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/hbadx/?ex=1&f=__lxG__.tmp.pol_07mrth0i0w2o82c9&rt=984812826&site_id=227250&title=Manpower%20-%20Bauf%C3%BChrerIn%20%2F%20technische%20LeiterIn%2080%E2%80%93100%25%20(w%2Fm)%20in%20Bern&l=https%3A%2F%2Fch.fidanto.com%2Farbeitsplatze%2Fstellenangebote%2Fmar-2023%2Fbaufuhrerin-technische-leiterin-80100-wm-in-bern-951832374
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/227250/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ba1b3510f13b486e138ab1215ac4334a9da5e06584e69136a219317c54ab70d5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:28 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 222 KB
55 KB 196ms
56ms Script
application/javascript 13.225.31.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/227250/360_light.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.31.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-31-77.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e2d56cece389641b16dea99088a149ade31ad4dd2a3864f501c729dac4543e0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:19:40 GMT
content-encoding: gzip
via: 1.1 9503482155e233e99173b53da4a996fe.cloudfront.net (CloudFront), 1.1 85d2219c335742c82e7bf84433bc3256.cloudfront.net (CloudFront)
last-modified: Wed, 15 Mar 2023 20:24:51 GMT
server: AmazonS3
x-amz-cf-pop: LHR62-C4, CDG3-C2
age: 1069
x-amz-server-side-encryption: AES256
etag: W/"a7e0149ce78dcfe46a1b0656ebdcc903"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: S8jCXnUg-NDY1k-KAKst3t4HNfMqRK2VQxMWzpmRVZ8bO9gZWMaYLQ==

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
210 B 128ms
52ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=0&ses_id=kycq07xyogqxldq984812194&area_id=702091&type=base&f=__lxG__.tmp.rot_ln9x63lbdst1vf0b&rt=984815284
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/227250/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: fe226c87aaa92b3dd532d54d0baf16df33b68924a8dd47e8458ab6f3be2b0fc4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:28 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
209 B 127ms
51ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=1&ses_id=kycq07xyogqxldq984812194&area_id=702415&type=dfp&f=__lxG__.tmp.rot_ln9x63lbdst1vf0b&rt=984815249
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/227250/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 2cd0a4887dc265775f7b8f9ce799efea02df493104d659c6b213c694f7fb0eb9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:28 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
323 B 66ms
66ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ch.fidanto.com&callback=_gfp_s_&client=ca-pub-0395552592979143

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f31a961b8ca02898863723f115e7669100411be1a9e10c0a3e1926a39154cc26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
531 B 201ms
65ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=ch.fidanto.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 186ms
64ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ch.fidanto.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CB59 10 KB
5 KB 228ms
227ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0395552592979143&output=html&adk=1812271804&adf=3025194257&lmt=1678919848&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fch.fidanto.com%2Farbeitsplatze%2Fstellenangebote%2Fmar-2023%2Fbaufuhrerin-technische-leiterin-80100-wm-in-bern-951832374&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678919848050&bpp=5&bdt=372&idt=322&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8394675603344&frm=20&pv=2&ga_vid=2113481275.1678919848&ga_sid=1678919848&ga_hid=1662156530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31071756%2C31072953%2C44774292&oid=2&pvsid=4178492500422697&tmod=745456525&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=343

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa7e0cd9a7abec1001743525cb14d0509fa9af3904c1f64ba17c9dd20c1abe14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ch.fidanto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4567
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 22:37:28 GMT
expires: Wed, 15 Mar 2023 22:37:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CBBB 436 B
377 B 321ms
321ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0395552592979143&output=html&h=280&slotname=6420452047&adk=304266974&adf=4106258812&pi=t.ma~as.6420452047&w=413&fwrn=4&fwrnh=100&lmt=1678919848&rafmt=1&format=413x280&url=https%3A%2F%2Fch.fidanto.com%2Farbeitsplatze%2Fstellenangebote%2Fmar-2023%2Fbaufuhrerin-technische-leiterin-80100-wm-in-bern-951832374&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678919848055&bpp=2&bdt=376&idt=345&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8394675603344&frm=20&pv=1&ga_vid=2113481275.1678919848&ga_sid=1678919848&ga_hid=1662156530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=156&ady=366&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31071756%2C31072953%2C44774292&oid=2&pvsid=4178492500422697&tmod=745456525&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IYSW85mNuJ&p=https%3A//ch.fidanto.com&dtd=351

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

265d8f48c291907c63d7a0c25641638f64e405e0f03cc3e59b5976006bb5c24e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ch.fidanto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 22:37:28 GMT
expires: Wed, 15 Mar 2023 22:37:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_2023030901.js Show response
securepubads.g.doubleclick.net/gpt/ 395 KB
134 KB 208ms
56ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2940fc3e4be1c44c42429926fd8144235bee8fde8e590386bc0b8900482b82d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:32:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136293
x-xss-protection: 0
last-modified: Thu, 09 Mar 2023 09:39:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Mar 2024 18:32:03 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 111 B
620 B 209ms
64ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ch.fidanto.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c721a466fc8bc97cf6db3fdac71584d63642bdf7de485c69815e64b25439d6eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
x-xss-protection: 0
expires: Wed, 15 Mar 2023 22:37:28 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 84C1 436 B
380 B 303ms
302ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0395552592979143&output=html&h=280&slotname=8998475933&adk=916995485&adf=175616407&pi=t.ma~as.8998475933&w=817&fwrn=4&fwrnh=100&lmt=1678919848&rafmt=1&format=817x280&url=https%3A%2F%2Fch.fidanto.com%2Farbeitsplatze%2Fstellenangebote%2Fmar-2023%2Fbaufuhrerin-technische-leiterin-80100-wm-in-bern-951832374&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678919848057&bpp=1&bdt=378&idt=362&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C413x280&nras=1&correlator=8394675603344&frm=20&pv=1&ga_vid=2113481275.1678919848&ga_sid=1678919848&ga_hid=1662156530&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=610&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44777876%2C44759837%2C31071756%2C31072953%2C44774292&oid=2&pvsid=4178492500422697&tmod=745456525&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=1JSQqyvOGx&p=https%3A//ch.fidanto.com&dtd=366

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4548fb79ae67af4420e8da68f80c8973eccc7b49f167260b43e2ead39c6ca6df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ch.fidanto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 22:37:28 GMT
expires: Wed, 15 Mar 2023 22:37:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
308 B 63ms
62ms XHR
text/plain 13.225.31.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fch.fidanto.com&pubid=04013c9e-1356-42d0-86b7-40a716af3f50
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.31.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-31-77.cdg3.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 21:47:16 GMT
via: 1.1 85d2219c335742c82e7bf84433bc3256.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG3-C2
age: 3012
x-cache: Hit from cloudfront
access-control-allow-origin: https://ch.fidanto.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: KxHIhhX1XeI6TMNheveQwOjZAK2iu7mpWpcxke2NEmXFUQ0cYm42pg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 157ms
53ms XHR
application/javascript 13.225.31.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.31.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-31-77.cdg3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 06:21:25 GMT
x-amz-version-id: XEGmc9MeWOPeqjC.bMBvPzs7I4WH7xPz
content-encoding: gzip
via: 1.1 0b0cf39231f2e8a928723d3a28df13cc.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG3-C2
age: 58564
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 03 Mar 2023 23:20:46 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: yBXnPrj1X_gqn20kvDCDKWFUOKnAqrrNVfW6aoUVxp2zHO3uYdTWsg==

POST
H2 200 profileMessages.php Show response
ch.fidanto.com/api/ 47 B
115 B 57ms
57ms Fetch
application/json 34.142.63.26
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ch.fidanto.com/api/profileMessages.php
Requested by: Host: ch.fidanto.com
URL: https://ch.fidanto.com/resources/custom.js?v=1678919847
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.142.63.26 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: mail-eu.fidanto.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: 756b3ff75bbd23541534b5ab0922e5ca8116574b1f030ea410e097a3b4863f52

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

content-type: application/json; charset=utf-8
date: Wed, 15 Mar 2023 22:37:28 GMT
server: Apache/2.4.52 (Ubuntu)

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 74ms
73ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230313&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

303232489ecefb0409266262349dd6b4f2afae412bb6a8eb970d771eb4c00da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11237
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 187ms
65ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 22:37:29 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A6AA 13 KB
5 KB 55ms
53ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ch.fidanto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2185
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 22:01:04 GMT
expires: Thu, 14 Mar 2024 22:01:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 557B 783 B
957 B 96ms
96ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

22c04ff48a8428b045facfe740621b50f02a96009bec66f5eceb9217788f2cec

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xCXJJD20jSlG8-dpimYVuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ch.fidanto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-xCXJJD20jSlG8-dpimYVuw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 22:37:29 GMT
expires: Wed, 15 Mar 2023 22:37:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js Show response
pagead2.googlesyndication.com/bg/ Frame A6AA 36 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9DoG2UqGQ_hj5gfOHn4oyjEZInin2z3VqHqE5UOquhE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 13:23:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14304
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 13:23:59 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
69 B 73ms
72ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=0.18127396308916888

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L9oBpWuBd8DvSu09eiE2SQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-L9oBpWuBd8DvSu09eiE2SQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorServingDetectionHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorServingDetectionHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingDetectionHttp/external"}]}
content-type: image/gif
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 110ms
110ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.16756169369620166

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2CylymWJhX7l6Z5h5uXFEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-2CylymWJhX7l6Z5h5uXFEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 557B 0
0 88ms
87ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230313&jk=4178492500422697&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A6AA 0
10 B 57ms
56ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uNy4hQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 AGSKWxUp3CJd5KVMj0C1KS2HewQuOnuJ5TUNqtQ72EI2DB9JPKe9hp9bZ3vgjbJqIxpQpWWO87zbclmHMShNDRSblsr1ZmLcNK3CKFJMN5EdAFvkVoNWZjPaJ8LUwkDRrzD9EUDrTVhkUA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 68ms
68ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUp3CJd5KVMj0C1KS2HewQuOnuJ5TUNqtQ72EI2DB9JPKe9hp9bZ3vgjbJqIxpQpWWO87zbclmHMShNDRSblsr1ZmLcNK3CKFJMN5EdAFvkVoNWZjPaJ8LUwkDRrzD9EUDrTVhkUA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_kF2eY5_bC_qBNBcakt2zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ch.fidanto.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Mar 2023 22:37:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_kF2eY5_bC_qBNBcakt2zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ch.fidanto.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
clickiocdn.com/utr/logst_st/c2lkPX4yMjcyNTAmYWN0PTM2MGx+Y21ufnNfY2RuXzEmdXJsPX5jaC5maWRhbnRvLmNvbSZ2Y250PTMmX2Y9X19seEdfXy50bXAubG9nc3RfdG43cDB4eHMza25uemFxOA/ 38 B
206 B 51ms
50ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_st/c2lkPX4yMjcyNTAmYWN0PTM2MGx+Y21ufnNfY2RuXzEmdXJsPX5jaC5maWRhbnRvLmNvbSZ2Y250PTMmX2Y9X19seEdfXy50bXAubG9nc3RfdG43cDB4eHMza25uemFxOA/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/227250/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 6a0d547d5aa68f7daadf36ede5bde7e5193e9b2a519e947821b7be326638bd54

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Mar 2023 22:37:29 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD03MDIwODh+NzA0Mzk1fjcxMDUyN343MTA1MjZ+NzEwNTI1fjcwMzEzNH43MDMxMzN+Njk3OTA1fjY5NzkwNH42OTc5MTF+Njk3OTA5fjY5NzkxMH42OTc5MDh+NzAyMDkxfjcwMjQxNX4tfjY5Nzg5OH42OTc4OTZ+N... 38 B
206 B 52ms
51ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD03MDIwODh+NzA0Mzk1fjcxMDUyN343MTA1MjZ+NzEwNTI1fjcwMzEzNH43MDMxMzN+Njk3OTA1fjY5NzkwNH42OTc5MTF+Njk3OTA5fjY5NzkxMH42OTc5MDh+NzAyMDkxfjcwMjQxNX4tfjY5Nzg5OH42OTc4OTZ+Njk3OTAwfjY5NzkwNn43MDI0MTV+LX43MDIwOTF+NzAyNDE1JnNzaWQ9fjEmYWN0PWRldl90YXJnX3JlbX4tfi1+LX4tfi1+LX4tfi1+LX4tfi1+LX5mbmRfb25fcGd+aHNfY2Jfc2h3fnJ0cl92YXJfY2hzbn4tfi1+LX4tfnJ0cl92YXJfaW5zdGFsbH5zbG90X2luX3BnfnRnbF9zXzB+dGdsX3NfMV9kZnAmcGx0Zj1+MCZ1cmw9fmNoLmZpZGFudG8uY29tJnZjbnQ9MjQmX2Y9X19seEdfXy50bXAubG9nc3RfenB6ZWdtb2ZxODBtN2RibA/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/227250/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 7093b09dc9ce5bbc1adf7e4cbbe1df2073d0ec34064d85f9be1391254ec1e7c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Mar 2023 22:37:29 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
91ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230313&jk=4178492500422697&bg=!xsWlxZHNAAZKh9k7aoc7ADkAdvg8Wu6m1QAH6yLzgWwM1eZ9QIa0ssmX8qkLgp1mRTqX_JmKsmhj9UAa-BQ4VcyypX6ObYWWYxcCAAAATlIAAAAIaAEHCgAaoidYt_J6BIKinGXiRNFpUW3ZbTyjNikn7ZWZAq7N4nE4lg0E1RMXLA6isKzd3Xz8l7be__sIOUtBSGzjbtD2q_IjcoJXzLUeNFAKOQAeEmotVn6BTzP1RiE8hIv4Z9UesmsaOfun2NH2JIh5X9dGn-x5GGO1zvpmLlcjlmMZBBwQfiOJnTIdYDz2nvdkCYjzW9tMSVBcUhJGETG1He1nif5QfhRfcGSACTrcLmLZysG4E8iPrgYWzjL4q77Li-RqJPI3lcH9oxRvzNP7aNqlLJujRh56bUhltS1PbEZ86HVXqTM13taxqI6FwOTSuB4Icdu-yH3acCxxTYg4wQKMqui6GCmzoD7FmX1gv2iCYrnszu4IRql8kWPYy2nQs6Xp7mnYkA6Xc1-1w9Qi5isIkxwR-Vc9irbx9GPS6o7pRhioD9w2M3_Hh1tiAblHydcpZMgcWu2gI3QMvQrJiVWohs3POuB5w__wanPquBSWpkIP7LXAtTt0JS8_XTAxZuz22mJgkB4vgpADVTzr9pr4Vvfa80bis_uFwWq3FXty0DUQz-2K_4dcLKjevZ1x3_QdP6tg_aOe0xooIVqmFE3XTr-i_iwAKB64OaVcP0o9KPRQ0e4yGDYnSgoB2GAyqrzvJ-igyFb50UMcl5cO6ssO-Ing7JDtIRhf5hBR9NuW_kRH-J8Lp5NWxuz5lECBUrCvhSpIJ9TVxAPpMoZcx9dVT1llbe3CMzGk8U7DCgsqZ4kDwM4tumiZ0DqDKE1AzTY_4Dv0IgQ7ITEZndtMoM1eLMH3UDnh-9z1VyK2MLpfnPVdPc3IFjkpnV1jxWHZNL8lxW-GBR3EAP-2h6CWsrmocFgSNnAPyMmbMpJDnmVOGg5UAwSC8IHo3P_rqYcbO1rOnR4osMZMhaMbCIbC9lZaqPp0jFdggoRjMDtZTiSHlliwClVgNuq2Wtajhg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 adv Show response
fundingchoicesmessages.google.com/f/AGSKWxVCoL5igZV3jo8vmZG0mpfNQj6AQioxzoOakx-B7boIGEtJDGQ3QIlzKyKApuR2OtBDHUL6bAkO9PBc9Z3PU1LpJ2YIaZ3fcSmO-ptuWrxAFIaAoyh1Npi_1tac9NN-AJd78YuU28iqzdxdGZRRByzVbUhEy... 54 B
109 B 74ms
73ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVCoL5igZV3jo8vmZG0mpfNQj6AQioxzoOakx-B7boIGEtJDGQ3QIlzKyKApuR2OtBDHUL6bAkO9PBc9Z3PU1LpJ2YIaZ3fcSmO-ptuWrxAFIaAoyh1Npi_1tac9NN-AJd78YuU28iqzdxdGZRRByzVbUhEyJXZ-m6Iw-Ul-fpUVrQmX99UDrZUZtGB/_.com/adv?/ads/head./kskads./wedel_ad..cz/affil/

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.i3lZQCme4x8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzVsfZj4_82BkKsGeXqHADpMjA9TA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

24cc21ba185a9f21c395270b6d8ebb1787c8cc7cd71d7e689b37dabf1d9fc0bb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-WuEC11PWg0c8XaWz3fZlRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-WuEC11PWg0c8XaWz3fZlRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 57ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.i3lZQCme4x8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzVsfZj4_82BkKsGeXqHADpMjA9TA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:37:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Mar 2023 00:37:41 GMT

POST
H3 204 AGSKWxUp3CJd5KVMj0C1KS2HewQuOnuJ5TUNqtQ72EI2DB9JPKe9hp9bZ3vgjbJqIxpQpWWO87zbclmHMShNDRSblsr1ZmLcNK3CKFJMN5EdAFvkVoNWZjPaJ8LUwkDRrzD9EUDrTVhkUA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 69ms
68ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUp3CJd5KVMj0C1KS2HewQuOnuJ5TUNqtQ72EI2DB9JPKe9hp9bZ3vgjbJqIxpQpWWO87zbclmHMShNDRSblsr1ZmLcNK3CKFJMN5EdAFvkVoNWZjPaJ8LUwkDRrzD9EUDrTVhkUA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UHqJmr9Ny1GKgxaUBtCMnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ch.fidanto.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Mar 2023 22:37:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UHqJmr9Ny1GKgxaUBtCMnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ch.fidanto.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUp3CJd5KVMj0C1KS2HewQuOnuJ5TUNqtQ72EI2DB9JPKe9hp9bZ3vgjbJqIxpQpWWO87zbclmHMShNDRSblsr1ZmLcNK3CKFJMN5EdAFvkVoNWZjPaJ8LUwkDRrzD9EUDrTVhkUA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 84ms
83ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUp3CJd5KVMj0C1KS2HewQuOnuJ5TUNqtQ72EI2DB9JPKe9hp9bZ3vgjbJqIxpQpWWO87zbclmHMShNDRSblsr1ZmLcNK3CKFJMN5EdAFvkVoNWZjPaJ8LUwkDRrzD9EUDrTVhkUA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gU3UturJ6CDzlfmdyEBEKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ch.fidanto.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Mar 2023 22:37:29 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gU3UturJ6CDzlfmdyEBEKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ch.fidanto.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUp3CJd5KVMj0C1KS2HewQuOnuJ5TUNqtQ72EI2DB9JPKe9hp9bZ3vgjbJqIxpQpWWO87zbclmHMShNDRSblsr1ZmLcNK3CKFJMN5EdAFvkVoNWZjPaJ8LUwkDRrzD9EUDrTVhkUA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 78ms
78ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUp3CJd5KVMj0C1KS2HewQuOnuJ5TUNqtQ72EI2DB9JPKe9hp9bZ3vgjbJqIxpQpWWO87zbclmHMShNDRSblsr1ZmLcNK3CKFJMN5EdAFvkVoNWZjPaJ8LUwkDRrzD9EUDrTVhkUA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5pxaDH4G6lG3mqyVNu3hMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ch.fidanto.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Mar 2023 22:37:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-5pxaDH4G6lG3mqyVNu3hMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ch.fidanto.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxUp3CJd5KVMj0C1KS2HewQuOnuJ5TUNqtQ72EI2DB9JPKe9hp9bZ3vgjbJqIxpQpWWO87zbclmHMShNDRSblsr1ZmLcNK3CKFJMN5EdAFvkVoNWZjPaJ8LUwkDRrzD9EUDrTVhkUA== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 86ms
86ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUp3CJd5KVMj0C1KS2HewQuOnuJ5TUNqtQ72EI2DB9JPKe9hp9bZ3vgjbJqIxpQpWWO87zbclmHMShNDRSblsr1ZmLcNK3CKFJMN5EdAFvkVoNWZjPaJ8LUwkDRrzD9EUDrTVhkUA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A7s48i5_gXhTM-qh4wBAhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ch.fidanto.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Mar 2023 22:37:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-A7s48i5_gXhTM-qh4wBAhA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ch.fidanto.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVAEFSr48yMeJD5ALdlQKxxgbxZhV7oT0x-vJXToZuKyg8F2LSdfj4UvmofFSK_e7sI-jj9FfYbtYtEQ34WN8xkrY6YcAkdInOoliV3WYbSkCQ1LBeUcypKeSgS_hDYLVyTlR4Rnw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 86ms
85ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVAEFSr48yMeJD5ALdlQKxxgbxZhV7oT0x-vJXToZuKyg8F2LSdfj4UvmofFSK_e7sI-jj9FfYbtYtEQ34WN8xkrY6YcAkdInOoliV3WYbSkCQ1LBeUcypKeSgS_hDYLVyTlR4Rnw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjc4OTE5ODQ5LDk1ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vY2guZmlkYW50by5jb20vYXJiZWl0c3BsYXR6ZS9zdGVsbGVuYW5nZWJvdGUvbWFyLTIwMjMvYmF1ZnVocmVyaW4tdGVjaG5pc2NoZS1sZWl0ZXJpbi04MDEwMC13bS1pbi1iZXJuLTk1MTgzMjM3NCIsbnVsbCxbWzgsImkzbFpRQ21lNHg4Il0sWzksImVuLUdCIl0sWzE2LCJbdHJ1ZSx0cnVlLHRydWVdIl0sWzE3LCJbZmFsc2VdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1398e06c1ab609631c9359ac9f18ec00e10395a4ffca32937073e1608a6794ba

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QhEOlEy-_VuaXGh4xh0bvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-QhEOlEy-_VuaXGh4xh0bvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU0sbmo1NC8-WWlziICdadrsjtxEks6A2KLfByNoCzIbWxVajjM1wJOWtwTrAZgA6JD0zYB9uMNbu6rQjRSQKD5_6iT80f3OUruL1H3Vh3-M0aact5gChyqt9hBQYs0rvL8qhIEvw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 102ms
101ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU0sbmo1NC8-WWlziICdadrsjtxEks6A2KLfByNoCzIbWxVajjM1wJOWtwTrAZgA6JD0zYB9uMNbu6rQjRSQKD5_6iT80f3OUruL1H3Vh3-M0aact5gChyqt9hBQYs0rvL8qhIEvw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_7BA6sXiRlcNfDsQfVprNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ch.fidanto.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 15 Mar 2023 22:37:30 GMT
content-security-policy: script-src 'report-sample' 'nonce-_7BA6sXiRlcNfDsQfVprNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ch.fidanto.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
463 B 299ms
98ms XHR
text/javascript 52.222.247.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fch.fidanto.com%2Farbeitsplatze%2Fstellenangebote%2Fmar-2023%2Fbaufuhrerin-technische-leiterin-80100-wm-in-bern-951832374&pid=VbxCqJ7zfKU7S&cb=0&ws=1600x1200&v=23.313.1233&t=900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-22815299042-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22980x120%22%2C%22980x90%22%5D%7D%5D&schain=1.0%2C1!clickio.com%2C150604%2C1%2C%2C%2C&pubid=04013c9e-1356-42d0-86b7-40a716af3f50&gdprl=%7B%22status%22%3A%22no-cmp%22%2C%22cmpTimeout%22%3A250%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.247.205 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-247-205.fra60.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:30 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P3
x-amz-rid: KGCZZERH36PA2VBK3XNJ
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://ch.fidanto.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: X1opEttOHGOiV3pGMN5SWMHWQ-p4Mo5WQqewlFwyRoVgrV8vrSCf4w==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 204ms
68ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ch.fidanto.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 66ms
64ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ch.fidanto.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 510 B
873 B 405ms
404ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4178492500422697&correlator=2483550599205410&eid=31070233%2C44777628&output=ldjh&gdfp_req=1&vrg=2023030901&ptt=17&impl=fif&iu_parts=45470634%3A7760362%2Cclickio_area_702415_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C980x120%7C980x90&ifi=4&adks=53457542&didk=953411875&sfv=1-0-40&prev_scp=autorefresh%3D30_sec%26unit_type%3Dsticky%26ar_imp%3D0%26clsid%3D227250%26claid%3D702415&cust_params=adm_lazy_load_dev%3D400x300d&sc=1&cookie=ID%3Dc773ab5be3936c92-22485d5c55dd000f%3AT%3D1678919848%3ART%3D1678919848%3AS%3DALNI_MYOtb9lykSHYXhL-XNHTv88mkPlpw&gpic=UID%3D00000bc692d6efc0%3AT%3D1678919848%3ART%3D1678919848%3AS%3DALNI_MZRb9BpSHK2hLaPfwkEGzpAGVN7TA&abxe=1&dt=1678919850543&lmt=1678919850&dlt=1678919847679&idt=1108&adxs=453&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fch.fidanto.com%2Farbeitsplatze%2Fstellenangebote%2Fmar-2023%2Fbaufuhrerin-technische-leiterin-80100-wm-in-bern-951832374&frm=20&vis=1&psz=761x-1&msz=728x-1&fws=512&ohw=0&ga_vid=2113481275.1678919848&ga_sid=1678919848&ga_hid=1662156530&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c123e00451e47e6fb5a431167e6808a8af22b4348757f4f1be7d907261af1ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 240
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ch.fidanto.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
11077ec82b710058626374cb55b75b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EB81 6 KB
3 KB 254ms
92ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11077ec82b710058626374cb55b75b30.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ch.fidanto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 22:37:30 GMT
expires: Thu, 14 Mar 2024 22:37:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
210 B 51ms
50ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=2&ses_id=kycq07xyogqxldq984812194&area_id=702415&policy=ok&sub_id=1&f=__lxG__.tmp.rot_ln9x63lbdst1vf0b&rt=985056851
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/227250/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: cce8a4185030b0bbfbfa18cdcd4c28b3c74aee1335fff12eae018149a04f08ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 22:37:30 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD1+NzAyNDE1JnNzaWQ9fjEmYWN0PWR5bl9wZ19wb3NfZnN+Z19ldl9zcmVuZH5nX2V2X3NyZW5kX2V+Z19ldl9zcmVuZF9lX2xsdl80MDB4MzAwZH5nX2V2X3NyZW5kX2xsdl80MDB4MzAwZH5nX2V2X3NyZXF+Z19ld... 38 B
206 B 52ms
51ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD1+NzAyNDE1JnNzaWQ9fjEmYWN0PWR5bl9wZ19wb3NfZnN+Z19ldl9zcmVuZH5nX2V2X3NyZW5kX2V+Z19ldl9zcmVuZF9lX2xsdl80MDB4MzAwZH5nX2V2X3NyZW5kX2xsdl80MDB4MzAwZH5nX2V2X3NyZXF+Z19ldl9zcmVxX2xsdl80MDB4MzAwZH5nX2V2X3NyZXNwfmdfZXZfc3Jlc3BfbGx2XzQwMHgzMDBkfnNsb3RfYWRtX3JlcGx5fnNsb3RfYWRtX3JlcGx5X2xsdl80MDB4MzAwZH5zbG90X2NhbGxfYWRtfnNsb3RfY2FsbF9hZG1fbGx2XzQwMHgzMDBkfnNsb3RfaGJfY2xsfnNsb3RfaGJfZW5kfnNsb3RfbGxfdmFyXzQwMHgzMDBkfnNsb3Rfcm5kcl9jbGx+c2xvdF9ybmRyZF9lbXB0fnNsb3Rfc3RheV9lbXB0fnRnbF9zXzJfb2t+dGdsX3NfMl9va19va351bml0X2hiX2NsbH51bml0X2hiX2VuZCZwbHRmPX4wJnVybD1+Y2guZmlkYW50by5jb20mdmNudD0yMyZfZj1fX2x4R19fLnRtcC5sb2dzdF82N2RrNjB5YmpreDJkMHF5/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/227250/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 7e0ec89ff5d267f21441ad806b5bf885caf92e466c6b0f72d6924fcd9478f3e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Mar 2023 22:37:31 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_hb/c2lkPTIyNzI1MCZ1cmw9Y2guZmlkYW50by5jb20mcmVxPWFtYXpvbjo3MDI0MTUsMTo6cnViaWNvbjo3MDI0MTUsMTo6b3Blbng6NzAyNDE1LDE6OmNyaXRlbzo3MDI0MTUsMTo6aW1wcm92ZWRpZ2l0YWw6NzAyNDE1LDE6O... 38 B
206 B 52ms
51ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_hb/c2lkPTIyNzI1MCZ1cmw9Y2guZmlkYW50by5jb20mcmVxPWFtYXpvbjo3MDI0MTUsMTo6cnViaWNvbjo3MDI0MTUsMTo6b3Blbng6NzAyNDE1LDE6OmNyaXRlbzo3MDI0MTUsMTo6aW1wcm92ZWRpZ2l0YWw6NzAyNDE1LDE6OnNvdnJuOjcwMjQxNSwxOjphcHBuZXh1czo3MDI0MTUsMTo6YW14OjcwMjQxNSwxOjp0cmlwbGVsaWZ0OjcwMjQxNSwxJl9mPV9fbHhHX18udG1wLmxvZ3N0X3AxZGxnbGJjaW9mNmxlbTI/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/227250/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 3fdac90cedbae5028d4533aa75912b18fd84cf292a8ced03c67a2413364816d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Mar 2023 22:37:31 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8

GET
H2 200 /
clickiocdn.com/utr/scmps/ 42 B
158 B 50ms
49ms Image
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clickiocdn.com/utr/scmps/?rt=985112864&cmp=-1&api=-1&sid=227250&req=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ch.fidanto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Mar 2023 22:37:31 GMT
cache-control: no-cache
iseu: eu
server: nginx/1.16.0
content-length: 42
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fidanto.com/	1970-01-20 19:57:59	Name: _ga_XBG0V08G1N Value: GS1.1.1678919848.1.0.1678919848.0.0.0
.fidanto.com/	1970-01-20 19:57:59	Name: _ga Value: GA1.1.2113481275.1678919848
.fidanto.com/	1970-01-20 19:43:35	Name: __gsas Value: ID=6ba8d55cd717986e:T=1678919848:S=ALNI_Mb813tdSZA0KyFNGATqd9-TI4ItHw
.fidanto.com/	1970-01-20 19:43:35	Name: __gpi Value: UID=00000bc692d6efc0:T=1678919848:RT=1678919848:S=ALNI_MZRb9BpSHK2hLaPfwkEGzpAGVN7TA
.fidanto.com/	1970-01-20 19:07:35	Name: FCNEC Value: %5B%5B%22AKsRol9O6Z-L80CZDjnk4hqrZW6AH2SF2P3goSLCNTUAx7iXT6f0XgeOBLA3kg3FI26-KM5S72SUxtWje4hUP3U7H9czrpams6XNHvEF3BGOCsNUlt0fVSLnYi5iZ7C190d_qWVQdBvg8QyQC5oK9uA5LOfRDsEl9Q%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.doubleclick.net/	1970-01-20 19:57:59	Name: IDE Value: AHWqTUmm33j95t2gIj9lddihfPNRUsS93A2UAcHGe2mCNHfQVFACV-rLMTeRpCOn5iU
.fidanto.com/	1970-01-20 19:43:35	Name: __gads Value: ID=c773ab5be3936c92-22485d5c55dd000f:T=1678919848:S=ALNI_MYOtb9lykSHYXhL-XNHTv88mkPlpw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11077ec82b710058626374cb55b75b30.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
adservice.google.ca
adservice.google.com
adservice.google.de
c.amazon-adsystem.com
ch.fidanto.com
clickiocdn.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s.clickiocdn.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
13.225.31.77
2001:4860:4802:32::36
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
34.142.63.26
52.222.247.205
95.211.66.34
95.211.66.35
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0c123e00451e47e6fb5a431167e6808a8af22b4348757f4f1be7d907261af1ef
0cee20fd2a5e2f86f36423ce75f6070e825e28f798b0dc979a70f396c7893d9a
1398e06c1ab609631c9359ac9f18ec00e10395a4ffca32937073e1608a6794ba
1bffa4ca3450e2252481e59d9f5f8102be677c71bf34391bfd53dd146d88774a
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a
22c04ff48a8428b045facfe740621b50f02a96009bec66f5eceb9217788f2cec
24a2bf35c3d7dab503c10c619d5849384772e5f935115e75530d1347b84e737d
24cc21ba185a9f21c395270b6d8ebb1787c8cc7cd71d7e689b37dabf1d9fc0bb
265d8f48c291907c63d7a0c25641638f64e405e0f03cc3e59b5976006bb5c24e
2940fc3e4be1c44c42429926fd8144235bee8fde8e590386bc0b8900482b82d2
2cd0a4887dc265775f7b8f9ce799efea02df493104d659c6b213c694f7fb0eb9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10bc86eb0589ef26eb47d966ad7b9caa85b7eb5ace3bb013ebf2ed2cbd75f3
2e2d56cece389641b16dea99088a149ade31ad4dd2a3864f501c729dac4543e0
303232489ecefb0409266262349dd6b4f2afae412bb6a8eb970d771eb4c00da7
35dce9895c456bea83be2fb985a9baa444b975a71bce58d0887b7bafeac8710a
39ff1da361a42b3d750b4de7b8b288f374bef957a84f46dafdccd07e5da14234
3fdac90cedbae5028d4533aa75912b18fd84cf292a8ced03c67a2413364816d7
4548fb79ae67af4420e8da68f80c8973eccc7b49f167260b43e2ead39c6ca6df
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4c39747cab4943179d2d9bcdf41e50df3e2df7bab112bbd70a8723a97c84a707
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645f2b6e237d2a8227136139f4b40b50a0867e96352c4254b3294fd302d8b8a7
67925ae4c202198a2210e24bb163a9a536f335b30212d96be2bf10aa276dbe29
6a0d547d5aa68f7daadf36ede5bde7e5193e9b2a519e947821b7be326638bd54
7093b09dc9ce5bbc1adf7e4cbbe1df2073d0ec34064d85f9be1391254ec1e7c1
72996357cf647d3e794d1c71ef61e68353ac0b1c1f29d20c4e237b4fea770200
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7513e90bb4f62623e0ab1b647bd50483bcdc772faa3e7c628b1fd9f85a85ec98
756b3ff75bbd23541534b5ab0922e5ca8116574b1f030ea410e097a3b4863f52
7d244994fc1ca485493697e19e0080de940283e457cfbbf094180848bb5f42a0
7e0ec89ff5d267f21441ad806b5bf885caf92e466c6b0f72d6924fcd9478f3e4
8aabba2532b07741f633d4af2996d99d9ee04905cb5192760f6536af1c36a1bc
8e0026163657cecc9718ff4a1e925a4d44f15f791013efbcc30a4e30b8c4ae3d
8febcb6d069d5a22f5bf9dfd271faedead308d9c118bbc71d0fb85fdfba2fa62
949aeae32555f7b3778cc85d65c4bf7b0135edd78f70bfb791efe6932276337d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51464dfe4b8e7a768c8e14bbfdd8dbbd20d403970827a5bfd4eed5ecf79b297
aa7e0cd9a7abec1001743525cb14d0509fa9af3904c1f64ba17c9dd20c1abe14
b8210134300377e56db7b3eb509bce67c45a0baab92c396b47b246d7232d92ae
ba1b3510f13b486e138ab1215ac4334a9da5e06584e69136a219317c54ab70d5
c4b2394a30fa0e4a23c6b308541353e20872a6fd765ed8fb70e6b402029deb00
c721a466fc8bc97cf6db3fdac71584d63642bdf7de485c69815e64b25439d6eb
c7c13db18e003c4573e82b1e2a419a34ecb921ebe873cddc81aad7c53770c5f4
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cce8a4185030b0bbfbfa18cdcd4c28b3c74aee1335fff12eae018149a04f08ed
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed93bb876b8d90637836406cfd761d8c6e656a1bbb70eccd83c81a0332dc64da
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f223e99e1685905fb8a4502d9d72c4870b24a568fef1c7dd51aeeee7fd6032f8
f31a961b8ca02898863723f115e7669100411be1a9e10c0a3e1926a39154cc26
f43a06d94a8643f863e607ce1e7e28ca31192278a7db3dd5a87a84e543aaba11
f5b2f82490f24578dd392267b2b8a159baf146e93128d07d3f66f52263e60218
fa16b5d9d99736d81797ec7acb624eed8578e6bee226a21782df186db08e9562
fcc55a7337cb59740ca8f1634ff3ba3bd9f7f81bda1cd98c2cd39e0109df5b60
fe226c87aaa92b3dd532d54d0baf16df33b68924a8dd47e8458ab6f3be2b0fc4

ch.fidanto.com Open in urlscan Pro 34.142.63.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

100 %HTTPS

72 %IPv6

12 Domains

19 Subdomains

19 IPs

4 Countries

1165 kBTransfer

2988 kBSize

7 Cookies

5 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ch.fidanto.com Open in urlscan Pro
34.142.63.26 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

100 %
HTTPS

72 %
IPv6

12
Domains

19
Subdomains

19
IPs

4
Countries

1165 kB
Transfer

2988 kB
Size

7
Cookies

73 HTTP transactions
1 data transactions