www.bonus.ch Open in urlscan Pro
212.40.8.229  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

• https://ad.doubleclick.net/ddm/trackimp/N1484119.291376BONUS.CH/B31575870.388435963;dc_trk_aid=579720090;dc_trk_cid=210192853;ord=988881740;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N1484119.291376BONUS.CH/B31575870.388435963;dc_pre=COKclMbk_YQDFVEciAkdZqkMrw;dc_trk_aid=579720090;dc_trk_cid=210192853;ord=988881740;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1

Request Chain 152

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcEmD0N1UB5YFyei9mcGlk&google_cver=1

Request Chain 153

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zfgv5dHM6GYAABtDAHiwoQAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcEmD0N1UB5YFyei9mcGlk&google_cver=1

Request Chain 154

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEN-qvH2hnA0mnXzsCLsirk4&google_cver=1

Request Chain 155

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIxODcyNzkyOTM1NDA1NTIx

Request Chain 167

• https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEE_hQL011GSInsPIX5Zlrkg&google_cver=1&google_push=AXcoOmT5w5pm8urmbImlZR8wQ2QG2Rtp5fZXQZWAzaP2uq9-pqYPH86N271w9Y5Ycp9b25PMTkqObCqpSW6LY_kV1lGUkXlGK_2DIOhlZe4Zn1-C0rFDrrcHsLqw33Em-mtMfln2ei3VLWBELuhhtVpzZd-brw HTTP 302
• https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=72cfaa2b98552431&is_secure=true&networkId=14000&version=1&google_gid=CAESEE_hQL011GSInsPIX5Zlrkg&google_cver=1&google_push=AXcoOmT5w5pm8urmbImlZR8wQ2QG2Rtp5fZXQZWAzaP2uq9-pqYPH86N271w9Y5Ycp9b25PMTkqObCqpSW6LY_kV1lGUkXlGK_2DIOhlZe4Zn1-C0rFDrrcHsLqw33Em-mtMfln2ei3VLWBELuhhtVpzZd-brw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACpSyAHhzGSwMi8j8nAAAAAAA&expiration=1710850406&google_cver=1&is_secure=true&google_gid=CAESEE_hQL011GSInsPIX5Zlrkg&google_push=AXcoOmT5w5pm8urmbImlZR8wQ2QG2Rtp5fZXQZWAzaP2uq9-pqYPH86N271w9Y5Ycp9b25PMTkqObCqpSW6LY_kV1lGUkXlGK_2DIOhlZe4Zn1-C0rFDrrcHsLqw33Em-mtMfln2ei3VLWBELuhhtVpzZd-brw

Request Chain 168

• https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESELA6CZmkUA9igut_xOfjD-w&google_cver=1&google_push=AXcoOmRF4fhHP6IrgKm4163hpBBU7XBw3SAScz70EjutRQibxF7m3tVAwr4GkrsS25sKjLaIDCPZHiB-lHANWeU74w8chiGgpyYkbIgFfz4O_IRR_s3X_RGmdVIgfbyYQ2MsS00HJglgorIumSu8Qb6Dz6gXQA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELA6CZmkUA9igut_xOfjD-w&google_push=AXcoOmRF4fhHP6IrgKm4163hpBBU7XBw3SAScz70EjutRQibxF7m3tVAwr4GkrsS25sKjLaIDCPZHiB-lHANWeU74w8chiGgpyYkbIgFfz4O_IRR_s3X_RGmdVIgfbyYQ2MsS00HJglgorIumSu8Qb6Dz6gXQA

Request Chain 169

• https://um.simpli.fi/gp_match?google_gid=CAESEGUfyADNT_V2hz07-a0IAH0&google_cver=1&google_push=AXcoOmRkxJ_Vk8ZYQ3c-Y2bkcRlG9Um-kWRbaFjO5RuXjnDnvcGXItnbLl04sKInTMNeF1DuF2d9nGvMeebxoAqtHrPFkJNhideTPXR35VWIfsnymv0qAFUevNtoDQU8VWxBQzKu4-swQkgi7Da3IF-QIVRvlg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A83C288D5DE544439299D5A222051B8E&google_push=AXcoOmRkxJ_Vk8ZYQ3c-Y2bkcRlG9Um-kWRbaFjO5RuXjnDnvcGXItnbLl04sKInTMNeF1DuF2d9nGvMeebxoAqtHrPFkJNhideTPXR35VWIfsnymv0qAFUevNtoDQU8VWxBQzKu4-swQkgi7Da3IF-QIVRvlg

Request Chain 170

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN04EUzlXGvKDCV2pvNfgls&google_cver=1&google_push=AXcoOmTHVI2r_1ZI3nZ_S8xS3RcGeePsyixFwGJCl8c2MUaNdufi9HYNlGfF-PXIFzHYr7d2SBZDHlrGjMXRtvpz1Gyd20fEWedK56IrBIlmMCmvmh63jJoGUVtdrZCv3VgMulTEAx0TQwfD0zkWyPoFvyY_ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTHVI2r_1ZI3nZ_S8xS3RcGeePsyixFwGJCl8c2MUaNdufi9HYNlGfF-PXIFzHYr7d2SBZDHlrGjMXRtvpz1Gyd20fEWedK56IrBIlmMCmvmh63jJoGUVtdrZCv3VgMulTEAx0TQwfD0zkWyPoFvyY_&google_hm=eS1oUGh1a294RTJwRTRlcEJ6TmxtU2J5Z3VKc1lzS2QxTH5B

Request Chain 172

• https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEK1RLav0vHMXIcXE3C3N_es&google_cver=1&google_push=AXcoOmSD6nhio08PBSZz-mnd-S1xqcPDIWGLYqWaUHAHoUJbBWpggz1jix4GjiyP7LsUBKn3EB8MNhzZr34jmUUSW0Nq-svKcrDh3qXil8VWP5xImscUJ5xgABBg0v63iyUREsAGQWqYrgesJY7m-hCgJhURUbQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSD6nhio08PBSZz-mnd-S1xqcPDIWGLYqWaUHAHoUJbBWpggz1jix4GjiyP7LsUBKn3EB8MNhzZr34jmUUSW0Nq-svKcrDh3qXil8VWP5xImscUJ5xgABBg0v63iyUREsAGQWqYrgesJY7m-hCgJhURUbQ&google_hm=7khlx5JUTRmcqO2FBoD0YIY

Request Chain 173

• https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMRl6ZqFtWjca6FZRySEb-o&google_cver=1&google_push=AXcoOmRMqUg8qz3bLFnI9i2zfg84SsK6ouLRQSI9cEzFGJnnyYuwGcLPvVpSfBQ_lwuVpJ37sWU0PYFowNIMaRifCZblE1MhBHuHkxNXbRt-NPz4GESFLqCp0OE2Is1LSqlQgXTA8NusO5VxvbJk0WN8byslBg HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NWE0ODBlOWQtZjMyYS00M2ZkLTg0NWYtOWViMTYwNWFmNDk4&google_push=AXcoOmRMqUg8qz3bLFnI9i2zfg84SsK6ouLRQSI9cEzFGJnnyYuwGcLPvVpSfBQ_lwuVpJ37sWU0PYFowNIMaRifCZblE1MhBHuHkxNXbRt-NPz4GESFLqCp0OE2Is1LSqlQgXTA8NusO5VxvbJk0WN8byslBg HTTP 302
• https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 177

• https://fw.adsafeprotected.com/rfw/st/1608565/73384177/4.js?bundleId=${BUNDLE_ID}&bidurl=https://www.bonus.ch/&adContainerId=brand_safety_5S_4ZdX-KuDJnboP5K6lsAs&cbFunctionName=goog_wrapCb_5S_4ZdX-KuDJnboP5K6lsAs&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.bonus.ch&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.bonus.ch%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-5536509703773744%26output%3Dhtml%26h%3D250%26slotname%3D1301303001%26adk%3D1630190559%26adf%3D3173046728%26pi%3Dt.ma~as.1301303001%26w%3D300%26lmt%3D1710764004%26format%3D300x250%26url%3Dhttps%253A%252F%252Fwww.bonus.ch%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1710764004326%26bpp%3D4%26bdt%3D640%26idt%3D584%26shv%3Dr20240313%26mjsv%3Dm202403130201%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D29707d2b33e3c8ea%253AT%253D1710764002%253ART%253D1710764002%253AS%253DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg%26gpic%3DUID%253D00000dd371b7afdd%253AT%253D1710764002%253ART%253D1710764002%253AS%253DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w%26eo_id_str%3DID%253D70df5bff00e9cec7%253AT%253D1710764002%253ART%253D1710764002%253AS%253DAA-AfjZJf50v7LdPEULsF7YzPoX-%26correlator%3D7281490432736%26frm%3D23%26ife%3D4%26pv%3D2%26ga_vid%3D1723967549.1710764002%26ga_sid%3D1710764005%26ga_hid%3D445081681%26ga_fc%3D1%26nhd%3D1%26u_tz%3D-600%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D908%26ady%3D1038%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D3069768381%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31081903%252C44795921%252C95325974%252C95327951%252C95327955%252C95325785%26oid%3D2%26pvsid%3D2390733360894535%26tmod%3D262377642%26uas%3D0%26nvt%3D1%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3D1.6vc65kpy1utg%26fsb%3D1%26dtd%3D603&adsafe_type=d&adsafe_jsinfo=,id:4d5ff19d-dbf1-d3b1-54d3-72abf3f7230d,c:7gM3TD,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c9dcbdc6f-fgvbl,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:5,mot:0,app:0,maw:0,tdt:s,fm:u7nhqkZ+11%7C12%7C13%7C14%7C151*.1608565-73384177%7C1511%7C1512%7C1513%7C1514%7C16%7C1711%7C172%7C181%7C1821,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:33,oid:ec229eb2-e520-11ee-ad05-964f923470a9,v:19.8.489,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5S_4ZdX-KuDJnboP5K6lsAs&cbFunctionName=goog_wrapCb_5S_4ZdX-KuDJnboP5K6lsAs&true_pb=

236 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.bonus.ch/	67 KB 17 KB	780ms 269ms	Document text/html	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Full URL https://www.bonus.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0 ASP.NET Resource Hash 9aa1b94b99e9931337df763b342bb8b552dab2d1550e12faac4c7762a0546c9f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Cache-Control private Content-Encoding gzip Content-Length 17112 Content-Type text/html; charset=utf-8 Date Mon, 18 Mar 2024 12:13:09 GMT P3P policyref="https://www.bonus.ch/BonusCh/W3C/p3p.xml", CP="CURi ADMi DEVi HISi OUR LEG DSP CAO COR" Server Microsoft-IIS/8.0 Vary Accept-Encoding X-AspNet-Version 4.0.30319 X-Powered-By UrlRewriter.NET 2.0.0 ASP.NET
GET H/1.1	200 OK	bns4-1.3.1.min.css www.bonus.ch/rdDist/css/	145 KB 24 KB	103ms 101ms	Stylesheet text/css	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Full URL https://www.bonus.ch/rdDist/css/bns4-1.3.1.min.css Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash c0b91af520628c4f2a7e48b2564be32f041ad0fe7915c17c0b8d9bdab335562e Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:09 GMT Content-Encoding gzip Last-Modified Fri, 23 Jun 2023 09:27:45 GMT Server Microsoft-IIS/8.0 ETag "803e8cf7b4a5d91:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Vary Accept-Encoding Content-Type text/css Cache-Control max-age=43199 Accept-Ranges bytes Content-Length 24061
GET H/1.1	200 OK	tgmdl-0.1.2.min.js Show response www.bonus.ch/rdDist/js/	3 KB 1 KB	214ms 103ms	Script application/javascript	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Full URL https://www.bonus.ch/rdDist/js/tgmdl-0.1.2.min.js Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash 37b112e4f854e0db1e02ee47a652003a25812a2e6d1dcc15aeafe9648910b9a9 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:09 GMT Content-Encoding gzip Last-Modified Thu, 27 Oct 2022 11:21:34 GMT Server Microsoft-IIS/8.0 ETag "0b33845f6e9d81:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43199 Accept-Ranges bytes Content-Length 1160
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	87 KB 28 KB	716ms 81ms	Script text/javascript	2607:f8b0:4004:c1d::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash da4c044726170e910b5ca165aeacfd188c1af62dfac06e1bcd03495f97309c66 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:22 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28665 x-xss-protection 0 server cafe etag 755 / 19800 / m202403140101 / config-hash: 12141679652853667310 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 18 Mar 2024 12:13:22 GMT
GET H/1.1	200 OK	bonus-ch-Vergleich-v4.png www.bonus.ch/rdImg/Mdl/	6 KB 6 KB	400ms 199ms	Image image/png	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Show image Full URL https://www.bonus.ch/rdImg/Mdl/bonus-ch-Vergleich-v4.png Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash 77190bdd8fea24a9080cf5341608560ddf0e9acd7877811c28fc11ec6a9cc3df Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:09 GMT Last-Modified Mon, 30 Mar 2020 07:27:39 GMT Server Microsoft-IIS/8.0 ETag "80e7feb0646d61:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Content-Type image/png Cache-Control max-age=43199 Accept-Ranges bytes Content-Length 5742
GET H/1.1	200 OK	f10.jpg www.bonus.ch/rdImg/Pers/	3 KB 3 KB	302ms 100ms	Image image/jpeg	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Show image Full URL https://www.bonus.ch/rdImg/Pers/f10.jpg Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash eb105dc1a1f47cb0bc3d21134ff18ddaa5c39bd7092bb47f24014537c4728cec Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:09 GMT Last-Modified Fri, 17 Apr 2020 12:47:04 GMT Server Microsoft-IIS/8.0 ETag "37b3134cb614d61:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Content-Type image/jpeg Cache-Control max-age=43199 Accept-Ranges bytes Content-Length 2640
GET H/1.1	200 OK	f15.jpg www.bonus.ch/rdImg/Pers/	3 KB 4 KB	108ms 105ms	Image image/jpeg	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Show image Full URL https://www.bonus.ch/rdImg/Pers/f15.jpg Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash dcdb93ab9634db4cb1a6893fb39bc2cb5243c0c3ba42bcb7eb5341483a23fff1 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:09 GMT Last-Modified Fri, 17 Apr 2020 12:47:04 GMT Server Microsoft-IIS/8.0 ETag "d4ffdb4bb614d61:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Content-Type image/jpeg Cache-Control max-age=43199 Accept-Ranges bytes Content-Length 3409
GET H/1.1	200 OK	m21.jpg www.bonus.ch/rdImg/Pers/	3 KB 3 KB	109ms 104ms	Image image/jpeg	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Show image Full URL https://www.bonus.ch/rdImg/Pers/m21.jpg Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash c5c87320be128ac46b6299da5642cd03103296a1a5002e257b6e89500f4e0c12 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:09 GMT Last-Modified Fri, 17 Apr 2020 12:47:49 GMT Server Microsoft-IIS/8.0 ETag "f029766b614d61:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Content-Type image/jpeg Cache-Control max-age=43199 Accept-Ranges bytes Content-Length 2680
GET H/1.1	200 OK	f14.jpg www.bonus.ch/rdImg/Pers/	3 KB 3 KB	242ms 124ms	Image image/jpeg	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Show image Full URL https://www.bonus.ch/rdImg/Pers/f14.jpg Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash 20ece39accd8ab7e8159209d29d469f690d8a28586575f8c2283d4ab78eaafeb Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:09 GMT Last-Modified Fri, 17 Apr 2020 12:47:04 GMT Server Microsoft-IIS/8.0 ETag "e230d84bb614d61:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Content-Type image/jpeg Cache-Control max-age=43199 Accept-Ranges bytes Content-Length 2738
GET H/1.1	200 OK	Mobile-Handy-Camera-Bild-Photo.jpg www.bonus.ch/BDI/Telephonie/s5/	4 KB 4 KB	101ms 101ms	Image image/jpeg	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Show image Full URL https://www.bonus.ch/BDI/Telephonie/s5/Mobile-Handy-Camera-Bild-Photo.jpg Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash ead78756e1e0bd11884659071528263f788372eca1ee9bd4ee9efc0f5d8d18d6 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:10 GMT Last-Modified Mon, 27 Apr 2015 10:29:36 GMT Server Microsoft-IIS/8.0 ETag "e3874ffd580d01:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Content-Type image/jpeg Cache-Control max-age=431999 Accept-Ranges bytes Content-Length 3697
GET H/1.1	200 OK	Telecom-Telekom-5G.jpg www.bonus.ch/BDI/Telephonie/s5/	15 KB 15 KB	102ms 102ms	Image image/jpeg	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Show image Full URL https://www.bonus.ch/BDI/Telephonie/s5/Telecom-Telekom-5G.jpg Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash 91ded1a17c384de64b888ac22f7f32068a1c9419c1bafe9581f4575b951031d8 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:10 GMT Last-Modified Wed, 06 Mar 2024 07:45:09 GMT Server Microsoft-IIS/8.0 ETag "42a0ba369a6fda1:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Content-Type image/jpeg Cache-Control max-age=431999 Accept-Ranges bytes Content-Length 15390
GET H/1.1	200 OK	jq-3.5.1.min.js Show response www.bonus.ch/rdDist/jsext/	87 KB 31 KB	344ms 226ms	Script application/javascript	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Full URL https://www.bonus.ch/rdDist/jsext/jq-3.5.1.min.js Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash 9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:09 GMT Content-Encoding gzip Last-Modified Thu, 03 Jun 2021 11:44:55 GMT Server Microsoft-IIS/8.0 ETag "801532df6d58d71:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43199 Accept-Ranges bytes Content-Length 30988
GET H/1.1	200 OK	popper.min-v1.16.1.js Show response www.bonus.ch/rdDist/jsext/	21 KB 8 KB	163ms 101ms	Script application/javascript	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Full URL https://www.bonus.ch/rdDist/jsext/popper.min-v1.16.1.js Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash 0b99eb5d02fd8ce971018312df2362e4aad6ef713b4f13180980148a5fac5501 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:09 GMT Content-Encoding gzip Last-Modified Thu, 03 Jun 2021 11:48:30 GMT Server Microsoft-IIS/8.0 ETag "07b585f6e58d71:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43199 Accept-Ranges bytes Content-Length 7461
GET H/1.1	200 OK	btstr4-1.0.1.min.js Show response www.bonus.ch/rdDist/js/	62 KB 15 KB	283ms 199ms	Script application/javascript	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Full URL https://www.bonus.ch/rdDist/js/btstr4-1.0.1.min.js Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash b496ca15328ce225bc64a95508ca097435129423daa9d2fc7ab9e75c28ae45df Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:09 GMT Content-Encoding gzip Last-Modified Thu, 03 Jun 2021 13:31:03 GMT Server Microsoft-IIS/8.0 ETag "80c5d1b27c58d71:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43199 Accept-Ranges bytes Content-Length 14953
GET H/1.1	200 OK	bns4-1.0.3.min.js Show response www.bonus.ch/rdDist/js/	4 KB 2 KB	176ms 101ms	Script application/javascript	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Full URL https://www.bonus.ch/rdDist/js/bns4-1.0.3.min.js Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash 388b2212a13cc89d9f21480df444134ba55baba2f8e4b6d0a4e3f523fe0268f3 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:10 GMT Content-Encoding gzip Last-Modified Tue, 01 Nov 2022 16:02:10 GMT Server Microsoft-IIS/8.0 ETag "02d534cbeed81:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43199 Accept-Ranges bytes Content-Length 1740
GET H/1.1	200 OK	fingerprint2-v1.5.1.min.js Show response www.bonus.ch/rdDist/jsext/	34 KB 10 KB	101ms 100ms	Script application/javascript	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Full URL https://www.bonus.ch/rdDist/jsext/fingerprint2-v1.5.1.min.js Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash 6c1e7ccdbaffc6b68849135ab63614ac44dad8a50ddf193b76b55cb6dabe6589 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:10 GMT Content-Encoding gzip Last-Modified Fri, 12 Jul 2019 06:00:49 GMT Server Microsoft-IIS/8.0 ETag "807e5d277738d51:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43199 Accept-Ranges bytes Content-Length 10265
GET H2	200	gtm.js Show response www.googletagmanager.com/	305 KB 97 KB	122ms 45ms	Script application/javascript	2607:f8b0:4004:c08::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TCNFFW Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b1e4350fbe7e1b1eec1606931eea784bf2bc1ceb419364ac0f5c5b89e24a6eed Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 99288 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 18 Mar 2024 12:13:21 GMT
GET H2	200	AzaHzrXj2XE Show response www.youtube.com/embed/ Frame BF90	91 KB 40 KB	681ms 108ms	Document text/html	2607:f8b0:4004:c17::5d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/AzaHzrXj2XE?rel=0&showinfo=0 Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ff46fbd0a7da70dc48c558ec60e42e26148224c7c9f8f9f8eaca5d080c3b3fcf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bonus.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Mon, 18 Mar 2024 12:13:22 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	bgHome.jpg www.bonus.ch/rdImg/BxhLbg/	75 KB 75 KB	319ms 298ms	Image image/jpeg	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Show image Full URL https://www.bonus.ch/rdImg/BxhLbg/bgHome.jpg Requested by Host: www.bonus.ch URL: https://www.bonus.ch/rdDist/css/bns4-1.3.1.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash b8dff7bbb4072cd45905a0177479e030f2ebca0d5ced6b7fca8f90d2fc2fe32a Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/rdDist/css/bns4-1.3.1.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:09 GMT Last-Modified Tue, 14 Apr 2020 13:15:13 GMT Server Microsoft-IIS/8.0 ETag "4ebabcbb5e12d61:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Content-Type image/jpeg Cache-Control max-age=43199 Accept-Ranges bytes Content-Length 76611
GET H/1.1	200 OK	bgwV1.png www.bonus.ch/rdImg/Bg/	5 KB 5 KB	108ms 108ms	Image image/png	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Show image Full URL https://www.bonus.ch/rdImg/Bg/bgwV1.png Requested by Host: www.bonus.ch URL: https://www.bonus.ch/rdDist/css/bns4-1.3.1.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash e9e12eee586087a6c7366cf87b83cd243c7dece6a9709275265d9ea8ad010c18 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/rdDist/css/bns4-1.3.1.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:10 GMT Last-Modified Mon, 20 Apr 2020 07:05:09 GMT Server Microsoft-IIS/8.0 ETag "80027e216d61:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Content-Type image/png Cache-Control max-age=43199 Accept-Ranges bytes Content-Length 4719
GET H/1.1	200 OK	bgwG1.png www.bonus.ch/rdImg/Bg/	3 KB 4 KB	107ms 107ms	Image image/png	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Show image Full URL https://www.bonus.ch/rdImg/Bg/bgwG1.png Requested by Host: www.bonus.ch URL: https://www.bonus.ch/rdDist/css/bns4-1.3.1.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash 50acf064622e11741b3dd1e76c22c668ced5b2f35fac18618eea8d7c1a41dda4 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/rdDist/css/bns4-1.3.1.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:10 GMT Last-Modified Mon, 20 Apr 2020 09:55:51 GMT Server Microsoft-IIS/8.0 ETag "802db7dff916d61:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Content-Type image/png Cache-Control max-age=43199 Accept-Ranges bytes Content-Length 3306
GET H/1.1	200 OK	bns.woff2 www.bonus.ch/rdDist/fonts/	35 KB 36 KB	239ms 199ms	Font application/font-woff2	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Full URL https://www.bonus.ch/rdDist/fonts/bns.woff2?668663 Requested by Host: www.bonus.ch URL: https://www.bonus.ch/rdDist/css/bns4-1.3.1.min.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash 2b1ae712aa0676b8209b5c5c7813726952387cc4725f20d6c6970635b069f42b Request headers Referer https://www.bonus.ch/rdDist/css/bns4-1.3.1.min.css Origin https://www.bonus.ch accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Mon, 18 Mar 2024 12:13:09 GMT Last-Modified Mon, 24 Aug 2020 09:15:07 GMT Server Microsoft-IIS/8.0 ETag "92f148ff779d61:0" X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET Content-Type application/font-woff2 Cache-Control max-age=43199 Accept-Ranges bytes Content-Length 36284
GET H2	200	js Show response www.googletagmanager.com/gtag/	305 KB 97 KB	41ms 41ms	Script application/javascript	2607:f8b0:4004:c08::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-T9BJYJS9TW&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCNFFW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bd2e5694c9fc5d6216c6795185173832fd4f89ea212055a6614871a261591683 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 99020 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 18 Mar 2024 12:13:21 GMT
GET H2	200	hotjar-688277.js Show response static.hotjar.com/c/	142 KB 13 KB	446ms 100ms	Script application/javascript	3.162.3.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-688277.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCNFFW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.3.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-3-99.yul62.r.cloudfront.net Software / Resource Hash e7aadfd0b68eeed3753b1b3e0d202bacc468a0f3c44d1b57c0d7a430067c5c4a Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Mon, 18 Mar 2024 12:13:22 GMT via 1.1 1f0f1388abc5c7a2f1935aa322216120.cloudfront.net (CloudFront) x-amz-cf-pop YUL62-P2 etag W/fbbd9b1b5913880eb93d1145ba549752 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin x-amz-cf-id t0nValRidUIhA0RigWU2DWUycFpB47AXQFs7NiDenY7xq6RQhTYORA==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	216 KB 58 KB	425ms 82ms	Script application/x-javascript	2a03:2880:f08e:219:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f08e:219:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 18 Mar 2024 12:13:22 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57659 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=82, rtx=0, c=12, mss=1326, tbw=2815, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug eT6noKV6ptZCPqWltkE9CB+QMYLGzGfJHDIm+jTeKkEZ9IPdVRVjOyCX5L8SDJVXf2fHKmg9FoEsv9N4etWh9g== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	213 KB 77 KB	27ms 26ms	Script application/javascript	2607:f8b0:4004:c08::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-1070479089&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCNFFW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash efca5ef5dcddcff5acdf5684dd76d2e7df8db7e3721e4973f73892482a758e73 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78530 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 18 Mar 2024 12:13:21 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	350ms 14ms	Script text/javascript	2607:f8b0:4004:c1d::8b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCNFFW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::8b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 18 Mar 2024 11:02:00 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 4281 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 18 Mar 2024 13:02:00 GMT
GET H2	200	tfa.js Show response cdn.taboola.com/libtrc/unip/1104625/	69 KB 21 KB	341ms 7ms	Script application/javascript	151.101.193.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/unip/1104625/tfa.js Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 778b8bdb8eb8ddfad1a9cf8689bd75bdde6c153ee3de60c7a8fa77bf8b07023f Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-amz-version-id wScKqSFqQUQkGLAxfF8QJpY1QO2aUII0 content-encoding gzip via 1.1 varnish date Mon, 18 Mar 2024 12:13:21 GMT x-amz-request-id 7F555M1HVC7A007X age 7321 x-amz-server-side-encryption AES256 x-cache HIT x-amz-replication-status FAILED content-length 21517 x-amz-id-2 BPgWH2z+IHME9bxyab0h7sTnqNwjFhzYL18EucDeAFpmllAwL9V4LAKfWu6p1gB9nKH/VSfpvbY= x-served-by cache-lga21978-LGA last-modified Mon, 18 Mar 2024 09:05:03 GMT server AmazonS3 x-timer S1710764002.979280,VS0,VE1 etag "90f22e9ec844d0f0a6ef879d00993d4d" vary Accept-Encoding content-type application/javascript; charset=utf-8 abp 73 access-control-allow-origin * cache-control private,max-age=14401 accept-ranges bytes x-cache-hits 1
POST H/1.1	200 OK	MATrack.ashx Show response www.bonus.ch/WebServicesBonus/MA/	13 B 491 B	748ms 745ms	XHR application/json	212.40.8.229 VTX-NETWORK
General Check archive.org Show headers Download Go to Full URL https://www.bonus.ch/WebServicesBonus/MA/MATrack.ashx?fgid=f97d26f4ef9a252db98fe081e8e2888d&res=1600,1200&stk=2844-&typ=101&rub=1&tpg=13&tev=2 Requested by Host: www.bonus.ch URL: https://www.bonus.ch/rdDist/jsext/jq-3.5.1.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 212.40.8.229 Bern, Switzerland, ASN12350 (VTX-NETWORK, CH), Reverse DNS Software Microsoft-IIS/8.0 / UrlRewriter.NET 2.0.0, ASP.NET Resource Hash 0760b3cf4fb828ca69c9300b8560c5927e50ba1733f7e486c80985a2864e51c5 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.bonus.ch/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/json Response headers Date Mon, 18 Mar 2024 12:13:10 GMT Server Microsoft-IIS/8.0 X-AspNet-Version 4.0.30319 X-Powered-By UrlRewriter.NET 2.0.0, ASP.NET P3P policyref="https://www.bonus.ch/BonusCh/W3C/p3p.xml", CP="CURi ADMi DEVi HISi OUR LEG DSP CAO COR" Content-Type application/json; charset=iso-8859-1 Cache-Control private Content-Length 13
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	181ms 27ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Mon, 18 Mar 2024 12:13:21 GMT last-modified Thu, 29 Feb 2024 19:58:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 2079CCAD56384C02B6A34DA7466B7C5D Ref B: EWR30EDGE1110 Ref C: 2024-03-18T12:13:21Z etag "01b4e9c496bda1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13261
POST H2	204	collect analytics.google.com/g/	0 252 B	51ms 22ms	Ping text/plain	2001:4860:4802:34::181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-T9BJYJS9TW&gtm=45je43d0v887343506z86845134za200&_p=1710764001333&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1723967549.1710764002&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710764002&sct=1&seg=0&dl=https%3A%2F%2Fwww.bonus.ch%2F&dt=Krankenkassenvergeich%2C%20Autoversicherung%20Schweiz%20und%20vieles%20mehr&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=false&ep.content_group=Accueil%2FVide&tfd=1788 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-T9BJYJS9TW&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:22 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.bonus.ch cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 243 B	73ms 32ms	Ping text/plain	2607:f8b0:4004:c19::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T9BJYJS9TW&cid=1723967549.1710764002&gtm=45je43d0v887343506z86845134za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-T9BJYJS9TW&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:22 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.bonus.ch cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	www-player.css www.youtube.com/s/player/d552837c/ Frame BF90	370 KB 47 KB	21ms 15ms	Stylesheet text/css	2607:f8b0:4004:c17::5d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/d552837c/www-player.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/AzaHzrXj2XE?rel=0&showinfo=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 16fad6d837dc76f3470099a612936eeb8f521e20e8dd3cda74cd303759721ad0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/embed/AzaHzrXj2XE?rel=0&showinfo=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 11:38:59 GMT content-encoding br x-content-type-options nosniff age 2063 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47892 x-xss-protection 0 last-modified Wed, 13 Mar 2024 04:18:59 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 18 Mar 2025 11:38:59 GMT
GET H2	200	embed.js Show response www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/ Frame BF90	57 KB 18 KB	48ms 44ms	Script text/javascript	2607:f8b0:4004:c17::5d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/AzaHzrXj2XE?rel=0&showinfo=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a199e35c9b0b5f81da2e717fa9b9b5d336220d2b080db4be10c321069efb1dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/embed/AzaHzrXj2XE?rel=0&showinfo=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 11:39:45 GMT content-encoding br x-content-type-options nosniff age 2017 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18087 x-xss-protection 0 last-modified Wed, 13 Mar 2024 04:18:59 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 18 Mar 2025 11:39:45 GMT
GET H2	200	www-embed-player.js Show response www.youtube.com/s/player/d552837c/www-embed-player.vflset/ Frame BF90	320 KB 95 KB	34ms 30ms	Script text/javascript	2607:f8b0:4004:c17::5d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/d552837c/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/AzaHzrXj2XE?rel=0&showinfo=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f21c22963092f299414dd54347d8ddf003179242f53b9ad3215a3980e2b1bbe1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/embed/AzaHzrXj2XE?rel=0&showinfo=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 10:36:29 GMT content-encoding br x-content-type-options nosniff age 5813 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 97638 x-xss-protection 0 last-modified Wed, 13 Mar 2024 04:18:59 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 18 Mar 2025 10:36:29 GMT
GET H2	200	base.js Show response www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/ Frame BF90	2 MB 781 KB	50ms 46ms	Script text/javascript	2607:f8b0:4004:c17::5d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/AzaHzrXj2XE?rel=0&showinfo=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ec30570c25bd99ddd65ffc9842e9399f7ece99bd68f35ffed1247d3f5a8dba2f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/embed/AzaHzrXj2XE?rel=0&showinfo=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 11:30:02 GMT content-encoding gzip x-content-type-options nosniff age 2600 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 798740 x-xss-protection 0 last-modified Wed, 13 Mar 2024 04:18:59 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 18 Mar 2025 11:30:02 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/1070479089/	2 KB 2 KB	315ms 27ms	Script text/javascript	2607:f8b0:4004:c07::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070479089/?random=1710764002171&cv=11&fst=1710764002171&bg=ffffff&guid=ON&async=1&gtm=45be43d0v893743328z86845134za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bonus.ch%2F&hn=www.googleadservices.com&frm=0&tiba=Krankenkassenvergeich%2C%20Autoversicherung%20Schweiz%20und%20vieles%20mehr&npa=0&pscdl=noapi&auid=718815165.1710764002&uamb=0&uaw=0&fdr=QA&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/destination?id=AW-1070479089&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b060d46e33f07c2863d63bc372adc92956c4f6974169b6e4daa11427b08da614 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:22 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1296 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame BF90	15 KB 15 KB	327ms 18ms	Font font/woff2	2607:f8b0:4004:c1d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/AzaHzrXj2XE?rel=0&showinfo=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 09:09:10 GMT x-content-type-options nosniff age 443052 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 13 Mar 2025 09:09:10 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame BF90	15 KB 16 KB	322ms 14ms	Font font/woff2	2607:f8b0:4004:c1d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/AzaHzrXj2XE?rel=0&showinfo=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ Origin https://www.youtube.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 20:54:28 GMT x-content-type-options nosniff age 400734 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 13 Mar 2025 20:54:28 GMT
GET H2	200	json Show response trc.taboola.com/1104625/trc/3/	3 KB 2 KB	105ms 99ms	Script application/javascript	151.101.193.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://trc.taboola.com/1104625/trc/3/json?tim=1710764002230&data=%7B%22id%22%3A188%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1710764002213%2C%22cv%22%3A%2220240317-34-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bonus.ch%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-ducretbonusch%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1710764002228%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.bonus.ch%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1104625/tfa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 5e741359af7a9e0f2aab80ca9362b73604f4ddea41eaa2e065082a32dd0dfdd4 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-vcl-time-ms 92 date Mon, 18 Mar 2024 12:13:22 GMT content-encoding gzip via 1.1 varnish cpu 0.2128125 x-fastly-to-nlb-rtt 74877 x-cache MISS p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM" x-service-version v2 x-served-by cache-lga21978-LGA x-log-content-encoding gzip server nginx x-timer S1710764002.252074,VS0,VE92 vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true accept-ranges bytes x-cache-hits 0
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 206 B	43ms 29ms	XHR text/plain	2607:f8b0:4004:c1d::8b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1223128456&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bonus.ch%2F&ul=en-us&de=UTF-8&dt=Krankenkassenvergeich%2C%20Autoversicherung%20Schweiz%20und%20vieles%20mehr&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgAABAAAAAC~&jid=760485944&gjid=1084515565&cid=1723967549.1710764002&tid=UA-258530-1&_gid=506068193.1710764002&_slc=1&gtm=45He43d0n71TCNFFWv6845134za200&cg1=Accueil&cg2=Vide&gcd=13l3l3l3l1&dma=0&z=1528516695 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::8b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.bonus.ch/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:22 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.bonus.ch cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	2 B 149 B	43ms 30ms	XHR text/plain	2607:f8b0:4004:c19::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-258530-1&cid=1723967549.1710764002&jid=760485944&gjid=1084515565&_gid=506068193.1710764002&_u=YCDAgAABAAAAAG~&z=1179565143 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c19::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.bonus.ch/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Mon, 18 Mar 2024 12:13:22 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.bonus.ch cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	4046518.js Show response bat.bing.com/p/action/	0 118 B	37ms 28ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/4046518.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Mon, 18 Mar 2024 12:13:22 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: DB3E2E0833C4433E90D3A54E5F26D1FC Ref B: EWR30EDGE1110 Ref C: 2024-03-18T12:13:22Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 359 B	79ms 76ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=4046518&Ver=2&mid=88ec0b54-57e7-40cb-9d21-93bd1b1a292a&sid=ea022780e52011eea6f1e365b1d5431d&vid=ea027f40e52011eea5243f799b223a5d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Krankenkassenvergeich,%20Autoversicherung%20Schweiz%20und%20vieles%20mehr&kw=Krankenkasse,%20Krankenversicherung,%20Autoversicherung,%20Schweizer%20Versicherung,%20Vergleich,%20Preisvergleich&p=https%3A%2F%2Fwww.bonus.ch%2F&r=&lt=1500&evt=pageLoad&sv=1&rn=584428 Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Mon, 18 Mar 2024 12:13:22 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 0B957B550048440AA647BA1CB724CA19 Ref B: EWR30EDGE1110 Ref C: 2024-03-18T12:13:22Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/	437 KB 138 KB	18ms 14ms	Script text/javascript	2607:f8b0:4004:c1d::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1b02035774d9978a0656512051c97ec80f62a4da90137b41e4e998d5cbb7b957 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 19:15:49 GMT content-encoding br x-content-type-options nosniff age 61053 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 140761 x-xss-protection 0 server cafe etag 16686147382162094741 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 17 Mar 2025 19:15:49 GMT
GET H2	200	modules.a832f5d8f24964da1f4a.js Show response script.hotjar.com/	220 KB 55 KB	159ms 21ms	Script application/javascript	3.162.3.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.a832f5d8f24964da1f4a.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-688277.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.3.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-3-7.yul62.r.cloudfront.net Software / Resource Hash a25146c544ae821d97ac637e817dae3f4985b7e991d7354cf1d21561a8dfc630 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 17:22:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 4c6036e1a9755ebb992fa03bf694150e.cloudfront.net (CloudFront) x-amz-cf-pop YUL62-P2 age 240676 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55518 last-modified Fri, 15 Mar 2024 17:21:16 GMT etag "8bd905e445d19a6e7c5adc15919ba59b" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id JoAjGT4BJnHgbBrkg5AgVrgrt8YksmjHI8drklyRnbb7-PvxxZ_ZeQ==
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	76ms 24ms	Image image/gif	2607:f8b0:4004:c06::63 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-258530-1&cid=1723967549.1710764002&jid=760485944&_u=YCDAgAABAAAAAG~&z=1442960545 Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::63 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:22 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	64 KB 31 KB	135ms 120ms	Fetch text/plain	2607:f8b0:4004:c1d::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2171237421639881&correlator=2391327939516174&eid=31081518%2C95327886%2C31079525&output=ldjh&gdfp_req=1&vrg=202403140101&ptt=17&impl=fif&iu_parts=1026211%2CBonus_Assauto_Top_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C994x118%7C994x250%7C800x250%7C728x90&fluid=height&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710764002640&lmt=1710764002&adxs=15&adys=4&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bonus.ch%2F&vis=1&psz=994x4&msz=964x0&fws=0&ohw=0&ga_vid=1723967549.1710764002&ga_sid=1710764003&ga_hid=1223128456&ga_fc=true&dlt=1710764001105&idt=1454&cust_params=Langue%3DDE&adks=2411943002&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8543d860e57e8bbd2e53d70f63af0c67d802b23c004111cd88ef07a2d446b09b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:22 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31845 x-xss-protection 0 google-lineitem-id 6517356448 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138463107681 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.bonus.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	28 KB 12 KB	133ms 118ms	Fetch text/plain	2607:f8b0:4004:c1d::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2171237421639881&correlator=2391327939516174&eid=31081518%2C95327886%2C31079525&output=ldjh&gdfp_req=1&vrg=202403140101&ptt=17&impl=fif&iu_parts=1026211%2CBonus_Assauto_Middle_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710764002680&lmt=1710764002&adxs=908&adys=1045&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bonus.ch%2F&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=1723967549.1710764002&ga_sid=1710764003&ga_hid=1223128456&ga_fc=true&dlt=1710764001105&idt=1454&cust_params=Langue%3DDE&adks=1543845779&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dc1aa507b8bdbfa0bb174e10c38285c7c1abcaf6033d10d20efd15f043361207 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:22 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12032 x-xss-protection 0 google-lineitem-id 618344181 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 53200289181 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.bonus.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	37 KB 13 KB	89ms 75ms	Fetch text/plain	2607:f8b0:4004:c1d::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2171237421639881&correlator=2391327939516174&eid=31081518%2C95327886%2C31079525&output=ldjh&gdfp_req=1&vrg=202403140101&ptt=17&impl=fif&iu_parts=1026211%2CBonus_Assauto_InContentAds&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710764002705&lmt=1710764002&adxs=195&adys=1285&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bonus.ch%2F&vis=1&psz=880x0&msz=880x0&fws=0&ohw=0&ga_vid=1723967549.1710764002&ga_sid=1710764003&ga_hid=1223128456&ga_fc=true&dlt=1710764001105&idt=1454&cust_params=Langue%3DDE&adks=3221104565&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 40393bc63153c2c4b7d4159a0d0fae123f525fa45910bd934ab28b369e9ba6bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:22 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13767 x-xss-protection 0 google-lineitem-id 6558016798 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138465144461 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.bonus.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	64 KB 31 KB	151ms 138ms	Fetch text/plain	2607:f8b0:4004:c1d::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2171237421639881&correlator=2391327939516174&eid=31081518%2C95327886%2C31079525&output=ldjh&gdfp_req=1&vrg=202403140101&ptt=17&impl=fif&iu_parts=1026211%2CBonus_Assauto_Right_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x600%7C160x600%7C120x600&fluid=height&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710764002718&lmt=1710764002&adxs=1285&adys=89&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bonus.ch%2F&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&ga_vid=1723967549.1710764002&ga_sid=1710764003&ga_hid=1223128456&ga_fc=true&dlt=1710764001105&idt=1454&cust_params=Langue%3DDE&adks=563098138&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0096fff9b49f3ef86f11797ec6a478ee2b8eebf5820785672fa2f145152f62ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:22 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31264 x-xss-protection 0 google-lineitem-id 6517356445 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138463790218 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.bonus.ch cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FC5B	6 KB 3 KB	67ms 18ms	Document text/html	2607:f8b0:4004:c07::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bonus.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 18 Mar 2024 12:13:22 GMT expires Tue, 18 Mar 2025 12:13:22 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ www.google.com/pagead/1p-user-list/1070479089/	42 B 154 B	26ms 25ms	Image image/gif	2607:f8b0:4004:c06::63 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/1070479089/?random=1710764002171&cv=11&fst=1710763200000&bg=ffffff&guid=ON&async=1&gtm=45be43d0v893743328z86845134za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bonus.ch%2F&frm=0&tiba=Krankenkassenvergeich%2C%20Autoversicherung%20Schweiz%20und%20vieles%20mehr&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqoYU2j6xEP66dENYbnfL7LSXQD1nEeg&random=1587197665&rmt_tld=0&ipr=y Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::63 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:22 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	id Show response googleads.g.doubleclick.net/pagead/ Frame BF90	113 B 305 B	27ms 26ms	XHR application/json	2607:f8b0:4004:c07::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/d552837c/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8af626a5d05995e01ce24a98ad0b0c0562d8e463d62c03a01b0234df6a220c99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:22 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 133 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame BF90	29 B 495 B	335ms 289ms	Script text/javascript	2607:f8b0:4004:c17::94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/d552837c/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::94 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:02:20 GMT x-content-type-options nosniff age 662 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29 x-xss-protection 0 last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:17:20 GMT
OPTIONS H2	200	Create jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	555ms 18ms	Preflight text/html	2607:f8b0:4004:c17::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Mon, 18 Mar 2024 12:13:23 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H2	200	Create Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BF90	88 KB 41 KB	32ms 29ms	XHR application/json+protobuf	2607:f8b0:4004:c17::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f65f1b67f2b7f22f86cff238f7bb0bbe80ebeb8f53097f516e6e3be84a723ec7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/json+protobuf Response headers date Mon, 18 Mar 2024 12:13:23 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41923 x-xss-protection 0
GET H3	200	remote.js Show response www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/ Frame BF90	117 KB 33 KB	16ms 15ms	Script text/javascript	2607:f8b0:4004:c17::5d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::5d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9919caa425814c2d0dcc15e8287ddd1350f818e0b245652c18590ef79f7a0071 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/embed/AzaHzrXj2XE?rel=0&showinfo=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 11:25:25 GMT content-encoding br x-content-type-options nosniff age 2878 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33776 x-xss-protection 0 last-modified Wed, 13 Mar 2024 04:18:59 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Tue, 18 Mar 2025 11:25:25 GMT
GET H3	200	5OkHZN3F3io59sl2rCNWEM4LdayjIm6qhcWs5MZXw2M.js Show response www.google.com/js/th/ Frame BF90	51 KB 20 KB	20ms 19ms	Script text/javascript	2607:f8b0:4004:c06::63 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/5OkHZN3F3io59sl2rCNWEM4LdayjIm6qhcWs5MZXw2M.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c06::63 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e4e90764ddc5de2a39f6c976ac235610ce0b75aca3226eaa85c5ace4c657c363 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 16:28:05 GMT content-encoding br x-content-type-options nosniff age 330318 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20143 x-xss-protection 0 last-modified Mon, 04 Mar 2024 15:30:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 14 Mar 2025 16:28:05 GMT
GET H2	200	sddefault.webp i.ytimg.com/vi_webp/AzaHzrXj2XE/ Frame BF90	17 KB 17 KB	473ms 23ms	Image image/webp	2607:f8b0:4004:c06::77 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ytimg.com/vi_webp/AzaHzrXj2XE/sddefault.webp Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/AzaHzrXj2XE?rel=0&showinfo=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::77 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6622ce965d312d25ae9863049e3dab66c8772dc258af4e3f86a985520e2a1d4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:23 GMT x-content-type-options nosniff server sffe etag "1534865953" vary Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type image/webp cache-control public, max-age=7200 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16994 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Mon, 18 Mar 2024 14:13:23 GMT
GET DATA	200 OK	truncated / Frame BF90	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/png
GET H2	200	AIdro_k0t0STZAU7seLPzAOpT0S6UuIBbZJclaZG98A=s68-c-k-c0x00ffffff-no-rj yt3.ggpht.com/ytc/ Frame BF90	3 KB 4 KB	102ms 42ms	Image image/jpeg	2607:f8b0:4004:c07::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://yt3.ggpht.com/ytc/AIdro_k0t0STZAU7seLPzAOpT0S6UuIBbZJclaZG98A=s68-c-k-c0x00ffffff-no-rj Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/AzaHzrXj2XE?rel=0&showinfo=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash f3266a537bd72a238c0bf38ec72b5db11161074aa1669ee491e0531c0de3153c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:23 GMT x-content-type-options nosniff server fife etag "v29" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.jpg" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3280 x-xss-protection 0 expires Tue, 19 Mar 2024 12:13:23 GMT
GET H2	200	932000210233956 Show response connect.facebook.net/signals/config/	74 KB 15 KB	212ms 208ms	Script application/x-javascript	2a03:2880:f08e:219:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/932000210233956?v=2.9.150&r=stable&domain=www.bonus.ch&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f08e:219:face:b00c:0:3 Saint-Denis, France, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 1ce269fdfd2d1ddd5037ee673a7ab05ee8386fb8f35650dea1ee096b41d1eec4 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Mon, 18 Mar 2024 12:13:23 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality GOOD; q=0.7, rtt=85, rtx=2, c=64, mss=1326, tbw=62806, tp=-1, tpl=-1, uplat=125, ullat=0 pragma public x-fb-debug n5YiNDhXHZSnfuky1c186C+1LZxPF+B4rXsvlVfFnkuETBLmWMkDO+z/LCsc2LKzuxqSXiRtB42ZGTLqKnxVqw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	container.html Show response fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2760	6 KB 3 KB	22ms 18ms	Document text/html	2607:f8b0:4004:c07::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bonus.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 18 Mar 2024 12:13:23 GMT expires Tue, 18 Mar 2025 12:13:23 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 07DE	0 0	79ms 77ms	Fetch image/gif	2607:f8b0:4004:c1d::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgJwDZOll5Cs6MtATOxq_hJK1R3ZYZeRwA0E3bZ5lz9CplVnCKUcA5DvFOIV2JllqaGf2Rc-Chn86nYL0HTISG0T_tD96WVs3IaGZx1bflolLqYLe8fK9hjZNzo5-AciRIT8RKHayeVg8YU1EiNbFobrNX-4pLqG_NgfYMHJJ3tMAFBMlshOtGoL5jTNwDP2Pq-WSFoFhWQ3KPAVCeI-8NhoN00OofvCIskgWqegxFQiRZXbyQOb1c4GAbuRhV1qCag3pBS7nVoFjW2OSN0LJKMVvvU6R6hM6xJi2CGg78Zsmw7vZD_h45WnmmyB6W3r6IjAYC7MlhLBfic_l2s4w7zlad6OmstVVN_dRawYjGR-k&sai=AMfl-YSiTRPiB4twrYG6LfQrH0U0SGiN55MlWV7ZJvoQ2hVBMDCKRCVkdQ7jm9s7RxCQGYfFKSLUwHoJDm0QSGBCEoHuyYfFsqOa7MZigBUs19nXZgo6ZFhc5gkeLHGAOA&sig=Cg0ArKJSzPafftT9JEgzEAE&uach_m=%5BUACH%5D&urlfix=1&adurl= Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:23 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 07DE	145 KB 50 KB	126ms 89ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9b89ed457311724feae36f0dde514eabb4fdbb1408bfe57af770b57fa704932f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:23 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50761 x-xss-protection 0 server cafe etag 4137003180398002512 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Mon, 18 Mar 2024 12:13:23 GMT
GET H2	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 07DE	208 KB 63 KB	53ms 17ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 11:13:42 GMT content-encoding br x-content-type-options nosniff age 3581 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64315 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 18 Mar 2024 12:13:42 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 2F87	0 0	148ms 61ms	Fetch image/gif	172.253.122.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss1OwABZ-JDKHM2L7R8VzQlGVk0NKB6WFT1ICtJr6oxKungdYz3ZNvsQiv4yRO9kKNGyooT-SpMjGNjvnaSnGVU9TOzsV2QSmKMLm8RzGCA2h_6nZ4Pku_NET5beHfLADKac1klaAsz6IrF0vhayghAd6uX2SjxBf0dm-Ub3va_XCe3MzOFdDTqSaA9569BW7UDwws8o6wUl8GKNj1i2QLcmmzRdbmtkgBtDvoPlJEQMWPCPQHfHohBjo0LyJ_YZ4t5P26eaMxVEU--RRvkFJB9Qprf5vUEX9w0tsgSitn6-2trnozFCFo3zurs9FN9byfJ1fhfb5Dg-ESQKAfhWCsDrwLh0IQewnPKDelVPq67W91NlYxfT7_cvpDZ25wGmOiA_-diFCJDma_zIjpz1lmVYT5eK9Y_cja9f1egl6JhXAwqyNKIhl-FBb5SFe3TB93VhG4sr6JqvQypv8qV8qeawXgBFTNMx8m-JUgQ7amvPEWSrA&sai=AMfl-YRPGKjvFVMrzVG_F7s-MQE_t3Ioohf5B1Z3IWEOl6r9KFzt-WtFg0Y6I0a7GEKLRXsTTJLIsY4b566IrulAfyH4FoHqi25pGdkRjIzMlZrp2Dky_O1XT57Sle4JNw&sig=Cg0ArKJSzAh3q1cRkuCOEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl= Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:23 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 18 Mar 2024 12:13:23 GMT
GET H2	200	html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 2F87	172 KB 61 KB	99ms 17ms	Script text/javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bonus.ch/ Origin https://www.bonus.ch accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 22:00:12 GMT content-encoding gzip x-content-type-options nosniff age 51191 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61485 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:43:57 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 22:00:12 GMT
GET H2	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 2F87	41 KB 14 KB	99ms 17ms	Script text/javascript	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:46:52 GMT content-encoding br x-content-type-options nosniff age 422791 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 13 Mar 2025 14:46:52 GMT
GET H2	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2F87	208 KB 63 KB	19ms 17ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 11:13:42 GMT content-encoding br x-content-type-options nosniff age 3581 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64315 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 18 Mar 2024 12:13:42 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame BCC2	0 0	119ms 80ms	Fetch image/gif	172.253.122.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvX9i-88CpF6gUQQgMSjvGzxaarnWQGVjAw-9l7XWzeA1HGRK3J0W-Z4AI30AZ5U7wHWjIwGMLML4uSGHpf_dW5JYIbMF9ZH6px6U2Wgy3Fl2ni434M1agOahO5s2XRBbniu0qutXwDbPg5qHcnmabTITYM3hJeGRwwj2RUVBB7Rd5xc7zvgxDC-Yt_FtwFrXmsB9HDrxUL4xfS2JO5eipW7jhwb1_FY7u3tYfI4XX9tttKBZC55P3lhmpOwIVW5_d_DJlc-scvSjv2MUO0TNQIZ4KeBFweS2Jpa4luiR8WbQs8S17b0Un-oOfroqvFyB95DXTdsjX3bexD8OZuQLSwRsOF9n_nWB4QOLribyJ5nCkWzqLRRPcZSZm8dOguh79Lb9CR28U8PbBC9JciYz_0Ob41t6u1LsqFEzLd-QRKBvppUnsxlvy7MEpT9bf-UlAO7rsv_CNwhH7CLHRwOqwQMjh9bk5_U2dL55JXXBKVe51WRJhPog&sai=AMfl-YTgrcSuOAKn9KHxF2oifyqPFZpJIGG5kgOfS8Vyn6yZh1F1KF8crz3VlTyGYawW3MvQhVAYNfUw6KiRqvqfRlQWDT750LJXHzll0gdSuRdWy41ehfJ_xXsRsdFzSQ&sig=Cg0ArKJSzHIPf55nonREEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl= Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:23 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 18 Mar 2024 12:13:23 GMT
GET H2	200	html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame BCC2	172 KB 60 KB	78ms 40ms	Script text/javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bonus.ch/ Origin https://www.bonus.ch accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 22:00:12 GMT content-encoding gzip x-content-type-options nosniff age 51191 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61485 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:43:57 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 22:00:12 GMT
GET H2	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame BCC2	41 KB 14 KB	56ms 17ms	Script text/javascript	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:46:52 GMT content-encoding br x-content-type-options nosniff age 422791 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 13 Mar 2025 14:46:52 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BCC2	208 KB 63 KB	35ms 18ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 11:13:42 GMT content-encoding br x-content-type-options nosniff age 3581 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64315 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 18 Mar 2024 12:13:42 GMT
OPTIONS H3	200	GenerateIT jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame	0 0	18ms 17ms	Preflight text/html	2607:f8b0:4004:c17::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers content-type,x-goog-api-key,x-user-agent Access-Control-Request-Method POST Origin https://www.youtube.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type,x-goog-api-key,x-user-agent access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://www.youtube.com access-control-max-age 3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Mon, 18 Mar 2024 12:13:24 GMT server ESF vary origin referer x-origin x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	GenerateIT Show response jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame BF90	90 B 134 B	48ms 47ms	XHR application/json+protobuf	2607:f8b0:4004:c17::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/base.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash dc95ce5b9d150d0b6ad82733780df4180c2a5287478fd49b13559998eef072c9 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers X-User-Agent grpc-web-javascript/0.1 Referer https://www.youtube.com/ X-Goog-Api-Key AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type application/json+protobuf Response headers date Mon, 18 Mar 2024 12:13:24 GMT content-encoding gzip x-content-type-options nosniff server ESF vary Origin, X-Origin, Referer x-frame-options SAMEORIGIN content-type application/json+protobuf; charset=UTF-8 access-control-allow-origin https://www.youtube.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 110 x-xss-protection 0
GET H2	204	unip Show response trc-events.taboola.com/1104625/log/3/	0 245 B	69ms 7ms	XHR text/plain	141.226.224.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1104625/log/3/unip?en=pre_d_eng_tb&tos=1920&scd=0&ssd=1&est=1710764002226&ver=36&isls=true&src=i&invt=1500&msa=4620&rv=1&tim=1710764004146&vi=1710764002213&ri=d8ca30e780fbd29e26201844447d4ffe&ref=null&cv=20240317-34-RELEASE&item-url=https%3A%2F%2Fwww.bonus.ch%2F Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1104625/tfa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-origin https://www.bonus.ch pragma no-cache date Mon, 18 Mar 2024 12:13:24 GMT cache-control no-cache access-control-allow-credentials true server nginx p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2760	24 KB 7 KB	52ms 17ms	Script text/javascript	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js Requested by Host: fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com URL: https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Tue, 12 Mar 2024 15:59:38 GMT content-encoding br x-content-type-options nosniff age 504826 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6402 x-xss-protection 0 last-modified Thu, 03 Nov 2022 19:10:08 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 12 Mar 2025 15:59:38 GMT
GET H2	200	css fonts.googleapis.com/ Frame 2760	12 KB 1 KB	118ms 33ms	Stylesheet text/css	2607:f8b0:4004:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Roboto:300,400,700&lang=en Requested by Host: fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com URL: https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 8b7988624087fae8feeec510e86914343a835cf7c27137697b3c92c2bf44f444 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 18 Mar 2024 12:13:24 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 18 Mar 2024 12:13:24 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 18 Mar 2024 12:13:24 GMT
GET H2	200	B31575870.388435963;dc_pre=COKclMbk_YQDFVEciAkdZqkMrw;dc_trk_aid=579720090;dc_trk_cid=210192853;ord=988881740;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1 ad.doubleclick.net/ddm/trackimp/N1484119.291376BONUS.CH/ Frame 2760 Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N1484119.291376BONUS.CH/B31575870.388435963;dc_trk_aid=579720090;dc_trk_cid=210192853;ord=988881740;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;... https://ad.doubleclick.net/ddm/trackimp/N1484119.291376BONUS.CH/B31575870.388435963;dc_pre=COKclMbk_YQDFVEciAkdZqkMrw;dc_trk_aid=579720090;dc_trk_cid=210192853;ord=988881740;dc_lat=;dc_rdid=;tag_fo...	42 B 338 B	41ms 38ms	Image image/gif	172.253.115.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/trackimp/N1484119.291376BONUS.CH/B31575870.388435963;dc_pre=COKclMbk_YQDFVEciAkdZqkMrw;dc_trk_aid=579720090;dc_trk_cid=210192853;ord=988881740;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1? Requested by Host: fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com URL: https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Server 172.253.115.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f149.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:24 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 18 Mar 2024 12:13:24 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ad.doubleclick.net/ddm/trackimp/N1484119.291376BONUS.CH/B31575870.388435963;dc_pre=COKclMbk_YQDFVEciAkdZqkMrw;dc_trk_aid=579720090;dc_trk_cid=210192853;ord=988881740;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=;dc_tdv=1? content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	8736047054026298641 tpc.googlesyndication.com/simgad/ Frame 2760	166 KB 167 KB	69ms 40ms	Image image/jpeg	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8736047054026298641? Requested by Host: fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com URL: https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 33fcbce0ef182bab7b8dccc2000a42eaf9a92c644bc463c30f05dc00b80e53a0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers allow-fenced-frame-automatic-beacons true date Mon, 18 Mar 2024 12:13:24 GMT x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170327 x-xss-protection 0 last-modified Tue, 20 Feb 2024 11:53:00 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 18 Mar 2025 12:13:24 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2760	208 KB 63 KB	49ms 23ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com URL: https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 11:13:42 GMT content-encoding br x-content-type-options nosniff age 3582 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64315 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 18 Mar 2024 12:13:42 GMT
GET H2	200	/ www.facebook.com/tr/	0 269 B	278ms 84ms	Image text/plain	2a03:2880:f17b:283:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=932000210233956&ev=PageView&dl=https%3A%2F%2Fwww.bonus.ch&rl=&if=false&ts=1710764004260&sw=1600&sh=1200&v=2.9.150&r=stable&a=tmgoogletagmanager&ec=0&o=4124&fbp=fb.1.1710764004246.1930021488&pm=1&hrl=003d22&ler=empty&cdl=API_unavailable&it=1710764003611&coo=false&cs_cc=1&cas=2457428504290420%2C2161484043875248%2C1971640789558751%2C2425802120770151%2C2193237394081946&rqm=GET Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f17b:283:face:b00c:0:25de Saint-Denis, France, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers x-fb-connection-quality GOOD; q=0.7, rtt=84, rtx=0, c=10, mss=1326, tbw=2807, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Mon, 18 Mar 2024 12:13:24 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/13405564039765950464/ Frame 1139	13 KB 3 KB	62ms 28ms	Document text/html	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 171240ee2d05cc3c067df58aecd79561b48bc84b42f2aace352fd3b25b3ab7f3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bonus.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * allow-fenced-frame-automatic-beacons true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 2816 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Mon, 18 Mar 2024 12:13:24 GMT expires Tue, 18 Mar 2025 12:13:24 GMT last-modified Wed, 30 Aug 2023 15:06:47 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/ Frame 07DE	405 KB 138 KB	113ms 109ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 243c847c084bce46b9a57f7dd2740d8e47aa1fc8c315a229b1af460a5f02af61 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:24 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 140956 x-xss-protection 0 server cafe etag 6335361544552648447 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Mon, 18 Mar 2024 12:13:24 GMT
GET DATA	200 OK	truncated / Frame 07DE	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fe6311c102f0d9d5abfa1d207d4dc8a3c7095486262e972c24ac212f388cf7ef Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 2F87	0 0	104ms 75ms	Fetch image/gif	2607:f8b0:4004:c1d::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-Nac7Bp5Ujs5ocOl6ESyVE0k9zLT5x4bQWS3xsJKAnRPfl4isPtYT90LB70pZDNP-WkFv7NuuMMgECRTxB_pR1O9xYuF1rAMLeYXNaU-sZ7nOUXrDfc9a8i0Uth_cd9V0MsIbzl8zJ7sn8QqIWk8Q9WHG_v8z4ygephDRMwllAupgFfmeIvZstJdnPPZV9z8y4etQ8H0kOmeutpIVgmzTPmO-M_nb59fhJ4qKSOEHCYEYBf9E_3htKAmGXCttmc7IqTb43LCpXyXWgK6IL5mLvvggYEpG8WR2F5hT3DD4qLICNEbLeZnh2488VGhEprh3CEZYdwJzIyF9xT8ugOg2rZ5e6rchrSBeUsmEElvVIA&sai=AMfl-YSYPQApx1PTXBF7PLjm4gwhHrT5j0Tkw-8QFZK5kwxqX5q1VBX4xk4kmQo6Z2rVprLs2Qk51j2K9qUVLkAMrcyOBMsIWKebUMila74Xy4UaXdfdOo2kwQ-Wl4Ih9Q&sig=Cg0ArKJSzN7aUV_67KdvEAE&uach_m=%5BUACH%5D&urlfix=1&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:24 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 18 Mar 2024 12:13:24 GMT
GET DATA	200 OK	truncated / Frame 2F87	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1e6182a29e968d520b54a499421131be67ab8a92e9e041cb64f8b9ee00ec98f3 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame BCC2	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4c2572a636586b0058c17556df736a30fb434afbf4e26421603b262f4301b8a4 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/png
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 51AF	38 KB 13 KB	19ms 18ms	Document text/html	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bonus.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 509791 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 12 Mar 2024 14:36:53 GMT expires Wed, 12 Mar 2025 14:36:53 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 6A52	38 KB 13 KB	27ms 19ms	Document text/html	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bonus.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 509791 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 12 Mar 2024 14:36:53 GMT expires Wed, 12 Mar 2025 14:36:53 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame BF90	4 KB 2 KB	63ms 19ms	Script text/javascript	2607:f8b0:4004:c06::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/d552837c/player_ias.vflset/en_US/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:24 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2007 x-xss-protection 0 last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview" vary Accept-Encoding report-to {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 18 Mar 2024 12:13:24 GMT
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/14044758527503761408/ Frame 51A4	52 KB 15 KB	45ms 41ms	Document text/html	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0277c8a4d237b43232ee16d5e37c5f2c341214e1a553b56d3a6b6c8f94fce179 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bonus.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * allow-fenced-frame-automatic-beacons true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Mon, 18 Mar 2024 12:13:24 GMT expires Tue, 18 Mar 2025 12:13:24 GMT last-modified Wed, 30 Aug 2023 15:01:55 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H3	200	style.css s0.2mdn.net/sadbundle/13405564039765950464/ Frame 1139	7 KB 2 KB	48ms 42ms	Stylesheet text/css	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/13405564039765950464/style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 855fae7a4ba5d30597dc1d84dcc644514c93f06c1eb9e00364c0a8ef9e694013 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers allow-fenced-frame-automatic-beacons true date Mon, 18 Mar 2024 12:13:24 GMT content-encoding gzip x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1675 x-xss-protection 0 last-modified Wed, 30 Aug 2023 15:06:47 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 18 Mar 2025 12:13:24 GMT
GET H3	200	MuseoSans_300-webfont.woff s0.2mdn.net/creatives/assets/4466103/ Frame 1139	22 KB 22 KB	66ms 58ms	Font font/woff	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4466103/MuseoSans_300-webfont.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 602a48d8418dc75bc51795b3f33e2e49ee38d40c4a658723b0878f1c64a68265 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 Origin https://s0.2mdn.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:24 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22016 x-xss-protection 0 last-modified Thu, 17 Feb 2022 13:01:08 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:28:24 GMT
GET H3	200	MuseoSans_100-webfont.woff s0.2mdn.net/creatives/assets/4466103/ Frame 1139	21 KB 21 KB	155ms 148ms	Font font/woff	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4466103/MuseoSans_100-webfont.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4da56999476a0550c62f0a269cda43474aaa0f7ba5c461cee58ac2af893bab90 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 Origin https://s0.2mdn.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:24 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21880 x-xss-protection 0 last-modified Thu, 17 Feb 2022 13:00:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:28:24 GMT
GET H3	200	MuseoSans_700-webfont.woff s0.2mdn.net/creatives/assets/4466103/ Frame 1139	22 KB 22 KB	445ms 438ms	Font font/woff	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4466103/MuseoSans_700-webfont.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7ccc354572f46ed4b26ffec17c24264cce720c1ebab7693af8e88032e46b6544 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 Origin https://s0.2mdn.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22640 x-xss-protection 0 last-modified Thu, 17 Feb 2022 13:03:43 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:28:25 GMT
GET H3	200	Enabler_01_250.js Show response s0.2mdn.net/879366/ Frame 1139	120 KB 41 KB	19ms 16ms	Script text/javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_250.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 22:11:48 GMT content-encoding gzip x-content-type-options nosniff age 50496 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42247 x-xss-protection 0 last-modified Tue, 14 Mar 2023 21:28:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 22:11:48 GMT
GET H3	200	gsap_3.11.5_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 1139	70 KB 27 KB	43ms 40ms	Script text/javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.5_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:24 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27946 x-xss-protection 0 last-modified Fri, 12 May 2023 16:06:19 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:13:24 GMT
GET H3	200	SplitText.min.js Show response s0.2mdn.net/creatives/assets/4895796/ Frame 1139	15 KB 5 KB	56ms 53ms	Script text/javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4895796/SplitText.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc1627bb5a3f6f3c3cf51ab01bc67a74a851bd203c51fa9210fe41ab096f56ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:24 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5285 x-xss-protection 0 last-modified Mon, 22 May 2023 12:46:32 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:28:24 GMT
GET H3	200	script.js Show response s0.2mdn.net/sadbundle/13405564039765950464/ Frame 1139	13 KB 3 KB	51ms 48ms	Script application/x-javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/13405564039765950464/script.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 006ce49c5d324789d6cd1158f1fbf0b96a7ce015831dc29d0414703155bbba29 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers allow-fenced-frame-automatic-beacons true date Mon, 18 Mar 2024 12:13:24 GMT content-encoding gzip x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3443 x-xss-protection 0 last-modified Wed, 30 Aug 2023 15:06:47 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 18 Mar 2025 12:13:24 GMT
GET H3	204	generate_204 www.youtube.com/ Frame BF90	0 10 B	15ms 14ms	Image text/plain	2607:f8b0:4004:c17::5d GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?fH2gJw Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::5d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/embed/AzaHzrXj2XE?rel=0&amp;showinfo=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:24 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	style.css s0.2mdn.net/sadbundle/14044758527503761408/ Frame 51A4	7 KB 2 KB	56ms 55ms	Stylesheet text/css	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/14044758527503761408/style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d1807a8cf999b5c42fe16e86ab5486bc5d33a82dee5a63d627d6757dfe7df673 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers allow-fenced-frame-automatic-beacons true date Mon, 18 Mar 2024 12:13:24 GMT content-encoding gzip x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1677 x-xss-protection 0 last-modified Wed, 30 Aug 2023 15:01:55 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 18 Mar 2025 12:13:24 GMT
GET H3	200	MuseoSans_300-webfont.woff s0.2mdn.net/creatives/assets/4466103/ Frame 51A4	22 KB 22 KB	22ms 20ms	Font font/woff	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4466103/MuseoSans_300-webfont.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 602a48d8418dc75bc51795b3f33e2e49ee38d40c4a658723b0878f1c64a68265 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 Origin https://s0.2mdn.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:24 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22016 x-xss-protection 0 last-modified Thu, 17 Feb 2022 13:01:08 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:28:24 GMT
GET H3	200	MuseoSans_100-webfont.woff s0.2mdn.net/creatives/assets/4466103/ Frame 51A4	21 KB 21 KB	23ms 21ms	Font font/woff	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4466103/MuseoSans_100-webfont.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4da56999476a0550c62f0a269cda43474aaa0f7ba5c461cee58ac2af893bab90 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 Origin https://s0.2mdn.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:24 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21880 x-xss-protection 0 last-modified Thu, 17 Feb 2022 13:00:16 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:28:24 GMT
GET H3	200	MuseoSans_700-webfont.woff s0.2mdn.net/creatives/assets/4466103/ Frame 51A4	22 KB 22 KB	304ms 302ms	Font font/woff	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4466103/MuseoSans_700-webfont.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7ccc354572f46ed4b26ffec17c24264cce720c1ebab7693af8e88032e46b6544 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 Origin https://s0.2mdn.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22640 x-xss-protection 0 last-modified Thu, 17 Feb 2022 13:03:43 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:28:25 GMT
GET H3	200	Enabler_01_250.js Show response s0.2mdn.net/879366/ Frame 51A4	120 KB 41 KB	17ms 16ms	Script text/javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_250.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 22:11:48 GMT content-encoding gzip x-content-type-options nosniff age 50496 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42247 x-xss-protection 0 last-modified Tue, 14 Mar 2023 21:28:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 22:11:48 GMT
GET H3	200	gsap_3.11.5_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 51A4	70 KB 27 KB	53ms 51ms	Script text/javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.5_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:24 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 27946 x-xss-protection 0 last-modified Fri, 12 May 2023 16:06:19 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:13:24 GMT
GET H3	200	SplitText.min.js Show response s0.2mdn.net/creatives/assets/4895796/ Frame 51A4	15 KB 5 KB	34ms 33ms	Script text/javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4895796/SplitText.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc1627bb5a3f6f3c3cf51ab01bc67a74a851bd203c51fa9210fe41ab096f56ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:24 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5285 x-xss-protection 0 last-modified Mon, 22 May 2023 12:46:32 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:28:24 GMT
GET H3	200	script.js Show response s0.2mdn.net/sadbundle/14044758527503761408/ Frame 51A4	14 KB 4 KB	54ms 52ms	Script application/x-javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/14044758527503761408/script.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5ac58fbf6e18daf28d623064865199e780912f4fe4d983b3a969938e1298d410 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers allow-fenced-frame-automatic-beacons true date Mon, 18 Mar 2024 12:13:24 GMT content-encoding gzip x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3589 x-xss-protection 0 last-modified Wed, 30 Aug 2023 15:01:55 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 18 Mar 2025 12:13:24 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 2760	0 0	75ms 74ms	Fetch image/gif	2607:f8b0:4004:c1d::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQsKb4pM1PS_T6b_SiPUnBHmz1NjmKoJP6GUOTObycLCKB0GZunB5O50c9gEPwWtCtiiB6RAy7tJCs_xo2z6UM0pdeV7QQx7XL0emz86Lh-ExB7Gtv7wlDzYcQA-BodSRC99JYqZUtkw2sAITFYBsh20W3WiYs4m5yNgS5OKBWLGQ4uexpdSOWzcqgjmgvWfrdzES-5kZ2zwAW-GYSwLDLhYWEj-jm1l7BGfpze5zL8iLpVc4W7ftie-hwOWM-gAmb0GZ49DfmizZcRS995-jshe9PNpg0dT0P5EcfQLbYcGy95PY6eqR6pAKXeU8HXqXzbmNsupV292bBGKKpn706JLNahYqwT54z0VAdSiVm2S5PEQ&sai=AMfl-YRHq98dgdy-luWyB2W3gkgNSFratTu-5VhIrvT-Bq1URKF6puypkVWKzmcBgn09o4WXhEFXUeI5dXViEW3z_GuPVsBiI6IdiZ9L4LhQzN3H69sZF4ih7_bg5lziklc&sig=Cg0ArKJSzJGSAauTRI4VEAE&uach_m=%5BUACH%5D&urlfix=1&adurl= Requested by Host: fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com URL: https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:24 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 2760	15 KB 15 KB	19ms 18ms	Font font/woff2	2607:f8b0:4004:c1d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Roboto:300,400,700&lang=en Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 06:53:24 GMT x-content-type-options nosniff age 451200 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 13 Mar 2025 06:53:24 GMT
GET H3	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 2760	15 KB 15 KB	19ms 16ms	Font font/woff2	2607:f8b0:4004:c1d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Roboto:300,400,700&lang=en Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 05:25:05 GMT x-content-type-options nosniff age 283699 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 15 Mar 2025 05:25:05 GMT
GET H3	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 2760	15 KB 16 KB	19ms 18ms	Font font/woff2	2607:f8b0:4004:c1d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Roboto:300,400,700&lang=en Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 06:52:14 GMT x-content-type-options nosniff age 451270 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 13 Mar 2025 06:52:14 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 2760	0 0	75ms 75ms	Fetch image/gif	2607:f8b0:4004:c1d::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskglTNpI_ssNP_k5von6wqcalqFVNI78jp2BVLiD3U9JbnGjQD_mMSI-5Vz9RHKn_9rUG9bkn6wfXvT_nFdPgV2tpCgmM04job9INocpaSCEak4IFgTWrOirQhtwx3hbRF_h0KyMzWI4O3fukcGfmzbsmHyrjsGDFrH8irJAl6tfWnpPFJ6JDBlW-KqtfiXNiEdtYR4mKJJm4HOdH7lFOD5kAMzw_9N8AoDSpaEq0edJbIStwV0mrz-iJB23x7ityVJQnzW4MUNMcpHhG3mpPqmFyFxubZP981Zq3LGi9zfyF5GvrUT9vThJQdCWclKwE89PB9HH5Bg-LcoMDNqqVqhBZN5q8i0vPJWa5mWrOSd26gL-nD&sai=AMfl-YTypRe5ve0LlmQAEZ2wKLLvoVgxM-4ICQvaCpqu9-8SnY6zGN-X8Olp8dG4M7e6b1nOysXTbY75xgppVkFlXEEBIHow45QPDn6FpxYhKyvvIl-e78_Lf1UdGF0Vxkg&sig=Cg0ArKJSzEO7_sci71B8EAE&uach_m=%5BUACH%5D&urlfix=1&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://fa09a44907a4eca31e0858737ed8e049.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:24 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 18 Mar 2024 12:13:24 GMT
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 9489	25 KB 12 KB	558ms 556ms	Document text/html	2607:f8b0:4004:c07::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1c83245fb5ea81de1384521fe9fdf5452a888e6c4b9a5e3abdfd1a8ad09e73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bonus.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 12086 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 18 Mar 2024 12:13:25 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	cast_sender.js Show response www.gstatic.com/eureka/clank/122/ Frame BF90	50 KB 15 KB	19ms 16ms	Script text/javascript	2607:f8b0:4004:c06::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/eureka/clank/122/cast_sender.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 16:04:39 GMT content-encoding gzip x-content-type-options nosniff age 72525 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14711 x-xss-protection 0 last-modified Mon, 15 Jan 2024 16:03:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="cloudview-release" vary Accept-Encoding report-to {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]} content-type text/javascript cache-control public, max-age=86400 accept-ranges bytes expires Mon, 18 Mar 2024 16:04:39 GMT
GET DATA	200 OK	truncated / Frame 2760	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67253b20add0c818bcceb704bae607b415efbadb4b428faf65960d2e837b6871 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/png
GET H3	200	d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js Show response pagead2.googlesyndication.com/bg/ Frame 51AF	52 KB 20 KB	17ms 15ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 777eae4b19c82fc95dc7c4c5c7dd5fcc7c18896981678969b8a889cde6fcd184 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 11:49:40 GMT content-encoding br x-content-type-options nosniff age 260624 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20181 x-xss-protection 0 last-modified Mon, 11 Mar 2024 13:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 15 Mar 2025 11:49:40 GMT
GET H3	200	d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js Show response pagead2.googlesyndication.com/bg/ Frame 6A52	52 KB 20 KB	16ms 16ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 777eae4b19c82fc95dc7c4c5c7dd5fcc7c18896981678969b8a889cde6fcd184 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 11:49:40 GMT content-encoding br x-content-type-options nosniff age 260624 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20181 x-xss-protection 0 last-modified Mon, 11 Mar 2024 13:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 15 Mar 2025 11:49:40 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 1139	8 KB 6 KB	104ms 76ms	XHR application/json	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_250.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 20611c245464ffa191983c0ad3269384f9b16bd7432a1ea072e4063fa3ca0719 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5855 x-xss-protection 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame BCC2	0 0	73ms 72ms	Fetch image/gif	2607:f8b0:4004:c1d::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRmXmttdIBNTuxhMtx_bKdwDJoZtm3yrTMS1t0gSMicNrZ_DOvLpFK9hASa1ZvrRicGV1pX_60o6bjXo_rrwdKPtJw_ey6o3pc2-_J-jW5FjVYeWm89n_NpVUGj6Mnkwc03W9wBhtGEBHE7KWrydJw9tVCaPo3ewa8n6861l9YXbH4dpUTeWJ1CNOL5KnpQzTNvqZLlvPPDb1I94IniP7vFXFhvQvyfaCiPNqUuiVq6tksBz0q5HhaKrDosPjvdQTvVbMjPWHAYoVpwwh7uNuNuqZvPfymUoi-52aPggwl_SQ4_dTqmL0B14to5Gcn9euD_pF5XiUharv3YaobTnAq88r1peJ1Pp5BNSH9f762OQ9gmA&sai=AMfl-YQeVk2rmebPP_rlKBlnum4yZ5wKB_lmHwCr2OkI7Zz3jrqamki2jWo1HbIcpn2kNsDnsaAC28dd8vwbA-s9AWZSRV1Mplo42X7ZoOXDLQzczucp0NYKPKbUtKbO7A&sig=Cg0ArKJSzCL88ijufp0sEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 18 Mar 2024 12:13:25 GMT
GET H3	200	MuseoSans_100-webfont.woff2 s0.2mdn.net/creatives/assets/4466103/ Frame 1139	17 KB 17 KB	15ms 14ms	Font font/woff2	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4466103/MuseoSans_100-webfont.woff2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13405564039765950464/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 80517662352655810cd94d92070d02d75b231c2159cb5b92e6c9b6ceb1bea2d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/13405564039765950464/style.css Origin https://s0.2mdn.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:11:22 GMT x-content-type-options nosniff age 123 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17148 x-xss-protection 0 last-modified Thu, 17 Feb 2022 13:00:19 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:26:22 GMT
GET H3	200	MuseoSans_700-webfont.woff2 s0.2mdn.net/creatives/assets/4466103/ Frame 1139	17 KB 17 KB	164ms 164ms	Font font/woff2	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4466103/MuseoSans_700-webfont.woff2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/13405564039765950464/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2408e86e87c5df52e8160530980e94acf40b083adb5f330abd9ad21b5b5f65e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/13405564039765950464/style.css Origin https://s0.2mdn.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17804 x-xss-protection 0 last-modified Thu, 17 Feb 2022 13:03:46 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:28:25 GMT
GET H3	200	bg_Einstein_994x250-1_sprite_loop.jpg_1695026509831_bg_Einstein_994x250-1_sprite_loop.jpg s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/ Frame 1139	621 KB 621 KB	183ms 182ms	Image image/jpeg	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/bg_Einstein_994x250-1_sprite_loop.jpg_1695026509831_bg_Einstein_994x250-1_sprite_loop.jpg Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2ca4809bb58dd7abc8fba1b8ec903491c7748a0d116d0cddbb6f7ab6659900eb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 636263 x-xss-protection 0 last-modified Mon, 18 Sep 2023 08:42:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Mar 2025 12:13:25 GMT
GET H3	200	bg_Einstein_994x250-2_sprite_loop.jpg_1695026509831_bg_Einstein_994x250-2_sprite_loop.jpg s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/ Frame 1139	618 KB 618 KB	182ms 181ms	Image image/jpeg	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/bg_Einstein_994x250-2_sprite_loop.jpg_1695026509831_bg_Einstein_994x250-2_sprite_loop.jpg Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d26889f45a3c1df4e7d092ff5411f4ec7b16021b7adacb5d4ab9f6bd61f1fe0d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 632505 x-xss-protection 0 last-modified Mon, 18 Sep 2023 08:41:58 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Mar 2025 12:13:25 GMT
GET H3	200	bg_Einstein_994x250-3_sprite_loop.jpg_1695026509831_bg_Einstein_994x250-3_sprite_loop.jpg s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/ Frame 1139	613 KB 614 KB	84ms 83ms	Image image/jpeg	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/bg_Einstein_994x250-3_sprite_loop.jpg_1695026509831_bg_Einstein_994x250-3_sprite_loop.jpg Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f124772de384bd55715433695e6d32bb6cfc834eca655d65267ae90fa39b24b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 628157 x-xss-protection 0 last-modified Mon, 18 Sep 2023 08:42:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Mar 2025 12:13:25 GMT
GET H3	200	blank.png_1695026509831_blank.png s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/ Frame 1139	95 B 119 B	18ms 17ms	Image image/png	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/blank.png_1695026509831_blank.png Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 x-xss-protection 0 last-modified Mon, 18 Sep 2023 08:41:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Mar 2025 12:13:25 GMT
GET H3	200	Most_Trusted_DE.png_1695026509831_Most_Trusted_DE.png s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/ Frame 1139	16 KB 16 KB	52ms 51ms	Image image/png	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/Most_Trusted_DE.png_1695026509831_Most_Trusted_DE.png Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fabc70c55f40ea2f77fccc894b1b347219b5a8b03d3c9a5d14f49872573d4488 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/13405564039765950464/index.html?e=69&leftOffset=0&topOffset=0&c=mxpTjaRwAr&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16628 x-xss-protection 0 last-modified Mon, 18 Sep 2023 08:42:20 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Mar 2025 12:13:25 GMT
GET H3	200	blank.png_1695026509831_blank.png s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/ Frame 51A4	95 B 119 B	18ms 18ms	Image image/png	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/blank.png_1695026509831_blank.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/14044758527503761408/script.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 x-xss-protection 0 last-modified Mon, 18 Sep 2023 08:41:57 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Mar 2025 12:13:25 GMT
GET H3	200	Most_Trusted_DE.png_1695026509831_Most_Trusted_DE.png s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/ Frame 51A4	16 KB 16 KB	21ms 20ms	Image image/png	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/Most_Trusted_DE.png_1695026509831_Most_Trusted_DE.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/14044758527503761408/script.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fabc70c55f40ea2f77fccc894b1b347219b5a8b03d3c9a5d14f49872573d4488 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16628 x-xss-protection 0 last-modified Mon, 18 Sep 2023 08:42:20 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Mar 2025 12:13:25 GMT
GET H3	200	MuseoSans_100-webfont.woff2 s0.2mdn.net/creatives/assets/4466103/ Frame 51A4	17 KB 17 KB	15ms 15ms	Font font/woff2	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4466103/MuseoSans_100-webfont.woff2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/14044758527503761408/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 80517662352655810cd94d92070d02d75b231c2159cb5b92e6c9b6ceb1bea2d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/14044758527503761408/style.css Origin https://s0.2mdn.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:11:22 GMT x-content-type-options nosniff age 123 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17148 x-xss-protection 0 last-modified Thu, 17 Feb 2022 13:00:19 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:26:22 GMT
GET H3	200	MuseoSans_700-webfont.woff2 s0.2mdn.net/creatives/assets/4466103/ Frame 51A4	17 KB 17 KB	119ms 118ms	Font font/woff2	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4466103/MuseoSans_700-webfont.woff2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/14044758527503761408/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2408e86e87c5df52e8160530980e94acf40b083adb5f330abd9ad21b5b5f65e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/sadbundle/14044758527503761408/style.css Origin https://s0.2mdn.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17804 x-xss-protection 0 last-modified Thu, 17 Feb 2022 13:03:46 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:28:25 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 51A4	7 KB 6 KB	74ms 74ms	XHR application/json	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_250.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dc5d98e601376f023b72229505cdbb3488883573b81355529162f1d591a2f791 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5745 x-xss-protection 0
GET H3	200	bg_Einstein_320x600-1_sprite_loop.jpg_1695026509831_bg_Einstein_320x600-1_sprite_loop.jpg s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/ Frame 51A4	563 KB 563 KB	140ms 139ms	Image image/jpeg	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/bg_Einstein_320x600-1_sprite_loop.jpg_1695026509831_bg_Einstein_320x600-1_sprite_loop.jpg Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b7042d554869ac729918fc667d8a79a53684547c49eb2c51fdb0b010b4a3a811 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 576429 x-xss-protection 0 last-modified Mon, 18 Sep 2023 08:42:11 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Mar 2025 12:13:25 GMT
GET H3	200	bg_Einstein_320x600-2_sprite_loop.jpg_1695026509831_bg_Einstein_320x600-2_sprite_loop.jpg s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/ Frame 51A4	550 KB 550 KB	114ms 114ms	Image image/jpeg	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/bg_Einstein_320x600-2_sprite_loop.jpg_1695026509831_bg_Einstein_320x600-2_sprite_loop.jpg Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 821aadaedc42306744dc630b6c31f8aca79b1bae9e48468d26ee76f1484e8457 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 563552 x-xss-protection 0 last-modified Mon, 18 Sep 2023 08:42:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Mar 2025 12:13:25 GMT
GET H3	200	bg_Einstein_320x600-3_sprite_loop.jpg_1695026509831_bg_Einstein_320x600-3_sprite_loop.jpg s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/ Frame 51A4	544 KB 544 KB	173ms 172ms	Image image/jpeg	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11111642/s0.2mdn.net/creatives/assets/4860974/bg_Einstein_320x600-3_sprite_loop.jpg_1695026509831_bg_Einstein_320x600-3_sprite_loop.jpg Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1d37eeb117fc0bd3ea7bdafb65a677dc4b07036c47c9c171b0eb13825693739c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/14044758527503761408/index.html?e=69&leftOffset=0&topOffset=0&c=KJUCRA7aox&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 557406 x-xss-protection 0 last-modified Mon, 18 Sep 2023 08:42:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Mar 2025 12:13:25 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 1139	17 KB 6 KB	33ms 33ms	Script text/javascript	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_250.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 18 Mar 2024 12:13:25 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 51A4	17 KB 6 KB	24ms 23ms	Script text/javascript	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_250.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 18 Mar 2024 12:13:25 GMT
GET H3	200	J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Show response pagead2.googlesyndication.com/bg/ Frame FD1D	40 KB 15 KB	18ms 17ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 02:45:35 GMT content-encoding br x-content-type-options nosniff age 34070 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15583 x-xss-protection 0 last-modified Mon, 11 Mar 2024 13:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Mar 2025 02:45:35 GMT
GET H3	200	J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Show response pagead2.googlesyndication.com/bg/ Frame 0E68	40 KB 15 KB	18ms 18ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 02:45:35 GMT content-encoding br x-content-type-options nosniff age 34070 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15583 x-xss-protection 0 last-modified Mon, 11 Mar 2024 13:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Mar 2025 02:45:35 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 6A52	0 20 B	74ms 74ms	Image image/gif	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bg1pa4i_4ZYyXL4XV0_wPifuv-AwAAAAAOAHgBAI&bg=!Pj2lPXLNAAb_2pXa39o7ADQBe5WfOCxSdHNVwj_34MHDggR5QLhJCfklKJxJp2yRmm79uH_A1gjJyBAEJZqCb2ENy1TQAgAAARlSAAAABWgBB5kC3vRIYKtU-gLkVthaA0YHtGKBRK7TUUyIa2w64_Fw9BgHNH82HKljS8iHH2j2c462AF9z2oFhyMm2DesJ_9mRmIC8OEIb7c4_gnWxmUdlo7jf90juJZi-kzxxv0Ayp8euqPVKDhCgIp-IJat-Bhvh1YffGF1uvNiPxwIPFtHGe9Law-I5ZZt_7-UE3BAU7kRNSH1aUaxh6F7K8PXzNT7Q0tAQg_YyYfnKDXozC_8MNTQ9zzhMeIQ47QkVHw9X7PVXRM16CrHrv3v9CnFPsFaO2ZGUjxm8tH3-3wlMs5Ez1kLkocuonEAPAxsgFAEtr3S0f_rTnUAFkVm9JfACjGWWFkax-1fS-33NgrPqGUkv8hbSEpP_vRXZynL-MVeelhermBk1XP_TwyS8e-ixbJXGnPYQ2jrbDqJBPlGgBjakndTD4NlkS5uRyyrblnVF3h-0s949V7coC1L2ic5Q5cVWCFclEyrQrQr41iu-8JsTZlgJjnDzDY70nLZ7WkmTXx5ZnOa-6eKEzUpC8iQ_tTKY7KvnaJVVDjbMrk8fgLZ-JM92JQdbbgZj9-7FrwhXz4DH80KVHQD3ozn8AC8aa9YF-hjYCQbzU3lMseHAQ1EfaRf5pnRmf-BBst530m0JpGBb-Zu89_vgkwtCLcRTpVnnIW2llU1H5RY1axBVxfbYFpLPdc7zpF4o768fd4g3WopzeXtgsFeT2PCQoqyvtsTiGTH0U8wClwbWikubBsE-aUkvJCizq8QrbcoNYBC5gdOo-dGK2698Pat5gqcQ8XCbMjohU0RIQzJSUzU-GGkO49X2ysSZht4_kVmiQ7a9p-dMW8WZiP48A70SeJmizIBAwDJ3ffjoUJBmnjAVMpTln7B8mZJXsb5ZyPUsaSpDxgEYx0jN9BbOifakAo5XGkzdrdyDnzKJegIraL_lAwVudrYLf8cm-FkRmrpVH3NcIOoFmbNMRtuSNDo0vncVN3MG Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 51AF	0 20 B	73ms 72ms	Image image/gif	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BRUVu4i_4ZcuUL6SPut0P-L60gAgAAAAAOAHgBAI&bg=!fn2lfTLNAAb_2pXa39o7ADQBe5WfOP3VTtq2GFOvtCY1IEAL2Luuj9iPKFl-rZCezrGrYUYJU0JS8xOfCInkOiX3_FW3AgAAAU9SAAAAA2gBB5kC2mP2SGOuz6SQGFlz6Ys70I6Dv-lXtktct3WkwqV-lilpXY5MtBEm6_jqaVlNmkHh_KrfpAjymSM8J1Ir103LR4Cqsh59P2NPkkM9-QjKT3hoSElsTELZy2cLlJC-00vUv7IFRU6QjqbE_5iaFZ24MrhUKxle1Z2tqyjuqIyuoVyPXPBXU_db1NxssqEUvgvDagzDMqDGV6GLVo1cXui3vA4KAB1EsaIDkVNIcPEl3uTdQ9njWAaBh3HyNCRr5grl7pVlCKUdmXWjvGhtFpnmSvhA9BrdzWHKFkcjmgx1OQmkUbkVxG1JILKukI3EAvANDMz1eBQnSV-dOrFwYM0GzvWMpnJU0ZJZpPCrhu8Xisy5zbi8YMF6WwLiphNj3HTcN01FgM1Refa1n_Dke_VNbRXeZ-I9Ei0fl1X0YFaBqaCMoNqFVwH3V6-VhBrBZeD-CqFncgLPpOWGVrPZlZcdyZfbfSgYsYpOBkCcPNBFTm4c7cIkt4Thr5kB0tNd9hvrgrTCpncihp4dcoTB7JFE6gd0dvyt1HmI8fFFZrLYtrUOobhOVzFsYF4oIFOsrhRQkd8QZvHxoIlZN0R3JeiMjAPageayKjZR6miw-DtWoxF0WOlJmYZnbForXiSdT53YNe0197uQjQjVBv6JysdcYuFdLSJvucATlosR5S3TQgGFBqcFcH6sL6SbxqSmJcj38wTvrgBSqfZVg5kZWa9XinHc_zXAIzKr3PDPhV9q7HgGNxs_DvqnbC-JcgmeU40u4URiyNudCoi8hWzG-HOeHVLie3e9zLEG1NecaUcmGxH8xF6sKgboPQcbgMkLb0cU0_PU7q_Ls1QhvxZOJ_5FgLrmHhIyLidZCtTRxp7SGWkYfxgvlEcNmZ2Q7h4u9fJpTAFgXF23vSUClHwEOeLo0HavLdlMyNCdobmuVpIM3INjdqrRnz_OdkGsoeUHByWmXOmuUy_2AZUQx4c Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 9489	42 B 63 B	74ms 73ms	Image image/gif	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BPMBKKCliByhB0k39UAz9d0bbYfWv55fEEC92wIJEvJjTco8xqt5X0sIpbsEpip7HyBTfooSyA3hPIdKSRGdT5M-SlzxYXtEieT8K9_48R5Odpav4 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 9489	94 KB 33 KB	85ms 84ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cdb7911dd984dc9b0840a0a94e711600b05dd72d612465fdb18ecfb67ea9e66c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33555 x-xss-protection 0 server cafe etag 7173713561822972903 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Mon, 18 Mar 2024 12:13:25 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 9489	3 KB 1 KB	16ms 15ms	Script text/javascript	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 18:03:09 GMT content-encoding br x-content-type-options nosniff age 65416 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 31 Mar 2024 18:03:09 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/ Frame 9489	20 KB 8 KB	16ms 15ms	Script text/javascript	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240313/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 18:03:09 GMT content-encoding br x-content-type-options nosniff age 65416 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8219 x-xss-protection 0 server cafe etag 17239101513064691842 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 31 Mar 2024 18:03:09 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 9489	0 0	27ms 27ms	Image text/html	2607:f8b0:4004:c06::63 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaT38oi0Vb0FOq9a1QWJBIeu7jA-KOesppMjvdXjEbJKOx4DD6NJ1bMpQlg_3Xs2q7F7ggbe-XCTp9kAR079DwyLG_Mn4g Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c06::63 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9489	208 KB 63 KB	15ms 14ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3edca7294f70460740b307b1b70e7356a6165cb7a76c774f65398d0d052ac8c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 11:13:42 GMT content-encoding br x-content-type-options nosniff age 3583 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64315 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 18 Mar 2024 12:13:42 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 5338	624 B 242 B	76ms 76ms	Document text/html	2607:f8b0:4004:c07::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfKHRCqmOjhBBjF15j0ATAB&v=APEucNU8i5XjVlKzuHVlONi4Sd3GTLMgz2XFuJ0BwcxjGKCn-x8bK-5vQhqT_bBt1PUWJWJbK-52RkDrFA-rCE2K277m82honQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 18 Mar 2024 12:13:25 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 2F87	42 B 64 B	71ms 71ms	Fetch image/gif	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRMCxM00cUnDqcByZhh19ao4_rfm5FppFJn4KYkowXVq5lur5HfDHNPBp2iPyQFWHpQY2ssWKEFT0IpC7QDl-cU1s0a7ZAnq6dZCtMsjES_dknShTAYco43LcO6CsOtKk_TgdCDkmUQGFchnGCUet6fI-meTkmrFIwY5DpNd45CZn6-DZMiLDdm7KY_zH0yQ_pL_v7Oy7qCAzyHGL7G9cR00Pt5TniIN4xAaA&sig=Cg0ArKJSzC-GGZkTPTErEAE&id=lidar2&mcvt=1013&p=4,15,122,1009&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20240313&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2411943002&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=669680400&rst=1710764003760&rpt=702&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	log_event Show response www.youtube.com/youtubei/v1/ Frame BF90	28 B 50 B	26ms 26ms	XHR application/json	2607:f8b0:4004:c17::5d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/d552837c/www-embed-player.vflset/www-embed-player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c17::5d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software scaffolding on HTTPServer2 / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 X-Goog-Request-Time 1710764005579 Content-Type application/json X-YouTube-Utc-Offset -600 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/AzaHzrXj2XE?rel=0&amp;showinfo=0 X-YouTube-Client-Version 1.20240312.01.00 X-YouTube-Time-Zone Pacific/Honolulu X-Goog-Visitor-Id CgtUTUZ3dnZCcmhyOCjh3-CvBjIKCgJVUxIEGgAgDQ%3D%3D X-YouTube-Ad-Signals dt=1710764002337&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C480%2C270&vis=1&wgl=true&ca_type=image&bid=ANyPxKppPbMGJfjebhzbEGKkcZz1lf0DZUYJIL_AtpOtY1FLpj5Jn3jtoxW6D1eSyuw4G994QAj2eknkiMGens8ooAJPj37ssA Response headers date Mon, 18 Mar 2024 12:13:25 GMT content-encoding br x-content-type-options nosniff server scaffolding on HTTPServer2 x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31 x-xss-protection 0
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 5338 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcEmD0N1UB5YFyei9mcGlk&google_cver=1	43 B 775 B	25ms 25ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcEmD0N1UB5YFyei9mcGlk&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfKHRCqmOjhBBjF15j0ATAB&v=APEucNU8i5XjVlKzuHVlONi4Sd3GTLMgz2XFuJ0BwcxjGKCn-x8bK-5vQhqT_bBt1PUWJWJbK-52RkDrFA-rCE2K277m82honQ Protocol H3 Server 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TNDweztAdx3Xzm3NR7Hr7PxJC36sq%2F%2BQXb58du8YZyBbqZUsS5ISzHyJc%2BNNjRy66H5u5By57wdHPgCbDl%2BoXULWxcE5RgHyyk3%2FOdtEkbbB8%2FhdvlsQMvcc6X%2FrcBRQgngALKcSbFSPrQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 866522fbaf0542ad-EWR alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcEmD0N1UB5YFyei9mcGlk&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 5338 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zfgv5dHM6GYAABtDAHiwoQAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcEmD0N1UB5YFyei9mcGlk&google_cver=1	43 B 735 B	23ms 23ms	Image image/gif	172.64.151.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcEmD0N1UB5YFyei9mcGlk&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfKHRCqmOjhBBjF15j0ATAB&v=APEucNU8i5XjVlKzuHVlONi4Sd3GTLMgz2XFuJ0BwcxjGKCn-x8bK-5vQhqT_bBt1PUWJWJbK-52RkDrFA-rCE2K277m82honQ Protocol H3 Server 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SdcGGp72Vqv2dVXrv4nNDzbW3rxnQKaJ8vADTbE5VMnr0mVLJyXF9bUB7m9%2BRags3Ztu%2BVr82MISV8ziZH%2FRKaLI1X2WQmSHtsv1myKLMYE08PGdBe8DMGcGgPMCLSKOjS%2FQ7MFMKXWgZA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 866522fbef4442ad-EWR alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKcEmD0N1UB5YFyei9mcGlk&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 5338 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEN-qvH2hnA0mnXzsCLsirk4&google_cver=1	43 B 1 KB	21ms 20ms	Image image/gif	68.67.161.182 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEN-qvH2hnA0mnXzsCLsirk4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfKHRCqmOjhBBjF15j0ATAB&v=APEucNU8i5XjVlKzuHVlONi4Sd3GTLMgz2XFuJ0BwcxjGKCn-x8bK-5vQhqT_bBt1PUWJWJbK-52RkDrFA-rCE2K277m82honQ Protocol H2 Server 68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT an-x-request-uuid 13f8ad5e-9c48-4dd6-ac57-918ef8962eb0 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 5.181.234.134; 5.181.234.134; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEN-qvH2hnA0mnXzsCLsirk4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 5338 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIxODcyNzkyOTM1NDA1NTIx	170 B 188 B	31ms 31ms	Image image/png	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIxODcyNzkyOTM1NDA1NTIx Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfKHRCqmOjhBBjF15j0ATAB&v=APEucNU8i5XjVlKzuHVlONi4Sd3GTLMgz2XFuJ0BwcxjGKCn-x8bK-5vQhqT_bBt1PUWJWJbK-52RkDrFA-rCE2K277m82honQ Protocol H3 Server 142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT an-x-request-uuid 4253ab87-4ed1-4e70-afdd-6ba422c5c814 server nginx/1.23.4 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTIxODcyNzkyOTM1NDA1NTIx x-proxy-origin 5.181.234.134; 5.181.234.134; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 9489	0 20 B	72ms 72ms	Ping image/gif	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3316502855756&version=m202402290101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 9489	0 20 B	70ms 70ms	Ping image/gif	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3316502855756&version=m202402290101&ct=76&x=1&cor=2838096041274420000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 9489	127 KB 43 KB	78ms 77ms	Script text/javascript	2607:f8b0:4004:c07::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqaUidFxKUfkjKbjDYJttXrCneFpnfnL0I8e7DvyKpuUAs0MkH6Mv3g7Mcw-HBiggampmvkntWP8onrXuamFPOG-2ghGI9Rt8IXVz8pnel5LHMYiC9wWUj2cTnptjqTB1DNcQ4PBVJgwAkY2trgydaJtgFA-zgrIs6WhcLzdD3cr4Qd6ya3pqR6PsaG3CoQ-YpZduNVAK7XYs5VoIdZs7sGjkowQ&dbm_d=AKAmf-D-H7I756zxhEmXNQI-DhTg3wnhAppTRyQlCVrW2BTJCsZm7xPMS7K7fd3r90B82uo89FL0m0LrtRK6Qf7j45fM0yTJhtfoxmbPkOkYJ-n1pFkcW_Xt50mxAIYRR5fKjiSd7EXEc5T4RikEOsW5LtZCREBuvs4gTuASljFT_wEOLDQKsij7EVu9QaVIctYmNO4WX79uN-Q7nXa9xgq569YgOFY8F6xdFMjemMif2M1KfW7nnATVh1Ph7wsER14K2yD0J9c3ewOM4OSazyzPCrGP_KRX3uozYBWFoF4qSwoTySnncrezJINnezPHujljJJYBItlCrF6gn-trcWrx1-xoXgm85SlO75L21cWcbxf-7wLBf66E8q2-oLtXu7GIJRsv8AZ2C_hi_3hCJRSSmqzENhKzQInejG8fK0Suhj9-qmH_BAwKygktZ1bQ2cqrGS3sGD81_r8T9ceZBoEJvXDBj91EmJSHipDWa3HVgvbWjAceMbs4Ir38BnEsBO8A9uYunpMWeExtnC1k-VgN8jyfr5q9kjtix4NvA3ruKp7cZfJust_Mv2wv1pduN6551lLmFWM9g74lrA42aMjJJhh7R1HHzTYAioNHsBN4WfLRKDiURJJFNK-AvkebUSOGaISb4KQlwqt4TT08b_wMh8JWn47uHlQC_2mPQC9clZZC2HWdFtcdAcImNbi4UVExXMaQNTyBuUHFBPH6EuR0E_LquhErXcXkypJRNsiXMQCwYxIGnl5JPFsuov0_gNTBZGY4kkNSOKUFxOVU0jW6c6CBrKUj74aSE05Ksugo64zzob53QyXjBIkrcDTspZ_8AWHS146CuWeeTNrfGSoUZMtbSd9E_a-I6zYqkG9ISQdTg3oDdfqcQ1Ye_aq0cd3_3xEODmWF_CuQmtZx4DQV-vtanQzYkMjBG7EHrBRjMzSPoPPDuZ7FkgntsJpLQoyUmQdfPku6vhAgvodKlZO2xIvmmbRloz_rMCjMr-EpDXHMrt8JfkE0QBTbRLJsNOZvg9xFvnZM3VjBgCggiCLl6Giqvx9f0PyeEsWBwOmCArgoiykk0BRUysQKjNZ3xHS49gaPVRGnT_RXV5FE3zjsBLReRORkKWrupgSbbpBmEX0By30oEIPuLMHgJhc8bnx4jmHqd2ZFP5BB8PuMmMGH7icPIQPb7VTEmUGMvoLgj95SBoz3qRFCq8BlNQLsNHGI79FxmpPdJoV99lFCfKtYpHqS4OgXfge3aYtk9g3KG-vvvp0KJPZr76vARTbKNzmIZLh8VJ3R7C8WY_AEcaMKddgKASOQr3yDutmZ4FEIRvSND2gTXVgG6fTBSAnil9c1lyJbNUi18DR9vhNnddp72O7SeNDJ4hX_DJd6lBmRME6CBGF-To0okGkrvA2wv5cTV_lyPTdpQgUpoHI2AA5CJpdKDSJatZBC9n5Skd-yakgS6HKUc_6xSpBladju1kv2ywUzd_2RP1Lb12uweoANepMIHM-88yW_B_3i9bsOUmyasciSMhSE1u852IVVQBf4E8c8CBr9mDtqSNoiUbA7UMVx6a0uytzauAKPCdQGgeza7UZZbQM0Cp26UmJKVFPUagQNvtscC4W5F87PXIh9JdiuuccuCfKaLua53WWQh0vbGjS52sqj62FdVVYpjQaemCyanh2F9IRmnv_Kqf61dR50ws5RNx-0ZgOb8W961iZtikOPvK1KXZ1FAh3x-IaSL9xYzfweImoEoZrYE-6MlUrAplg7rggmYzQlrzKIvCs_PsP8JwellF3FZFrTf3NJw272L3J09WI7P5PQMGs5eEgV0oQwPUnF74QUjBvwG-_GdN3lrMmV-2h3ld52wRlgXzGXRwbnJOi5Btz9JN7h9T5IEJeiSocn6VLnWqLNiJQaMbDJOifrPZ32xJh6ePZqtJNuMEAPcgyC18pfPNA_VW8vJlJ6GSenWuvr1L8a1Ov0YdGU-V-tnVw6nrlJ9U84OUSSzMMmoZHVeeY1B-_YvcAzUCYYVQigWl7GQKOjqW_OQj-0wu4CGLIsJ4zyfjTjIek_WPRneOr4WdA5tSeRTyK5h2vKUl_cp_Jbo-gZ7D-Dl8Az-QWrsF__KDiP-dOEjwas3j76_C-MUozWZWvJ6Z0F8LNQeFtGl_IoDJb8JPYtMefD_fI_vGlBeXswJfvx0OeTN4Y8MJ8SiUcpQ_K8U5iVjevIkl21Vcgs4aDhxOsv39um8vkls9FKmZu5Hn39novrfMU2dukkzHfj7ZuEL9B22wq6yDhB7rzdecVTzv8UDfDHZ6jL6WHslfIRJQqU5FnHdwBxuA5pY_I1WfXqItOr6Iy65drQDa5vamaeN4ntw3TYZLzzUZH65HhHep0bqHk8tarYG7D5jQ3Oa2VqIpeY_xSxNBhxAZvq7JycVnIBZy87a5RIYbHj5nanspo9Z1H2rvsyd_5xgC5zAcV4lQU2HiCBncx7RAwrV_h7a5uVNf5WQQgRORRfjfZZ0_n4eN_flQuCTKfRTi9bVgTW8-eF99QRa6Svk0ARhd2ZQGaygJ0OhODjW9nopPp07cajoBupQGEUnzdK4Prs8WcaA3gyUJW-b1Qegpo0WJme6pxUxJoD2bKgevrY1TaftE_tyZmAgDE4SngVTQIfWenxza0mjtp2h3aB5PszKre4KQFrS-6a7fOTcfI3GjglOX2jY16HPsAQMb5AybwueRw_sCBFfNkcUmQuB3A3tQXQSSQv3zzvmXHCqhjIlo85fvtcZ-wfatrIox7LEiwnEid8DhVsBSHxlTxroSeEP0TFUFPbWHVYMUFDgJ6Tmo_E3GH6ioUT30djV1LtgfBE6T84rVCeTUqovQxsg3UUm6z7YFAk3PuYQSpNjsxL_ry1QqdNjSht7RQABpiU1sk5dvQgcbTEf4sJsptNA2lxXZNBYqALJgvU7RYeXYgZYzGiF9tSRvF-JuL70sR_bxziT11oHs_-qC9pDs5R9o8yQ1clFYErKxQnzXuK6h-_h0dNXSMIGrT_3CYyey_1KU5CAiVjqwejdg5x9U_A_3Z70QQht0Z9yCYs8N_AGtazNGiqm2Z8hMaBzLdhEX2YYTRA00-LJkt8Q08X0X0LEuEuc7mZgLmWONoBWT5WptyS7Z739y9mHazI5VrwsihPbCp4nWNH6ZHC0DTKc8uBpsmIMdEmBHNn3PbfDZiCnrBFXmjIUIFrIorYUShz-85qCJDsLzACzv8-nMV3JhakdoXIPzyMUAUJNYBkb-6Ke7lY-0T798hvZQ5MUARLFaMUDghK_m2tDZY0nZZE9veP_4kJrsKqFph2kf_DS5C9xr3IsUt546fTVT3M4WzaDyDMw2nOL0LAhRUE0zjOvWpaIFxukvaLwLtmf4qZNlm-MYjfnLNa_3JMPpCqb6i9gCRREvzoKkT4vD68auzUE9MwfQpoULnAwPOFYF86UN6v2y0FwnbQ9sLLEbjLoAMBltjKqEYmwztVOlIbdDC7XuGxibKyUfbghoVHhX6W7_p8dZ10-CYHzkbjdCqTBciUzLfitSA1nxW06n4EUNJJ5ilLpqUuTHqi0vZt81hrWckLlU3Snz0YFqngJuABqIztNjNLUCx6V__5UA-c-02TGWNwdpQ-Q4sEvL1vJppNBTKB3TWNPBUS5Rb0d9XPhep2fB40keiql438LhRod7T2V_Y9E14XcRZgTB1IgAmSH8lPfXcEv6JxN69kCWTW9NmA_-3ZUpAaHtWgT5oCvFiBO2mnu4xJYSU_snk4hZNHu_Wt5Nkc54ysJw6f2t0HliLA&cid=CAQSOwB7FLtq9MVNT0b1ek6tWSMZ22xZk4-3VLLQo2jr2abX_RgbT9mGuZm4xtexYqM-OrYb4nxCfJh4nidSGAE&dv3_ver=m202402290101&rfl=https%3A%2F%2Fwww.bonus.ch&ds=l&xdt=1&iif=1&cor=2838096041274420000&adk=1761367584&idt=113&cac=0&dtd=37 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::9d Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 152cfdc1e8e9a7657ce1440a87941960826e95f48111221f23f8c44604d69717 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44411 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	skeleton.js Show response fw.adsafeprotected.com/rjss/st/1608565/73384177/ Frame 9489	271 KB 79 KB	83ms 18ms	Script application/javascript	35.169.239.163 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/st/1608565/73384177/skeleton.js?bundleId=${BUNDLE_ID}&bidurl=https://www.bonus.ch/ Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.169.239.163 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-169-239-163.compute-1.amazonaws.com Software / Resource Hash 2d824f28bb50e0c525f1d0de07d4d1fc576b2d801d0dbda9343b69e29415b231 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 9489	172 KB 60 KB	16ms 16ms	Script text/javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 22:00:12 GMT content-encoding gzip x-content-type-options nosniff age 51193 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61485 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:43:57 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 22:00:12 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/ Frame 9489	12 KB 4 KB	16ms 16ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqaUidFxKUfkjKbjDYJttXrCneFpnfnL0I8e7DvyKpuUAs0MkH6Mv3g7Mcw-HBiggampmvkntWP8onrXuamFPOG-2ghGI9Rt8IXVz8pnel5LHMYiC9wWUj2cTnptjqTB1DNcQ4PBVJgwAkY2trgydaJtgFA-zgrIs6WhcLzdD3cr4Qd6ya3pqR6PsaG3CoQ-YpZduNVAK7XYs5VoIdZs7sGjkowQ&dbm_d=AKAmf-D-H7I756zxhEmXNQI-DhTg3wnhAppTRyQlCVrW2BTJCsZm7xPMS7K7fd3r90B82uo89FL0m0LrtRK6Qf7j45fM0yTJhtfoxmbPkOkYJ-n1pFkcW_Xt50mxAIYRR5fKjiSd7EXEc5T4RikEOsW5LtZCREBuvs4gTuASljFT_wEOLDQKsij7EVu9QaVIctYmNO4WX79uN-Q7nXa9xgq569YgOFY8F6xdFMjemMif2M1KfW7nnATVh1Ph7wsER14K2yD0J9c3ewOM4OSazyzPCrGP_KRX3uozYBWFoF4qSwoTySnncrezJINnezPHujljJJYBItlCrF6gn-trcWrx1-xoXgm85SlO75L21cWcbxf-7wLBf66E8q2-oLtXu7GIJRsv8AZ2C_hi_3hCJRSSmqzENhKzQInejG8fK0Suhj9-qmH_BAwKygktZ1bQ2cqrGS3sGD81_r8T9ceZBoEJvXDBj91EmJSHipDWa3HVgvbWjAceMbs4Ir38BnEsBO8A9uYunpMWeExtnC1k-VgN8jyfr5q9kjtix4NvA3ruKp7cZfJust_Mv2wv1pduN6551lLmFWM9g74lrA42aMjJJhh7R1HHzTYAioNHsBN4WfLRKDiURJJFNK-AvkebUSOGaISb4KQlwqt4TT08b_wMh8JWn47uHlQC_2mPQC9clZZC2HWdFtcdAcImNbi4UVExXMaQNTyBuUHFBPH6EuR0E_LquhErXcXkypJRNsiXMQCwYxIGnl5JPFsuov0_gNTBZGY4kkNSOKUFxOVU0jW6c6CBrKUj74aSE05Ksugo64zzob53QyXjBIkrcDTspZ_8AWHS146CuWeeTNrfGSoUZMtbSd9E_a-I6zYqkG9ISQdTg3oDdfqcQ1Ye_aq0cd3_3xEODmWF_CuQmtZx4DQV-vtanQzYkMjBG7EHrBRjMzSPoPPDuZ7FkgntsJpLQoyUmQdfPku6vhAgvodKlZO2xIvmmbRloz_rMCjMr-EpDXHMrt8JfkE0QBTbRLJsNOZvg9xFvnZM3VjBgCggiCLl6Giqvx9f0PyeEsWBwOmCArgoiykk0BRUysQKjNZ3xHS49gaPVRGnT_RXV5FE3zjsBLReRORkKWrupgSbbpBmEX0By30oEIPuLMHgJhc8bnx4jmHqd2ZFP5BB8PuMmMGH7icPIQPb7VTEmUGMvoLgj95SBoz3qRFCq8BlNQLsNHGI79FxmpPdJoV99lFCfKtYpHqS4OgXfge3aYtk9g3KG-vvvp0KJPZr76vARTbKNzmIZLh8VJ3R7C8WY_AEcaMKddgKASOQr3yDutmZ4FEIRvSND2gTXVgG6fTBSAnil9c1lyJbNUi18DR9vhNnddp72O7SeNDJ4hX_DJd6lBmRME6CBGF-To0okGkrvA2wv5cTV_lyPTdpQgUpoHI2AA5CJpdKDSJatZBC9n5Skd-yakgS6HKUc_6xSpBladju1kv2ywUzd_2RP1Lb12uweoANepMIHM-88yW_B_3i9bsOUmyasciSMhSE1u852IVVQBf4E8c8CBr9mDtqSNoiUbA7UMVx6a0uytzauAKPCdQGgeza7UZZbQM0Cp26UmJKVFPUagQNvtscC4W5F87PXIh9JdiuuccuCfKaLua53WWQh0vbGjS52sqj62FdVVYpjQaemCyanh2F9IRmnv_Kqf61dR50ws5RNx-0ZgOb8W961iZtikOPvK1KXZ1FAh3x-IaSL9xYzfweImoEoZrYE-6MlUrAplg7rggmYzQlrzKIvCs_PsP8JwellF3FZFrTf3NJw272L3J09WI7P5PQMGs5eEgV0oQwPUnF74QUjBvwG-_GdN3lrMmV-2h3ld52wRlgXzGXRwbnJOi5Btz9JN7h9T5IEJeiSocn6VLnWqLNiJQaMbDJOifrPZ32xJh6ePZqtJNuMEAPcgyC18pfPNA_VW8vJlJ6GSenWuvr1L8a1Ov0YdGU-V-tnVw6nrlJ9U84OUSSzMMmoZHVeeY1B-_YvcAzUCYYVQigWl7GQKOjqW_OQj-0wu4CGLIsJ4zyfjTjIek_WPRneOr4WdA5tSeRTyK5h2vKUl_cp_Jbo-gZ7D-Dl8Az-QWrsF__KDiP-dOEjwas3j76_C-MUozWZWvJ6Z0F8LNQeFtGl_IoDJb8JPYtMefD_fI_vGlBeXswJfvx0OeTN4Y8MJ8SiUcpQ_K8U5iVjevIkl21Vcgs4aDhxOsv39um8vkls9FKmZu5Hn39novrfMU2dukkzHfj7ZuEL9B22wq6yDhB7rzdecVTzv8UDfDHZ6jL6WHslfIRJQqU5FnHdwBxuA5pY_I1WfXqItOr6Iy65drQDa5vamaeN4ntw3TYZLzzUZH65HhHep0bqHk8tarYG7D5jQ3Oa2VqIpeY_xSxNBhxAZvq7JycVnIBZy87a5RIYbHj5nanspo9Z1H2rvsyd_5xgC5zAcV4lQU2HiCBncx7RAwrV_h7a5uVNf5WQQgRORRfjfZZ0_n4eN_flQuCTKfRTi9bVgTW8-eF99QRa6Svk0ARhd2ZQGaygJ0OhODjW9nopPp07cajoBupQGEUnzdK4Prs8WcaA3gyUJW-b1Qegpo0WJme6pxUxJoD2bKgevrY1TaftE_tyZmAgDE4SngVTQIfWenxza0mjtp2h3aB5PszKre4KQFrS-6a7fOTcfI3GjglOX2jY16HPsAQMb5AybwueRw_sCBFfNkcUmQuB3A3tQXQSSQv3zzvmXHCqhjIlo85fvtcZ-wfatrIox7LEiwnEid8DhVsBSHxlTxroSeEP0TFUFPbWHVYMUFDgJ6Tmo_E3GH6ioUT30djV1LtgfBE6T84rVCeTUqovQxsg3UUm6z7YFAk3PuYQSpNjsxL_ry1QqdNjSht7RQABpiU1sk5dvQgcbTEf4sJsptNA2lxXZNBYqALJgvU7RYeXYgZYzGiF9tSRvF-JuL70sR_bxziT11oHs_-qC9pDs5R9o8yQ1clFYErKxQnzXuK6h-_h0dNXSMIGrT_3CYyey_1KU5CAiVjqwejdg5x9U_A_3Z70QQht0Z9yCYs8N_AGtazNGiqm2Z8hMaBzLdhEX2YYTRA00-LJkt8Q08X0X0LEuEuc7mZgLmWONoBWT5WptyS7Z739y9mHazI5VrwsihPbCp4nWNH6ZHC0DTKc8uBpsmIMdEmBHNn3PbfDZiCnrBFXmjIUIFrIorYUShz-85qCJDsLzACzv8-nMV3JhakdoXIPzyMUAUJNYBkb-6Ke7lY-0T798hvZQ5MUARLFaMUDghK_m2tDZY0nZZE9veP_4kJrsKqFph2kf_DS5C9xr3IsUt546fTVT3M4WzaDyDMw2nOL0LAhRUE0zjOvWpaIFxukvaLwLtmf4qZNlm-MYjfnLNa_3JMPpCqb6i9gCRREvzoKkT4vD68auzUE9MwfQpoULnAwPOFYF86UN6v2y0FwnbQ9sLLEbjLoAMBltjKqEYmwztVOlIbdDC7XuGxibKyUfbghoVHhX6W7_p8dZ10-CYHzkbjdCqTBciUzLfitSA1nxW06n4EUNJJ5ilLpqUuTHqi0vZt81hrWckLlU3Snz0YFqngJuABqIztNjNLUCx6V__5UA-c-02TGWNwdpQ-Q4sEvL1vJppNBTKB3TWNPBUS5Rb0d9XPhep2fB40keiql438LhRod7T2V_Y9E14XcRZgTB1IgAmSH8lPfXcEv6JxN69kCWTW9NmA_-3ZUpAaHtWgT5oCvFiBO2mnu4xJYSU_snk4hZNHu_Wt5Nkc54ysJw6f2t0HliLA&cid=CAQSOwB7FLtq9MVNT0b1ek6tWSMZ22xZk4-3VLLQo2jr2abX_RgbT9mGuZm4xtexYqM-OrYb4nxCfJh4nidSGAE&dv3_ver=m202402290101&rfl=https%3A%2F%2Fwww.bonus.ch&ds=l&xdt=1&iif=1&cor=2838096041274420000&adk=1761367584&idt=113&cac=0&dtd=37 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:02:39 GMT content-encoding br x-content-type-options nosniff age 646 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4383 x-xss-protection 0 server cafe etag 1583492410672046836 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 01 Apr 2024 12:02:39 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/ Frame 9489	30 KB 11 KB	15ms 14ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240313/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqaUidFxKUfkjKbjDYJttXrCneFpnfnL0I8e7DvyKpuUAs0MkH6Mv3g7Mcw-HBiggampmvkntWP8onrXuamFPOG-2ghGI9Rt8IXVz8pnel5LHMYiC9wWUj2cTnptjqTB1DNcQ4PBVJgwAkY2trgydaJtgFA-zgrIs6WhcLzdD3cr4Qd6ya3pqR6PsaG3CoQ-YpZduNVAK7XYs5VoIdZs7sGjkowQ&dbm_d=AKAmf-D-H7I756zxhEmXNQI-DhTg3wnhAppTRyQlCVrW2BTJCsZm7xPMS7K7fd3r90B82uo89FL0m0LrtRK6Qf7j45fM0yTJhtfoxmbPkOkYJ-n1pFkcW_Xt50mxAIYRR5fKjiSd7EXEc5T4RikEOsW5LtZCREBuvs4gTuASljFT_wEOLDQKsij7EVu9QaVIctYmNO4WX79uN-Q7nXa9xgq569YgOFY8F6xdFMjemMif2M1KfW7nnATVh1Ph7wsER14K2yD0J9c3ewOM4OSazyzPCrGP_KRX3uozYBWFoF4qSwoTySnncrezJINnezPHujljJJYBItlCrF6gn-trcWrx1-xoXgm85SlO75L21cWcbxf-7wLBf66E8q2-oLtXu7GIJRsv8AZ2C_hi_3hCJRSSmqzENhKzQInejG8fK0Suhj9-qmH_BAwKygktZ1bQ2cqrGS3sGD81_r8T9ceZBoEJvXDBj91EmJSHipDWa3HVgvbWjAceMbs4Ir38BnEsBO8A9uYunpMWeExtnC1k-VgN8jyfr5q9kjtix4NvA3ruKp7cZfJust_Mv2wv1pduN6551lLmFWM9g74lrA42aMjJJhh7R1HHzTYAioNHsBN4WfLRKDiURJJFNK-AvkebUSOGaISb4KQlwqt4TT08b_wMh8JWn47uHlQC_2mPQC9clZZC2HWdFtcdAcImNbi4UVExXMaQNTyBuUHFBPH6EuR0E_LquhErXcXkypJRNsiXMQCwYxIGnl5JPFsuov0_gNTBZGY4kkNSOKUFxOVU0jW6c6CBrKUj74aSE05Ksugo64zzob53QyXjBIkrcDTspZ_8AWHS146CuWeeTNrfGSoUZMtbSd9E_a-I6zYqkG9ISQdTg3oDdfqcQ1Ye_aq0cd3_3xEODmWF_CuQmtZx4DQV-vtanQzYkMjBG7EHrBRjMzSPoPPDuZ7FkgntsJpLQoyUmQdfPku6vhAgvodKlZO2xIvmmbRloz_rMCjMr-EpDXHMrt8JfkE0QBTbRLJsNOZvg9xFvnZM3VjBgCggiCLl6Giqvx9f0PyeEsWBwOmCArgoiykk0BRUysQKjNZ3xHS49gaPVRGnT_RXV5FE3zjsBLReRORkKWrupgSbbpBmEX0By30oEIPuLMHgJhc8bnx4jmHqd2ZFP5BB8PuMmMGH7icPIQPb7VTEmUGMvoLgj95SBoz3qRFCq8BlNQLsNHGI79FxmpPdJoV99lFCfKtYpHqS4OgXfge3aYtk9g3KG-vvvp0KJPZr76vARTbKNzmIZLh8VJ3R7C8WY_AEcaMKddgKASOQr3yDutmZ4FEIRvSND2gTXVgG6fTBSAnil9c1lyJbNUi18DR9vhNnddp72O7SeNDJ4hX_DJd6lBmRME6CBGF-To0okGkrvA2wv5cTV_lyPTdpQgUpoHI2AA5CJpdKDSJatZBC9n5Skd-yakgS6HKUc_6xSpBladju1kv2ywUzd_2RP1Lb12uweoANepMIHM-88yW_B_3i9bsOUmyasciSMhSE1u852IVVQBf4E8c8CBr9mDtqSNoiUbA7UMVx6a0uytzauAKPCdQGgeza7UZZbQM0Cp26UmJKVFPUagQNvtscC4W5F87PXIh9JdiuuccuCfKaLua53WWQh0vbGjS52sqj62FdVVYpjQaemCyanh2F9IRmnv_Kqf61dR50ws5RNx-0ZgOb8W961iZtikOPvK1KXZ1FAh3x-IaSL9xYzfweImoEoZrYE-6MlUrAplg7rggmYzQlrzKIvCs_PsP8JwellF3FZFrTf3NJw272L3J09WI7P5PQMGs5eEgV0oQwPUnF74QUjBvwG-_GdN3lrMmV-2h3ld52wRlgXzGXRwbnJOi5Btz9JN7h9T5IEJeiSocn6VLnWqLNiJQaMbDJOifrPZ32xJh6ePZqtJNuMEAPcgyC18pfPNA_VW8vJlJ6GSenWuvr1L8a1Ov0YdGU-V-tnVw6nrlJ9U84OUSSzMMmoZHVeeY1B-_YvcAzUCYYVQigWl7GQKOjqW_OQj-0wu4CGLIsJ4zyfjTjIek_WPRneOr4WdA5tSeRTyK5h2vKUl_cp_Jbo-gZ7D-Dl8Az-QWrsF__KDiP-dOEjwas3j76_C-MUozWZWvJ6Z0F8LNQeFtGl_IoDJb8JPYtMefD_fI_vGlBeXswJfvx0OeTN4Y8MJ8SiUcpQ_K8U5iVjevIkl21Vcgs4aDhxOsv39um8vkls9FKmZu5Hn39novrfMU2dukkzHfj7ZuEL9B22wq6yDhB7rzdecVTzv8UDfDHZ6jL6WHslfIRJQqU5FnHdwBxuA5pY_I1WfXqItOr6Iy65drQDa5vamaeN4ntw3TYZLzzUZH65HhHep0bqHk8tarYG7D5jQ3Oa2VqIpeY_xSxNBhxAZvq7JycVnIBZy87a5RIYbHj5nanspo9Z1H2rvsyd_5xgC5zAcV4lQU2HiCBncx7RAwrV_h7a5uVNf5WQQgRORRfjfZZ0_n4eN_flQuCTKfRTi9bVgTW8-eF99QRa6Svk0ARhd2ZQGaygJ0OhODjW9nopPp07cajoBupQGEUnzdK4Prs8WcaA3gyUJW-b1Qegpo0WJme6pxUxJoD2bKgevrY1TaftE_tyZmAgDE4SngVTQIfWenxza0mjtp2h3aB5PszKre4KQFrS-6a7fOTcfI3GjglOX2jY16HPsAQMb5AybwueRw_sCBFfNkcUmQuB3A3tQXQSSQv3zzvmXHCqhjIlo85fvtcZ-wfatrIox7LEiwnEid8DhVsBSHxlTxroSeEP0TFUFPbWHVYMUFDgJ6Tmo_E3GH6ioUT30djV1LtgfBE6T84rVCeTUqovQxsg3UUm6z7YFAk3PuYQSpNjsxL_ry1QqdNjSht7RQABpiU1sk5dvQgcbTEf4sJsptNA2lxXZNBYqALJgvU7RYeXYgZYzGiF9tSRvF-JuL70sR_bxziT11oHs_-qC9pDs5R9o8yQ1clFYErKxQnzXuK6h-_h0dNXSMIGrT_3CYyey_1KU5CAiVjqwejdg5x9U_A_3Z70QQht0Z9yCYs8N_AGtazNGiqm2Z8hMaBzLdhEX2YYTRA00-LJkt8Q08X0X0LEuEuc7mZgLmWONoBWT5WptyS7Z739y9mHazI5VrwsihPbCp4nWNH6ZHC0DTKc8uBpsmIMdEmBHNn3PbfDZiCnrBFXmjIUIFrIorYUShz-85qCJDsLzACzv8-nMV3JhakdoXIPzyMUAUJNYBkb-6Ke7lY-0T798hvZQ5MUARLFaMUDghK_m2tDZY0nZZE9veP_4kJrsKqFph2kf_DS5C9xr3IsUt546fTVT3M4WzaDyDMw2nOL0LAhRUE0zjOvWpaIFxukvaLwLtmf4qZNlm-MYjfnLNa_3JMPpCqb6i9gCRREvzoKkT4vD68auzUE9MwfQpoULnAwPOFYF86UN6v2y0FwnbQ9sLLEbjLoAMBltjKqEYmwztVOlIbdDC7XuGxibKyUfbghoVHhX6W7_p8dZ10-CYHzkbjdCqTBciUzLfitSA1nxW06n4EUNJJ5ilLpqUuTHqi0vZt81hrWckLlU3Snz0YFqngJuABqIztNjNLUCx6V__5UA-c-02TGWNwdpQ-Q4sEvL1vJppNBTKB3TWNPBUS5Rb0d9XPhep2fB40keiql438LhRod7T2V_Y9E14XcRZgTB1IgAmSH8lPfXcEv6JxN69kCWTW9NmA_-3ZUpAaHtWgT5oCvFiBO2mnu4xJYSU_snk4hZNHu_Wt5Nkc54ysJw6f2t0HliLA&cid=CAQSOwB7FLtq9MVNT0b1ek6tWSMZ22xZk4-3VLLQo2jr2abX_RgbT9mGuZm4xtexYqM-OrYb4nxCfJh4nidSGAE&dv3_ver=m202402290101&rfl=https%3A%2F%2Fwww.bonus.ch&ds=l&xdt=1&iif=1&cor=2838096041274420000&adk=1761367584&idt=113&cac=0&dtd=37 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b4665fbd1c393f6a6340aa12fdfe61c9481dd3a6e9292a850feef98a621e89ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 11:33:43 GMT content-encoding br x-content-type-options nosniff age 2382 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11526 x-xss-protection 0 server cafe etag 10374153479694904093 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 01 Apr 2024 11:33:43 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 9489	41 KB 14 KB	16ms 16ms	Script text/javascript	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 14:46:52 GMT content-encoding br x-content-type-options nosniff age 422793 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 13 Mar 2025 14:46:52 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame EAB5	1 KB 643 B	19ms 17ms	Document text/html	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 2228 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 18 Mar 2024 11:36:17 GMT etag 48472445140208031 expires Tue, 19 Mar 2024 11:36:17 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 9489	219 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 99c374d6c9585202497b3627c22d426cf955e3ee9362ab3fd862e8f5d89924fd Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Content-Type image/png
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame D79D	38 KB 13 KB	17ms 15ms	Document text/html	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 509792 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 12 Mar 2024 14:36:53 GMT expires Wed, 12 Mar 2025 14:36:53 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame EAB5 Redirect Chain https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEE_hQL011GSInsPIX5Zlrkg&google_cver=1&google_push=AXcoOmT5w5pm8urmbImlZR8wQ2QG2Rtp5fZXQZWAzaP2uq9-pqYPH86... https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=72cfaa2b98552431&is_secure=true&networkId=14000&version=1&google_gid=CAESEE_hQL011GSInsPIX5Zlrkg&google_cver=1&google_push=AXcoOmT5w5pm... https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACpSyAHhzGSwMi8j8nAAAAAAA&expiration=1710850406&google_cver=1&is_secure=true&google_gid=CAESEE_hQL011GSInsPIX5Zlr...	170 B 188 B	32ms 32ms	Image image/png	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACpSyAHhzGSwMi8j8nAAAAAAA&expiration=1710850406&google_cver=1&is_secure=true&google_gid=CAESEE_hQL011GSInsPIX5Zlrkg&google_push=AXcoOmT5w5pm8urmbImlZR8wQ2QG2Rtp5fZXQZWAzaP2uq9-pqYPH86N271w9Y5Ycp9b25PMTkqObCqpSW6LY_kV1lGUkXlGK_2DIOhlZe4Zn1-C0rFDrrcHsLqw33Em-mtMfln2ei3VLWBELuhhtVpzZd-brw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H3 Server 142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 18 Mar 2024 12:13:26 GMT server nginx p3p policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP" location https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAACpSyAHhzGSwMi8j8nAAAAAAA&expiration=1710850406&google_cver=1&is_secure=true&google_gid=CAESEE_hQL011GSInsPIX5Zlrkg&google_push=AXcoOmT5w5pm8urmbImlZR8wQ2QG2Rtp5fZXQZWAzaP2uq9-pqYPH86N271w9Y5Ycp9b25PMTkqObCqpSW6LY_kV1lGUkXlGK_2DIOhlZe4Zn1-C0rFDrrcHsLqw33Em-mtMfln2ei3VLWBELuhhtVpzZd-brw cache-control no-cache, private, max-age=0, no-store content-length 0 expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame EAB5 Redirect Chain https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE... https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELA6CZmkUA9igut_xOfjD-w&google_push=AXcoOmRF4fhHP6IrgKm4163hpBBU7XBw3SAScz70EjutRQibxF7m3tVAwr...	170 B 188 B	30ms 30ms	Image image/png	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELA6CZmkUA9igut_xOfjD-w&google_push=AXcoOmRF4fhHP6IrgKm4163hpBBU7XBw3SAScz70EjutRQibxF7m3tVAwr4GkrsS25sKjLaIDCPZHiB-lHANWeU74w8chiGgpyYkbIgFfz4O_IRR_s3X_RGmdVIgfbyYQ2MsS00HJglgorIumSu8Qb6Dz6gXQA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H3 Server 142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers x-served-by cache-lga21958-LGA pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT via 1.1 varnish server Jetty(9.4.35.v20201120) x-timer S1710764006.907680,VS0,VE7 x-cache MISS p3p CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM" access-control-allow-origin * location https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESELA6CZmkUA9igut_xOfjD-w&google_push=AXcoOmRF4fhHP6IrgKm4163hpBBU7XBw3SAScz70EjutRQibxF7m3tVAwr4GkrsS25sKjLaIDCPZHiB-lHANWeU74w8chiGgpyYkbIgFfz4O_IRR_s3X_RGmdVIgfbyYQ2MsS00HJglgorIumSu8Qb6Dz6gXQA cache-control no-cache accept-ranges bytes content-length 0 x-cache-hits 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame EAB5 Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEGUfyADNT_V2hz07-a0IAH0&google_cver=1&google_push=AXcoOmRkxJ_Vk8ZYQ3c-Y2bkcRlG9Um-kWRbaFjO5RuXjnDnvcGXItnbLl04sKInTMNeF1DuF2d9nGvMeebxoAqtHrPFkJNhideTPX... https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A83C288D5DE544439299D5A222051B8E&google_push=AXcoOmRkxJ_Vk8ZYQ3c-Y2bkcRlG9Um-kWRbaFjO5RuXjnDnvcGXItnbLl04sKInTMNeF1DuF2d9nGvMeebxoAq...	170 B 188 B	34ms 34ms	Image image/png	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A83C288D5DE544439299D5A222051B8E&google_push=AXcoOmRkxJ_Vk8ZYQ3c-Y2bkcRlG9Um-kWRbaFjO5RuXjnDnvcGXItnbLl04sKInTMNeF1DuF2d9nGvMeebxoAqtHrPFkJNhideTPXR35VWIfsnymv0qAFUevNtoDQU8VWxBQzKu4-swQkgi7Da3IF-QIVRvlg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H3 Server 142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Mon, 18 Mar 2024 12:13:25 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=A83C288D5DE544439299D5A222051B8E&google_push=AXcoOmRkxJ_Vk8ZYQ3c-Y2bkcRlG9Um-kWRbaFjO5RuXjnDnvcGXItnbLl04sKInTMNeF1DuF2d9nGvMeebxoAqtHrPFkJNhideTPXR35VWIfsnymv0qAFUevNtoDQU8VWxBQzKu4-swQkgi7Da3IF-QIVRvlg access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Sun, 17 Mar 2024 12:13:25 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame EAB5 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN04EUzlXGvKDCV2pvNfgls&google_cver=1&google_push=AXcoOmTHVI2r_1ZI3nZ_S8xS3RcGeePsyixFwGJCl8c2MUaNdufi9HYNlGfF-PXIFzHYr7d2SBZDHlrGjMXRtvpz1Gyd20f... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTHVI2r_1ZI3nZ_S8xS3RcGeePsyixFwGJCl8c2MUaNdufi9HYNlGfF-PXIFzHYr7d2SBZDHlrGjMXRtvpz1Gyd20fEWedK56IrBIlmMCmvmh63jJoGUVtdrZCv3VgMu...	170 B 188 B	30ms 30ms	Image image/png	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTHVI2r_1ZI3nZ_S8xS3RcGeePsyixFwGJCl8c2MUaNdufi9HYNlGfF-PXIFzHYr7d2SBZDHlrGjMXRtvpz1Gyd20fEWedK56IrBIlmMCmvmh63jJoGUVtdrZCv3VgMulTEAx0TQwfD0zkWyPoFvyY_&google_hm=eS1oUGh1a294RTJwRTRlcEJ6TmxtU2J5Z3VKc1lzS2QxTH5B Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H3 Server 142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Mon, 18 Mar 2024 12:13:25 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTHVI2r_1ZI3nZ_S8xS3RcGeePsyixFwGJCl8c2MUaNdufi9HYNlGfF-PXIFzHYr7d2SBZDHlrGjMXRtvpz1Gyd20fEWedK56IrBIlmMCmvmh63jJoGUVtdrZCv3VgMulTEAx0TQwfD0zkWyPoFvyY_&google_hm=eS1oUGh1a294RTJwRTRlcEJ6TmxtU2J5Z3VKc1lzS2QxTH5B content-length 0
GET H2	200	usersync.aspx dis.criteo.com/dis/ Frame EAB5	43 B 363 B	45ms 13ms	Image image/gif	74.119.119.150 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmT41AeGguKBp6kUfDZQKmwSMG2ARtqdUZq3DjC6hUbsDq6VrCuOydEOmrHYue9KvAkhhtjOVpnUt0tyffa1a4r37NJmk6KvYsiqHwwDg6GU5ulHtNxblQHJZGcpPo_xqX1uccGYwrcOdp2pO6y7Ff0xXQ&google_gid=CAESEPoG_TFubNgchHW5_tg0lX8&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 198681 expires Mon, 18 Mar 2024 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame EAB5 Redirect Chain https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEK1RLav0vHMXIcXE3C3N_es&google_cver=1&google_push=AXcoOmSD6nhio08PBSZz-mnd-S1xqcPDIWGLYqWaUHAHoUJbBWpggz1jix4GjiyP7L... https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSD6nhio08PBSZz-mnd-S1xqcPDIWGLYqWaUHAHoUJbBWpggz1jix4GjiyP7LsUBKn3EB8MNhzZr34jmUUSW0Nq-svKcrDh3qXil8VWP5xIms...	170 B 188 B	30ms 30ms	Image image/png	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSD6nhio08PBSZz-mnd-S1xqcPDIWGLYqWaUHAHoUJbBWpggz1jix4GjiyP7LsUBKn3EB8MNhzZr34jmUUSW0Nq-svKcrDh3qXil8VWP5xImscUJ5xgABBg0v63iyUREsAGQWqYrgesJY7m-hCgJhURUbQ&google_hm=7khlx5JUTRmcqO2FBoD0YIY Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H3 Server 142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmSD6nhio08PBSZz-mnd-S1xqcPDIWGLYqWaUHAHoUJbBWpggz1jix4GjiyP7LsUBKn3EB8MNhzZr34jmUUSW0Nq-svKcrDh3qXil8VWP5xImscUJ5xgABBg0v63iyUREsAGQWqYrgesJY7m-hCgJhURUbQ&google_hm=7khlx5JUTRmcqO2FBoD0YIY content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	report sync.teads.tv/um/ Frame EAB5 Redirect Chain https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEMRl6ZqFtWjc... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NWE0ODBlOWQtZjMyYS00M2ZkLTg0NWYtOWViMTYwNWFmNDk4&google_push=AXcoOmRMqUg8qz3bLFnI9i2zfg84SsK6ouLRQSI9cEzFGJnnyYuwGcLPvVpSfBQ_lwuVp... https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab	23 B 163 B	29ms 28ms	Image image/gif	23.55.205.47 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H2 Server 23.55.205.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-55-205-47.deploy.static.akamaitechnologies.com Software pekko-http/1.0.0 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers expires Mon, 18 Mar 2024 12:13:26 GMT pragma no-cache date Mon, 18 Mar 2024 12:13:26 GMT cache-control max-age=0, no-cache, no-store server pekko-http/1.0.0 content-length 23 content-type image/gif Redirect headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 260 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame EAB5	0 12 B	26ms 26ms	Image text/html	142.251.167.154 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDMgrgmtKIxP-RTCYDl2YV78rmAa2seCs85uTPOY9v28kKSIakWEDcQlStv_Mn_TRe5AS8LEY Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.154 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f154.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:25 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/41634877391634802/ Frame 7B20	734 B 387 B	16ms 16ms	Document text/html	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 522b0d528e6797ee0a6aa95c127355f436fe5b72af7f93b657b2b2cec8d58d39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * allow-fenced-frame-automatic-beacons true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 351 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Mon, 18 Mar 2024 12:13:25 GMT expires Tue, 18 Mar 2025 12:13:25 GMT last-modified Mon, 28 Aug 2023 15:03:35 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 9489	0 0	81ms 80ms	Fetch image/gif	172.253.122.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvJVWTB1cknTtPGbtPlKzqB1vOz0MNW2LoF3YzMKLrJGN3GTXJ4sGvV985mMlSZyaFQfo5ajLahcomLQ5pXNhqrNk7A57W4DLCvm-Eyk9IRKJrgkY4SQI6-2m5VTkT_Qgj_FLL6G_VJG4hn6EQM5NKDImsJKMnaWMhzQcpVPRKp5jDH_djghQQskQBQcWt1Xw2SJc0PIvelddpQy4iduPSecHJB5oMZSajF9-BLVfi2ZyrqKV9_aYxmICH0t4ytZv5-3TNQ-KCF-XDVHx0HCqB2jso4KRj4dLaHIIkZJS7rc-zfP2xjrump1m1USJZJCA8xbKpcUKgrRt5Xa0KBBVSHE0TftlNSGTWc4fZCAsG8XvOu1mDBUTDIUCy_GhayNCSqV0yxW1-r7sOUIfb2ToExzLA3uszk-E26qnCoYN0G-VPkOFVc6LdHyr29D2BRdDnaLAj8rpdnYbthiKXF_VoCTW09uWg5HHzc3Vl9AgmKKOm7dTcmQ_wG_SETUEu4P3MzoN-U8nO25ULDCCetI_KbplV2W6nHJEHjITtJSqLJbAKvuxiNIxSuz0Kppuor3oXjqSxuBEDPRZFouAlSzPuQqVBcZh_BfMAqttDB6dOqQtpWtF2Gpt6AbG4rAlHI3_nwA2KdUazWsnsUuT_yFx8DXbTJbOq6JJQ-Ck8GO-eaRKgzxdHH5IoCsnXf4XMv3xu4yPMkH0IXO0Mm_gn095I91N01liiWn17e2NyPxMYaFT0so8Cobx4XTcVs0YP0fsg-sf7WaAyrtCcq-Ae52WnNWpjlEZGQzixgXBK5e5moqGMw6QHgHm9oAJVEmYtTvEtk2zHOblLm_EN2HvNMansHrbpFekM3vXEpt2ud73Xkq5ZOw5QmILXDS_e0MOaFX1hmt-1F5ckyXpeALMjUF-RAbhfnSyaOqCjNgoUCRie6AbmsGP47xyhv5sfjgC7Bzw_lcKd6FnS53wojN2pDM9Up5ObY420bKq3bj73qX1sKHI7bK7AlcBIt4iYfuQTe0165zKNXTpx47wpkNwX-t3Av8i07tcufCa5B2LtgWhTeF3upz5Dnwn_qVhLQuTyt4GcYiwvtdoa_E8-j4T3ROw68qAFeWOvoTohHI79O4JAbglob_Npwgp6Hp4CsrdY0QHz5X7YdEet1e7uebxqFyE5KOQRi1Gh1o2Ce2RT75G7ZXpn7vMgcsv-XXzknEsrVlFDNdxzYa1W9H0sqwUVYjXMl-qm4nwj6wa-XtFGXLKNGf6H5DVABAHsuOjATJ7DcQfMDFb0VmMiUDfWygrpMvXDfBPoIyNtGVXQXk6-OeWI1DO6veEwfUayrfXFS3hfgPrb9tbeqZYJoetgU5zojMRExi7mzHFNugEJVLMjfdWR14UnHIy_oIhCaL0g0lFSSle4jrkvYuRhR_hOiP44LCVqafzhoO3Sv4E_ntwFCsxRWuojzgeERkI5RuF48Uz4bz_KwuZx2g&sai=AMfl-YRJnDKJ4msX8UmZQoSKIgNAIxOblUlSsCo0NkbIPknkl8Xf5wk3or46-sU6ACxvHpfq3CeA1uBnj5ssyUy0EbmarPFOLjI3ujSiiRvwYd4-oJHs0gDFz64MXAOBTEg9PiXLag0SLmKEu8Rulx6xf4wLYYWKGLMPWTm-sGl56_GViDISLZMXKxPE7Y0472JlyURThgAvuYSYH2r5b5P_PA7oHWQRWsGKc49Q-RlclfUpkd5FrCt6klrDHWBiGZ4-5lbF&sig=Cg0ArKJSzOvFpDUPmO62EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=103&cbvp=1&cstd=96&cisv=r20240313.35994&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Mon, 18 Mar 2024 12:13:25 GMT x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * cache-control private access-control-allow-credentials true timing-allow-origin * expires Mon, 18 Mar 2024 12:13:25 GMT
GET H2	200	4.js Show response static.adsafeprotected.com/ Frame 9489 Redirect Chain https://fw.adsafeprotected.com/rfw/st/1608565/73384177/4.js?bundleId=${BUNDLE_ID}&bidurl=https://www.bonus.ch/&adContainerId=brand_safety_5S_4ZdX-KuDJnboP5K6lsAs&cbFunctionName=goog_wrapCb_5S_4ZdX-... https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5S_4ZdX-KuDJnboP5K6lsAs&cbFunctionName=goog_wrapCb_5S_4ZdX-KuDJnboP5K6lsAs&true_pb=	1 KB 1 KB	45ms 21ms	Script application/javascript	2600:9000:215f:a600:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5S_4ZdX-KuDJnboP5K6lsAs&cbFunctionName=goog_wrapCb_5S_4ZdX-KuDJnboP5K6lsAs&true_pb= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H2 Server 2600:9000:215f:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5431bf3cd2099a41e143f4ccab7ee74d223ea22941dfd9061c5d241ed05afade Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 21:34:01 GMT x-amz-version-id KWeQ9vkggafvnQEzKCfVXFdLZSdwJ1OF content-encoding gzip via 1.1 d02136c452505f46a849d23f2fe25350.cloudfront.net (CloudFront) x-amz-cf-pop YUL62-C2 age 311966 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status PENDING last-modified Thu, 14 Mar 2024 21:33:59 GMT server AmazonS3 etag W/"eb639ea9c60fa52fae8bd853911ab0a9" vary Accept-Encoding content-type application/javascript cache-control max-age=604800 x-amz-cf-id RHdFTXykdUmUK4cqU8GyrPWNx4JZjWhqoyRUSEEJmdUWbvL6tmb3XA== Redirect headers pragma no-cache date Mon, 18 Mar 2024 12:13:25 GMT server nginx x-server-name app25.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_5S_4ZdX-KuDJnboP5K6lsAs&cbFunctionName=goog_wrapCb_5S_4ZdX-KuDJnboP5K6lsAs&true_pb= cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame 872E	91 KB 23 KB	91ms 19ms	Script application/javascript	2600:9000:215f:a600:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:215f:a600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 04 Jan 2024 08:11:24 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 d02136c452505f46a849d23f2fe25350.cloudfront.net (CloudFront) x-amz-cf-pop YUL62-C2 age 6408122 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id c9uu1cE-cvDzpAqinlanrwxd5ukId269IDFSfXLozEVLeKFYSmKVlA==
GET H3	200	Enabler_01_250.js Show response s0.2mdn.net/879366/ Frame 7B20	120 KB 41 KB	17ms 16ms	Script text/javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/Enabler_01_250.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 22:11:48 GMT content-encoding gzip x-content-type-options nosniff age 50497 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42247 x-xss-protection 0 last-modified Tue, 14 Mar 2023 21:28:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 22:11:48 GMT
GET H3	200	banner.js Show response s0.2mdn.net/sadbundle/41634877391634802/js/ Frame 7B20	7 KB 2 KB	22ms 21ms	Script application/x-javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/41634877391634802/js/banner.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6822f59940c241e1ef1c7c3485bbe68112706a6c033cce1b59c3a8b7ed99cc0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers expires Thu, 13 Mar 2025 22:52:19 GMT date Wed, 13 Mar 2024 22:52:19 GMT content-encoding gzip x-content-type-options nosniff age 393666 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1948 x-xss-protection 0 last-modified Mon, 28 Aug 2023 15:03:35 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" allow-fenced-frame-automatic-beacons true
GET H3	200	banner.loader.js Show response s0.2mdn.net/sadbundle/41634877391634802/js/ Frame 7B20	2 KB 812 B	23ms 21ms	Script application/x-javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/41634877391634802/js/banner.loader.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c883e2bfc496aaceb8a6cd3244796f8d31fb6cc0101530f199fd0078b8d18f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers expires Fri, 14 Mar 2025 01:02:48 GMT date Thu, 14 Mar 2024 01:02:48 GMT content-encoding gzip x-content-type-options nosniff age 385837 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 773 x-xss-protection 0 last-modified Mon, 28 Aug 2023 15:03:35 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" allow-fenced-frame-automatic-beacons true
GET H3	200	banner.data.js Show response s0.2mdn.net/sadbundle/41634877391634802/js/ Frame 7B20	13 KB 2 KB	21ms 21ms	Script application/x-javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/41634877391634802/js/banner.data.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 005555f7bfd2b52b1abc18d2df41fb179c4c9e99d146aa94d3b83b850eb9d220 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers expires Thu, 13 Mar 2025 22:52:19 GMT date Wed, 13 Mar 2024 22:52:19 GMT content-encoding gzip x-content-type-options nosniff age 393666 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2497 x-xss-protection 0 last-modified Mon, 28 Aug 2023 15:03:35 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" allow-fenced-frame-automatic-beacons true
GET H3	200	style.css s0.2mdn.net/sadbundle/41634877391634802/styles/ Frame 7B20	1 KB 586 B	20ms 20ms	Stylesheet text/css	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/41634877391634802/styles/style.css Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dd14ae09aa66c86ba340d7b39b9688094ce37af943ad8e7092d51ba62645e091 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers expires Fri, 14 Mar 2025 14:37:56 GMT date Thu, 14 Mar 2024 14:37:56 GMT content-encoding gzip x-content-type-options nosniff age 336929 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 547 x-xss-protection 0 last-modified Mon, 28 Aug 2023 15:03:35 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" allow-fenced-frame-automatic-beacons true
GET H2	200	dt dt.adsafeprotected.com/ Frame 9489	43 B 216 B	256ms 83ms	Image image/gif	2600:1f13:800:7780:7f42:b2c1:ce1d:2019 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1608565&asId=4d5ff19d-dbf1-d3b1-54d3-72abf3f7230d&tv=%7Bc:7gM3UB,pingTime:-3,time:92,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:32%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:92,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7nhqkZ+11%7C12%7C13%7C14%7C151*.1608565-73384177%7C1511%7C1512%7C1513%7C1514%7C16%7C1711%7C172%7C181%7C1821,idMap:151*,rmeas:1,rend:0,renddet:DIV,siq:34%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7780:7f42:b2c1:ce1d:2019 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:26 GMT server nginx x-server-name dt16.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 9489	43 B 215 B	241ms 84ms	Image image/gif	2600:1f13:800:7780:7f42:b2c1:ce1d:2019 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1608565&asId=4d5ff19d-dbf1-d3b1-54d3-72abf3f7230d&tv=%7Bc:7gM3UP,pingTime:-6,time:106,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:106,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B96~0%5D,as:%5B96~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7nhqkZ+11%7C12%7C13%7C14%7C151*.1608565-73384177%7C1511%7C1512%7C1513%7C1514%7C16%7C1711%7C172%7C181%7C1821,idMap:151*,rmeas:1,rend:0,renddet:DIV,siq:34%7D&tpiLookup=ao:www.bonus.ch*%2Cwww.bonus.ch*&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7780:7f42:b2c1:ce1d:2019 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:26 GMT server nginx x-server-name dt21.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 9489	43 B 215 B	231ms 85ms	Image image/gif	2600:1f13:800:7780:7f42:b2c1:ce1d:2019 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1608565&asId=4d5ff19d-dbf1-d3b1-54d3-72abf3f7230d&tv=%7Bc:7gM3V2,pingTime:-2,time:119,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:841,mdZ:955,beA:962,beZ:964,mfA:967,cmA:969,inA:969,inZ:974,prA:975,prZ:987,si:995,poA:997,poZ:1028,cmZ:1028,mfZ:1028,loA:1068,loZ:1071,ltA:1081,ltZ:1081%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:32%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:119,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B110~0%5D,as:%5B110~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7nhqkZ+11%7C12%7C13%7C14%7C151*.1608565-73384177%7C1511%7C1512%7C1513%7C1514%7C16%7C1711%7C172%7C181%7C1821,idMap:151*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:DIV,siq:34,sinceFw:84,readyFired:true%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7780:7f42:b2c1:ce1d:2019 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:26 GMT server nginx x-server-name dt22.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js Show response pagead2.googlesyndication.com/bg/ Frame D79D	52 KB 20 KB	15ms 14ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/d36uSxnIL8ldx8TFx91fzHwYiWmBZ4lpuKiJzeb80YQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 777eae4b19c82fc95dc7c4c5c7dd5fcc7c18896981678969b8a889cde6fcd184 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Fri, 15 Mar 2024 11:49:40 GMT content-encoding br x-content-type-options nosniff age 260626 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20181 x-xss-protection 0 last-modified Mon, 11 Mar 2024 13:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 15 Mar 2025 11:49:40 GMT
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 9489	0 0	76ms 75ms	Fetch image/gif	172.253.122.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvJVWTB1cknTtPGbtPlKzqB1vOz0MNW2LoF3YzMKLrJGN3GTXJ4sGvV985mMlSZyaFQfo5ajLahcomLQ5pXNhqrNk7A57W4DLCvm-Eyk9IRKJrgkY4SQI6-2m5VTkT_Qgj_FLL6G_VJG4hn6EQM5NKDImsJKMnaWMhzQcpVPRKp5jDH_djghQQskQBQcWt1Xw2SJc0PIvelddpQy4iduPSecHJB5oMZSajF9-BLVfi2ZyrqKV9_aYxmICH0t4ytZv5-3TNQ-KCF-XDVHx0HCqB2jso4KRj4dLaHIIkZJS7rc-zfP2xjrump1m1USJZJCA8xbKpcUKgrRt5Xa0KBBVSHE0TftlNSGTWc4fZCAsG8XvOu1mDBUTDIUCy_GhayNCSqV0yxW1-r7sOUIfb2ToExzLA3uszk-E26qnCoYN0G-VPkOFVc6LdHyr29D2BRdDnaLAj8rpdnYbthiKXF_VoCTW09uWg5HHzc3Vl9AgmKKOm7dTcmQ_wG_SETUEu4P3MzoN-U8nO25ULDCCetI_KbplV2W6nHJEHjITtJSqLJbAKvuxiNIxSuz0Kppuor3oXjqSxuBEDPRZFouAlSzPuQqVBcZh_BfMAqttDB6dOqQtpWtF2Gpt6AbG4rAlHI3_nwA2KdUazWsnsUuT_yFx8DXbTJbOq6JJQ-Ck8GO-eaRKgzxdHH5IoCsnXf4XMv3xu4yPMkH0IXO0Mm_gn095I91N01liiWn17e2NyPxMYaFT0so8Cobx4XTcVs0YP0fsg-sf7WaAyrtCcq-Ae52WnNWpjlEZGQzixgXBK5e5moqGMw6QHgHm9oAJVEmYtTvEtk2zHOblLm_EN2HvNMansHrbpFekM3vXEpt2ud73Xkq5ZOw5QmILXDS_e0MOaFX1hmt-1F5ckyXpeALMjUF-RAbhfnSyaOqCjNgoUCRie6AbmsGP47xyhv5sfjgC7Bzw_lcKd6FnS53wojN2pDM9Up5ObY420bKq3bj73qX1sKHI7bK7AlcBIt4iYfuQTe0165zKNXTpx47wpkNwX-t3Av8i07tcufCa5B2LtgWhTeF3upz5Dnwn_qVhLQuTyt4GcYiwvtdoa_E8-j4T3ROw68qAFeWOvoTohHI79O4JAbglob_Npwgp6Hp4CsrdY0QHz5X7YdEet1e7uebxqFyE5KOQRi1Gh1o2Ce2RT75G7ZXpn7vMgcsv-XXzknEsrVlFDNdxzYa1W9H0sqwUVYjXMl-qm4nwj6wa-XtFGXLKNGf6H5DVABAHsuOjATJ7DcQfMDFb0VmMiUDfWygrpMvXDfBPoIyNtGVXQXk6-OeWI1DO6veEwfUayrfXFS3hfgPrb9tbeqZYJoetgU5zojMRExi7mzHFNugEJVLMjfdWR14UnHIy_oIhCaL0g0lFSSle4jrkvYuRhR_hOiP44LCVqafzhoO3Sv4E_ntwFCsxRWuojzgeERkI5RuF48Uz4bz_KwuZx2g&sai=AMfl-YRJnDKJ4msX8UmZQoSKIgNAIxOblUlSsCo0NkbIPknkl8Xf5wk3or46-sU6ACxvHpfq3CeA1uBnj5ssyUy0EbmarPFOLjI3ujSiiRvwYd4-oJHs0gDFz64MXAOBTEg9PiXLag0SLmKEu8Rulx6xf4wLYYWKGLMPWTm-sGl56_GViDISLZMXKxPE7Y0472JlyURThgAvuYSYH2r5b5P_PA7oHWQRWsGKc49Q-RlclfUpkd5FrCt6klrDHWBiGZ4-5lbF&sig=Cg0ArKJSzOvFpDUPmO62EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=248&vt=11&dtpt=145&dett=3&cstd=96&cisv=r20240313.35994&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: www.bonus.ch URL: https://www.bonus.ch/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.122.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:26 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 18 Mar 2024 12:13:26 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame BCC2	42 B 64 B	73ms 72ms	Fetch image/gif	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-ndu2HCuZXXivmOKuQXB5Xl8cdaZ5AcTu6uJH0sjqoa-pbW8YwGcUT_bdpYVIbCsJacnJS5uqrjhzs7TGEckcQBrSHgf_wrPiKIGLAZ_NcqcvM-jfjMSFejbpMijAu1TfppSQNR3u2xXqbhL0qz3ubMi-Edic1oY2UzECxezV2BN77t180vAkci8mmI4qIiaVoXJn4GrCkYwELfOQ9CWndjqPPyEHlVnR10M&sig=Cg0ArKJSzHAviABsDbZAEAE&id=lidar2&mcvt=1010&p=207,1285,807,1585&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20240313&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=563098138&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=669680400&rst=1710764003813&rpt=1281&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:26 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 7B20	7 KB 6 KB	77ms 76ms	XHR application/json	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_250.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9fff6762c8e3b73aa3c331d193f13b0b14f92c613163c9927afd6d89237c6f87 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:26 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5749 x-xss-protection 0
GET H2	200	dt dt.adsafeprotected.com/ Frame 9489	43 B 215 B	85ms 83ms	Image image/gif	2600:1f13:800:7780:7f42:b2c1:ce1d:2019 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1608565&asId=4d5ff19d-dbf1-d3b1-54d3-72abf3f7230d&tv=%7Bc:7gM3Xq,time:267,type:e,im:%7Bimprf:%7Bttecl:318,ecd:124,tsecr:39%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:267,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B257~0%5D,as:%5B257~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u7nhqkZ+11%7C12%7C13%7C14%7C151*.1608565-73384177%7C1511%7C1512%7C1513%7C1514%7C16%7C1711%7C172%7C181%7C1821,idMap:151*,rmeas:1,rend:0,renddet:DIV,siq:34,sis:198%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5536509703773744&output=html&h=250&slotname=1301303001&adk=1630190559&adf=3173046728&pi=t.ma~as.1301303001&w=300&lmt=1710764004&format=300x250&url=https%3A%2F%2Fwww.bonus.ch%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1710764004326&bpp=4&bdt=640&idt=584&shv=r20240313&mjsv=m202403130201&ptt=9&saldr=aa&cookie=ID%3D29707d2b33e3c8ea%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MZgj9dO47aixjUR90NBKdGgaDGQAg&gpic=UID%3D00000dd371b7afdd%3AT%3D1710764002%3ART%3D1710764002%3AS%3DALNI_MYOkeEhEjd-UVxIxxV0_vr7v2ec1w&eo_id_str=ID%3D70df5bff00e9cec7%3AT%3D1710764002%3ART%3D1710764002%3AS%3DAA-AfjZJf50v7LdPEULsF7YzPoX-&correlator=7281490432736&frm=23&ife=4&pv=2&ga_vid=1723967549.1710764002&ga_sid=1710764005&ga_hid=445081681&ga_fc=1&nhd=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=908&ady=1038&biw=1600&bih=1200&isw=300&ish=250&ifk=3069768381&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081903%2C44795921%2C95325974%2C95327951%2C95327955%2C95325785&oid=2&pvsid=2390733360894535&tmod=262377642&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.6vc65kpy1utg&fsb=1&dtd=603 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7780:7f42:b2c1:ce1d:2019 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:26 GMT server nginx x-server-name dt23.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 7B20	17 KB 6 KB	24ms 24ms	Script text/javascript	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_250.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:26 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 18 Mar 2024 12:13:26 GMT
GET H3	200	J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Show response pagead2.googlesyndication.com/bg/ Frame BF8E	40 KB 15 KB	15ms 15ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 02:45:35 GMT content-encoding br x-content-type-options nosniff age 34071 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15583 x-xss-protection 0 last-modified Mon, 11 Mar 2024 13:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Mar 2025 02:45:35 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 07DE	0 0	73ms 72ms	Fetch image/gif	2607:f8b0:4004:c1d::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxdwRs4pagFPg8izMh6baY51s1Tc6q5iUmZsSskI2Io8d8S0YLti6gA1tLELVsFUkcAcoS4KqQM8vaK9KeF0BW3toJx2PLWqA9MzLqkkC79uK7wg2_cDgEZPmvh_6bJQfhaTy0fGSn2NKVc1tffLIcFoADhCisr8MUoBA-d0KA7_i2TqUDYfutCTDlok_k6gXQaHHmmDEb--UIjILJW3O-nyHXDUoJp5V5XqX6NdXepW3z0AQ-qvaoyT7Uj-A7WouviY9CUnPq72rwZwdayFZXaeFxmE_g0gx_NnncDw1ER_0WYyO-H_X6NpHqmloVraVZlNlyqOYas1Y15xjzggeUBzF_laHtFY1R-Q43woVtR-nf9w&sai=AMfl-YQ4oXGxlxNo3kXiLsa30Z5IFBkCFX5ZBESMHMqwn-sUoFfS_p1dVDNm1YgJmg7CNg2qhGDNgT97Rqf9vmHsPpwwyDMD7cjiTmukMFkkkm7s2fdjk2ddZtJC5eoHjQ&sig=Cg0ArKJSzH0PkY6e0Uz7EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:26 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 18 Mar 2024 12:13:26 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame 07DE	16 KB 12 KB	78ms 78ms	XHR application/json	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240313&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6040d214bffb401f4f4c12b84d8394754569d9f6780e3526a7d0cb3db1c28588 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:26 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12319 x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	104ms 103ms	XHR application/json	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403140101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 546a986d14d1d74156fed5dcbae5c1361b57610813e01caa085bb77468299f99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:26 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12414 x-xss-protection 0
GET H3	200	FranklinGothicBookRegular.css s0.2mdn.net/creatives/assets/4956827/ Frame 7B20	307 B 212 B	18ms 17ms	Stylesheet text/css	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4956827/FranklinGothicBookRegular.css?v=1 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/41634877391634802/js/banner.loader.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b31c34d0d7d5ba8a8afe478539b3ed060f5dbeda191eb9a1bf4c64913a50c8c4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:06:56 GMT content-encoding gzip x-content-type-options nosniff age 390 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 177 x-xss-protection 0 last-modified Tue, 22 Aug 2023 11:56:01 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:21:56 GMT
GET H3	200	gsap_3.2.4_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 7B20	57 KB 23 KB	26ms 25ms	Script text/javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_250.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:26 GMT content-encoding gzip x-content-type-options nosniff age 0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23276 x-xss-protection 0 last-modified Thu, 05 Mar 2020 03:53:22 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:13:26 GMT
GET H3	200	webfont.js Show response s0.2mdn.net/creatives/assets/2474893/ Frame 7B20	13 KB 5 KB	24ms 24ms	Script text/javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/2474893/webfont.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_250.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:00:15 GMT content-encoding gzip x-content-type-options nosniff age 791 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5415 x-xss-protection 0 last-modified Wed, 06 Dec 2017 11:59:34 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:15:15 GMT
GET H3	200	SplitText.min.js Show response s0.2mdn.net/creatives/assets/3482638/ Frame 7B20	9 KB 4 KB	23ms 22ms	Script text/javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3482638/SplitText.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_250.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ec74627c43375cc7ae6467e88e8a3931c796c924f253451104d5b3f03d0c94e4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:03:02 GMT content-encoding gzip x-content-type-options nosniff age 624 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3728 x-xss-protection 0 last-modified Tue, 24 Sep 2019 09:47:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:18:02 GMT
GET H3	200	CustomEase.min.js Show response s0.2mdn.net/creatives/assets/4072427/ Frame 7B20	7 KB 4 KB	19ms 19ms	Script text/javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4072427/CustomEase.min.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_250.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1e57ebefa61aa5c731bccb9e87090a69d233ab47e42670bb44c459348dbd9ce0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:06:57 GMT content-encoding gzip x-content-type-options nosniff age 389 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3630 x-xss-protection 0 last-modified Wed, 17 Mar 2021 18:42:33 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:21:57 GMT
GET H3	200	japan-airlines-amr-jdisplay-default-animation.js Show response s0.2mdn.net/creatives/assets/4956827/ Frame 7B20	14 KB 3 KB	25ms 24ms	Script text/javascript	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/4956827/japan-airlines-amr-jdisplay-default-animation.js?=v1?v=2 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/Enabler_01_250.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 451aa416868cee5b1bf8c3fe2046259b4a477c5628b12d937624e491dbc9fd6c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:06:56 GMT content-encoding gzip x-content-type-options nosniff age 390 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3427 x-xss-protection 0 last-modified Thu, 24 Aug 2023 13:06:14 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:21:56 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame D79D	0 21 B	91ms 90ms	Image image/gif	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5ewG5S_4ZdX-KuDJnboP5K6lsAsAAAAAOAHgBAI&bg=!hYalhsnNAAb_2pXa39o7ADQBe5WfOJySDWNvXssmy_i87rky_BZLPQCzr8x1dXqcB2RrtUcWLCxKYu-2mUZSAdaRrX7gAgAAAJ1SAAAABGgBBwoAgKUI04Zl8nXSavY1VMfJBeGn2KjlsCd74VI4i2gy40InQf5gQbB8E_tVY833Cp29YGXicGSy-L1_sTB_r6Wdq82auhKwrJZLVhNvj4B3gdg1w9dWNvzphcg9V76csVx2C7weByWUn_F88slLBVSKYg9LLTegaC6wxqKxnCtMAHZgmQL_5ixHLgasraHsnwriMFPOJS8xaBtfDajPuChT6RsHJJgUAseihW4KOkQWaq2inVBwDcsU5o1dN6Mb9Zr5Y4wAsjdt6aUH6T1HY1ctVA7Py0rHBlJFI_cOf1tGxRE9LhisMabx5XGpByAEGu_RDMnQGF6Wkzy0Ao0kExEHmsqj61xTWYbJ61jlT4ce7F2WueZMJpZHjITC4mr3aoHMo7qrrtRWVUMLHjZcaYdU4oq3gKKxi_K4vHjPqGAZ6ZudEnqdLP1r1Atx32CZHe29ASI99tM_5XYjZcQ-OLAYfBXXA8P2YGuhXaDFt0s5s0Cn0pw1DIwKVnxh2Wvwghm5qRHwy1B1NB5uPWaQXGF8V-3TL-xaamGn7v_XV-tgerV987VKaRh8StFpAPnMWGIzzlaPI209Ob1g5P2VT3FbrW-EMaGjjlCorgqEciGLynSzPc7QCkJInWKlTcCx_F2zMTxYyFydBWBBSOcTZ92ysUQ-9jS3lGKrLtsmY5POo-HFdNsCDYBkCMN9efMksJ1-GjdrSTSyM89YpVALpDiqmG-FcboY12PlpwwuYEhnIwunpNBQn3jr9bv19uAiCMCOKNM7ra96AeQiKCueqsXvmntmaUn0vuLFejYV2_P5OMk7hWOJE1Y4f3yjaX5v0smHrDq2w0dzwUCVBaQqlB-Ywf06jqFOhs_f22vbrHQ5opQ0MJkS0HiJD2wIzEbo9eKH1tbkX91VFiklZ3syhT7YeF8mJ93AmsbK-nmltG4C0gZvDoVO6CJaaoj6E6yPcTLYMZM-RUV0oucZWJ9bv-mLkSu9d8FdDhKEsG_YArU1OTgwj9407uMyJdFup5iTDXYn_-9que2F2_PXJKyxcFvqvrq2Q_OsrPV4lMV_OxLyDJy43z8KBCDb4K99PVg9MhaS4q5zTjs7r6Sa6qWqYq-rxsvvjulp-9Yfm3Qys-cKc64MIUdF6UvlaNOOTCoCNdFALn4jNST9NiXRul9yeScOfbqXwkbI-tMVSF9KWqCP6DM5vXA Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:26 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	_blank.png_1692704482029__blank.png s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/dev-liveads-core/assets/ Frame 7B20	91 B 123 B	27ms 26ms	Image image/png	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/dev-liveads-core/assets/_blank.png_1692704482029__blank.png Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 45ce129878be0393d96908fd5428d942be80691c39ae7b3a6a3a53ee42b371ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 13:42:17 GMT x-content-type-options nosniff age 340269 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 91 x-xss-protection 0 last-modified Tue, 22 Aug 2023 11:41:23 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 14 Mar 2025 13:42:17 GMT
GET H3	200	jp-prem-eco-bg1-300x250.jpg-v=3_1692704482029_jp-prem-eco-bg1-300x250.jpg s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/ Frame 7B20	23 KB 23 KB	26ms 24ms	Image image/jpeg	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/jp-prem-eco-bg1-300x250.jpg-v=3_1692704482029_jp-prem-eco-bg1-300x250.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3832c91711a7a4784bbcb46553d56a3b6bc1ec004e65a17adc653b11e69389b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 22:46:44 GMT x-content-type-options nosniff age 394002 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23184 x-xss-protection 0 last-modified Tue, 22 Aug 2023 11:41:26 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 13 Mar 2025 22:46:44 GMT
GET H3	200	jp-prem-eco-bg2-300x250-v2.jpg-v=3_1692881239786_jp-prem-eco-bg2-300x250-v2.jpg s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/ Frame 7B20	427 KB 427 KB	29ms 28ms	Image image/jpeg	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/jp-prem-eco-bg2-300x250-v2.jpg-v=3_1692881239786_jp-prem-eco-bg2-300x250-v2.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 93f13abe2d291a36f139c8897a87c9d66f958be026497e71f6f3a3250268c49a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 22:44:37 GMT x-content-type-options nosniff age 394129 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 436792 x-xss-protection 0 last-modified Thu, 24 Aug 2023 12:47:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 13 Mar 2025 22:44:37 GMT
GET H3	200	jp-prem-eco-bg3-300x250.jpg-v=2_1692704482029_jp-prem-eco-bg3-300x250.jpg s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/ Frame 7B20	110 KB 110 KB	36ms 35ms	Image image/jpeg	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/jp-prem-eco-bg3-300x250.jpg-v=2_1692704482029_jp-prem-eco-bg3-300x250.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb7b5d18bfb7e9576187cc11b5711c2392cf6e11bf1c3307e24f3b6b9a4e0f84 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 22:56:01 GMT x-content-type-options nosniff age 393445 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 112566 x-xss-protection 0 last-modified Tue, 22 Aug 2023 11:41:26 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 13 Mar 2025 22:56:01 GMT
GET H3	200	jp-air-logo-fade-300x250.png_1695394068773_jp-air-logo-fade-300x250.png s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/ Frame 7B20	18 KB 18 KB	38ms 37ms	Image image/png	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/jp-air-logo-fade-300x250.png_1695394068773_jp-air-logo-fade-300x250.png Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b4008454cc62299e20f1e57f3035c2af0e2b9a531df3222ba84dec048f1aa443 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 22:18:30 GMT x-content-type-options nosniff age 395696 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18449 x-xss-protection 0 last-modified Fri, 22 Sep 2023 14:47:53 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 13 Mar 2025 22:18:30 GMT
GET H3	200	jp-air-logo-300x250.png_1695394068773_jp-air-logo-300x250.png s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/ Frame 7B20	7 KB 7 KB	42ms 40ms	Image image/png	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/jp-air-logo-300x250.png_1695394068773_jp-air-logo-300x250.png Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c70e7288ae296ebc2a76a1628730fc15613b6203ab2cdf7fda58bad1de285296 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 19:21:40 GMT x-content-type-options nosniff age 60706 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7552 x-xss-protection 0 last-modified Fri, 22 Sep 2023 14:47:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 17 Mar 2025 19:21:40 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame 07DE	17 KB 6 KB	34ms 31ms	Script text/javascript	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403130201/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:26 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 18 Mar 2024 12:13:26 GMT
GET H3	200	FranklinGothicBookRegular.woff s0.2mdn.net/creatives/assets/3898750/ Frame 7B20	74 KB 74 KB	26ms 19ms	Font font/woff	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/creatives/assets/3898750/FranklinGothicBookRegular.woff Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/creatives/assets/4956827/FranklinGothicBookRegular.css?v=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash be5398a784cc87a01eafb2646c90074295d83819ec1c77943bae534a6ed52439 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s0.2mdn.net/creatives/assets/4956827/FranklinGothicBookRegular.css?v=1 Origin https://s0.2mdn.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:01:46 GMT x-content-type-options nosniff age 700 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 75676 x-xss-protection 0 last-modified Tue, 08 Aug 2023 08:20:42 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type font/woff access-control-allow-origin * cache-control public, max-age=900 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 18 Mar 2024 12:16:46 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	24ms 23ms	Script text/javascript	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403140101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:26 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 18 Mar 2024 12:13:26 GMT
GET H3	200	_blank.png_1692704482029__blank.png s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/dev-liveads-core/assets/ Frame 7B20	91 B 123 B	21ms 20ms	Image image/png	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/dev-liveads-core/assets/_blank.png_1692704482029__blank.png Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 45ce129878be0393d96908fd5428d942be80691c39ae7b3a6a3a53ee42b371ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Thu, 14 Mar 2024 13:42:17 GMT x-content-type-options nosniff age 340269 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 91 x-xss-protection 0 last-modified Tue, 22 Aug 2023 11:41:23 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 14 Mar 2025 13:42:17 GMT
GET H3	200	jp-prem-eco-bg1-300x250.jpg-v=3_1692704482029_jp-prem-eco-bg1-300x250.jpg s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/ Frame 7B20	23 KB 23 KB	15ms 14ms	Image image/jpeg	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/jp-prem-eco-bg1-300x250.jpg-v=3_1692704482029_jp-prem-eco-bg1-300x250.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3832c91711a7a4784bbcb46553d56a3b6bc1ec004e65a17adc653b11e69389b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 22:46:44 GMT x-content-type-options nosniff age 394002 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23184 x-xss-protection 0 last-modified Tue, 22 Aug 2023 11:41:26 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 13 Mar 2025 22:46:44 GMT
GET H3	200	jp-prem-eco-bg2-300x250-v2.jpg-v=3_1692881239786_jp-prem-eco-bg2-300x250-v2.jpg s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/ Frame 7B20	427 KB 427 KB	15ms 14ms	Image image/jpeg	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/jp-prem-eco-bg2-300x250-v2.jpg-v=3_1692881239786_jp-prem-eco-bg2-300x250-v2.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 93f13abe2d291a36f139c8897a87c9d66f958be026497e71f6f3a3250268c49a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 22:44:37 GMT x-content-type-options nosniff age 394129 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 436792 x-xss-protection 0 last-modified Thu, 24 Aug 2023 12:47:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 13 Mar 2025 22:44:37 GMT
GET H3	200	jp-prem-eco-bg3-300x250.jpg-v=2_1692704482029_jp-prem-eco-bg3-300x250.jpg s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/ Frame 7B20	110 KB 110 KB	25ms 25ms	Image image/jpeg	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/jp-prem-eco-bg3-300x250.jpg-v=2_1692704482029_jp-prem-eco-bg3-300x250.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb7b5d18bfb7e9576187cc11b5711c2392cf6e11bf1c3307e24f3b6b9a4e0f84 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 22:56:01 GMT x-content-type-options nosniff age 393445 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 112566 x-xss-protection 0 last-modified Tue, 22 Aug 2023 11:41:26 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 13 Mar 2025 22:56:01 GMT
GET H3	200	jp-air-logo-fade-300x250.png_1695394068773_jp-air-logo-fade-300x250.png s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/ Frame 7B20	18 KB 18 KB	119ms 118ms	Image image/png	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/jp-air-logo-fade-300x250.png_1695394068773_jp-air-logo-fade-300x250.png Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b4008454cc62299e20f1e57f3035c2af0e2b9a531df3222ba84dec048f1aa443 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Wed, 13 Mar 2024 22:18:30 GMT x-content-type-options nosniff age 395696 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18449 x-xss-protection 0 last-modified Fri, 22 Sep 2023 14:47:53 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 13 Mar 2025 22:18:30 GMT
GET H3	200	jp-air-logo-300x250.png_1695394068773_jp-air-logo-300x250.png s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/ Frame 7B20	7 KB 7 KB	118ms 118ms	Image image/png	2607:f8b0:4004:c07::95 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dynamic/2/11109535/banners.jellyfishhosting.net/cdp/demos/japan-airlines-dco-august-2023-jdisplay/assets/jp-air-logo-300x250.png_1695394068773_jp-air-logo-300x250.png Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c07::95 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c70e7288ae296ebc2a76a1628730fc15613b6203ab2cdf7fda58bad1de285296 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/41634877391634802/index.html?e=69&leftOffset=0&topOffset=0&c=wd31aPiqo4&t=1&renderingType=2&ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Sun, 17 Mar 2024 19:21:40 GMT x-content-type-options nosniff age 60706 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7552 x-xss-protection 0 last-modified Fri, 22 Sep 2023 14:47:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-programmable" report-to {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 17 Mar 2025 19:21:40 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 9489	43 B 215 B	90ms 90ms	Image image/gif	2600:1f13:800:7780:7f42:b2c1:ce1d:2019 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1608565&asId=4d5ff19d-dbf1-d3b1-54d3-72abf3f7230d&tv=%7Bc:7gM44p,pingTime:-10,time:700,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjIuMC42MjYxLjEyOCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1710764006592%7C%7C4c09b8073aeb72e7ded1f04b1e085195%7C%7Cc2f0dae1be250666004502f5b1159da0%7C%7Cb2f8793ecd818c34da6afe94ba1c5165%7C%7C862671b98d7bedc17af9b88aac1d6213%7C%7C0a1027b7bc594d1a9c70e0e3a84c3c30%7C%7Cc0c78fdde10475e0d46ce5b2b1bb0bf4%7C%7C793771501a8975ca1e0bc481c5890cb2%7C%7C1663701684%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7780:7f42:b2c1:ce1d:2019 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:26 GMT server nginx x-server-name dt01.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame AF14	13 KB 5 KB	16ms 15ms	Document text/html	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bonus.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 237118 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 15 Mar 2024 18:21:28 GMT expires Sat, 15 Mar 2025 18:21:28 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 8E3A	829 B 559 B	45ms 45ms	Document text/html	2607:f8b0:4004:c06::63 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c06::63 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f3ed9ca2e001ab0d38377d9ddefd8a0d8b130bb2448678bdbce9f9c4e3bc6cb2 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-4EeoyGQbkE2TL4ggXy_WIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.bonus.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-4EeoyGQbkE2TL4ggXy_WIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 18 Mar 2024 12:13:26 GMT expires Mon, 18 Mar 2024 12:13:26 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3CBF	13 KB 5 KB	18ms 17ms	Document text/html	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.bonus.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 237118 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 15 Mar 2024 18:21:28 GMT expires Sat, 15 Mar 2025 18:21:28 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame 540E	829 B 560 B	33ms 32ms	Document text/html	2607:f8b0:4004:c06::63 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c06::63 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 806dfc10ce97ea8de3b3846ffc9c3bd7be80387d467b491c314dc1c69486e799 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-j9ZyKFjbuxY0dOWU8oyxDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.bonus.ch/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-j9ZyKFjbuxY0dOWU8oyxDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 18 Mar 2024 12:13:26 GMT expires Mon, 18 Mar 2024 12:13:26 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 8E3A	0 0	71ms 70ms	Image text/html	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240313&jk=2390733360894535&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	200	J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Show response pagead2.googlesyndication.com/bg/ Frame AF14	40 KB 15 KB	15ms 14ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 02:45:35 GMT content-encoding br x-content-type-options nosniff age 34071 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15583 x-xss-protection 0 last-modified Mon, 11 Mar 2024 13:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Mar 2025 02:45:35 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 9489	42 B 64 B	78ms 77ms	Fetch image/gif	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudSy3ZgShSedBNHrGUVcVtaFPDyVt6hqNlKdI3LoJbrGXFRjjIp0W_KmTOTMw_B2kc3HV4nLKy0QKlUHDqQbll-M_8M4qR93K5ZQhGIMmXGS6wWgmN9JXoaLD_AEDNka5JOOxPRyCG8S2w24NRSbfxyRsqjEHSXCY&sai=AMfl-YTxBSiwaJ8IpwEQLJ8HoFfT3kj9Cc3N9xKQqocHsDLHIvdwgLQxWNVFj2O1WwkLJ1jsF24hYwLqAa8E0ZmRDHbCdBTA-yggb7nYCvcSVbuYTMN6ZAKH9qe_jZ8&sig=Cg0ArKJSzO1pFUeVBflZEAE&cid=CAQSOwB7FLtq9MVNT0b1ek6tWSMZ22xZk4-3VLLQo2jr2abX_RgbT9mGuZm4xtexYqM-OrYb4nxCfJh4nidSGAE&id=lidar2&mcvt=1004&p=0,0,250,300&mtos=0,0,1004,1004,1004&tos=0,0,1004,0,0&v=20240313&bin=7&avms=nio&bs=0,0&mc=0.65&if=1&vu=1&app=0&itpl=20&adk=1630190559&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=669680500&rst=1710764004932&rpt=888&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:26 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 540E	0 0	70ms 70ms	Image text/html	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403140101&jk=2171237421639881&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	200	J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Show response pagead2.googlesyndication.com/bg/ Frame 3CBF	40 KB 15 KB	15ms 15ms	Script text/javascript	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/J7jMHEcdr0lVSatsUU1en4le0CiJfA3--2xrJ7e0v4U.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 27b8cc1c471daf495549ab6c514d5e9f895ed028897c0dfefb6c6b27b7b4bf85 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 02:45:35 GMT content-encoding br x-content-type-options nosniff age 34071 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15583 x-xss-protection 0 last-modified Mon, 11 Mar 2024 13:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 18 Mar 2025 02:45:35 GMT
GET H2	204	unip Show response trc-events.taboola.com/1104625/log/3/	0 244 B	12ms 7ms	XHR text/plain	141.226.224.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1104625/log/3/unip?en=pre_d_eng_tb&tos=4958&scd=0&ssd=1&est=1710764002226&ver=36&isls=true&src=i&invt=3000&msa=4620&rv=1&tim=1710764007184&vi=1710764002213&ri=d8ca30e780fbd29e26201844447d4ffe&ref=null&cv=20240317-34-RELEASE&item-url=https%3A%2F%2Fwww.bonus.ch%2F Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1104625/tfa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-origin https://www.bonus.ch pragma no-cache date Mon, 18 Mar 2024 12:13:27 GMT cache-control no-cache access-control-allow-credentials true server nginx p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 9489	0 22 B	72ms 71ms	Ping image/gif	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3316502855756&version=m202402290101&ct=76&x=1&cor=2838096041274420000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:27 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 9489	43 B 215 B	89ms 89ms	Image image/gif	2600:1f13:800:7780:7f42:b2c1:ce1d:2019 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1608565&asId=4d5ff19d-dbf1-d3b1-54d3-72abf3f7230d&tv=%7Bc:7gM4gY,time:1479,type:e,im:%7Bpci:%7Btdr:1158%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1184,n:0,pp:295,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1174~0,0~50%5D,as:%5B1174~300.250%5D%7D%7D,%7Bsl:pp,t:1184,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:65,obst:0,th:0,reas:,bkn:%7Bpiv:%5B295~50%5D,as:%5B295~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:136,fm:u7nhqkZ+11%7C12%7C13%7C14%7C151*.1608565-73384177%7C1511%7C1512%7C1513%7C1514%7C16%7C1711%7C172%7C181%7C1821,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:34,sis:198%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7780:7f42:b2c1:ce1d:2019 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:27 GMT server nginx x-server-name dt20.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 07DE	42 B 64 B	75ms 74ms	Fetch image/gif	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8ktbt0fF1FA7-_4yx5zLA_JdrVsql0UiBsq_afQqLe_67Kf-o6xoLyDd_WDqRt5NhlBIndcOZ13sbj2XfiJGvg6ulLrXdY6ndUFY1HlXfoSuGTMThaa27hZbGp1Btsc-eWil-3fJDdSCJkRQiL4HQ9ZO6yW1LhyE&sig=Cg0ArKJSzOaGWtMyCCDaEAE&id=lidar2&mcvt=1111&p=1038,908,1288,1208&mtos=0,0,1111,1111,1111&tos=0,0,1111,0,0&v=20240313&bin=7&avms=nio&bs=1600,1200&mc=0.65&vu=1&app=0&itpl=19&adk=1543845779&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=669680400&rst=1710764003688&rpt=2580&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:27 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame AF14	0 10 B	21ms 21ms	Image text/plain	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?k6vPdw Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:27 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 3CBF	0 10 B	17ms 17ms	Image text/plain	2607:f8b0:4004:c1f::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?yq3KFg Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c1f::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers date Mon, 18 Mar 2024 12:13:27 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	dt dt.adsafeprotected.com/ Frame 9489	43 B 215 B	84ms 83ms	Image image/gif	2600:1f13:800:7780:7f42:b2c1:ce1d:2019 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1608565&asId=4d5ff19d-dbf1-d3b1-54d3-72abf3f7230d&tv=%7Bc:7gM4sm,pingTime:1,time:2185,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:32%7D,%7Bpiv:65,vs:pp,r:,t:1184%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1184,n:0,pp:1001,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1174~0,0~50%5D,as:%5B1174~300.250%5D%7D%7D,%7Bsl:pp,t:1184,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:65,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~50%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:96,fm:u7nhqkZ+11%7C12%7C13%7C14%7C151*.1608565-73384177%7C1511%7C1512%7C1513%7C1514%7C16%7C1711%7C172%7C181%7C1821,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:34,sis:198%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7780:7f42:b2c1:ce1d:2019 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:28 GMT server nginx x-server-name dt01.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	75ms 74ms	Image text/html	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403140101&jk=2171237421639881&bg=!-vml-bbNAAY_ejuoH3o7ADQBe5WfONX6qbYD83fDKTjTJaarXcwWZRkNUEoYaHAQLaonb-Mix7DHarJSUo4WIFFMmmXXAgAAAetSAAAABGgBBwoAXl0uJm_2TCu0Aeq7BEZy95x_Osnp49BDBwpyS3i1kmUIoMWQnMJPB5_mv6V1ArFiHOKVeYWPb3Nj43HCEVCcBVEqhcsAaNlq9MSxI57qMKCd4nVhqIG_xdDpvN0IrCWZAsLNwpMjYY6tP_bwcKJEH6P6fT1cnQlq4zvznkb7emgsGW1A0aQschC0utV577hwdgzMFuo6MR084dbUc0qPibQSAvJN-S65GPxrYiytSBFoJJhzZLkdFdb_1pd-x0rysjkkQ5GoZ54emBIBRqBkFAy9z1mtoqZytWG-UNooWX_PTA7gwrPHTgX5Yp7AFv1tEXZu39TgqP8rnvukj1HNFBeHbRkBPwIa8OhXw8-5D3pfXczNp2EV-c7Sl22ySJGBVSwcHqKHmv8nipJ3f6STbriNXxZmIMTV3qlX3Q3DuibuOGHZJCrmUj5ZzUrcQo3ZYM_jtiPAx8FZg4jdy1fRbauYPVGHS9YcNDP30Re3NpGl8VsdzWl36jp08VGbj0WqshMqc7LfmDvsV7MKMosRq_TUB_vLeydR03OpeYdf8j_SGCnttCQ4qSKV_wiOWHv1i4oCFMUvkXQaGjmoBBBAF8EZFKlazkkCVAX8G1KcKKp7LNH2N1Il5M8s07L-Aqio6U2blWYwYE6mkpBymwAKCxW1Dydc399-cRLaxGEudOT3hViSrMNMCA2KASPnzei9cpmdVNrzdVwJxnEtZ2vU7fVmSZ5ow1YLQE5qW8EvVHWUxaXk108zulGyynqk0dSEMjx8h8k1cIwRhBhWgkCRLfJ_ppM_9kYoBH7PfDU6baWX5DN0br916Q71W4Jt2a7E-7fIupURk5CdxnXqMQxKus_QqkGVr8neuHQWJIh1smhuunxsv4RfBPO-kuQbiXBAu4IqTy6XpD1Jzb5w4mUBe6UF3mOQM6u0GkTzKnQzgCPKdEObmwibW8uSFAc-ATcbVCEUqO2aJuhvjoF3qCYaxBoqeLoPLeI0dT2rNueXsQ6mpS-covMqK_-yDtqvUh6nRk4a5A6bebDHPoTqshcXe0UZq4Q-2jpZQzAhLJBbyhu5enUN Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 07DE	0 0	73ms 73ms	Image text/html	2607:f8b0:4004:c0b::9c GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240313&jk=2390733360894535&bg=!NDelN3jNAAY_ejuoH3o7ADQBe5WfOPyB4f4n60P7pMoDlOu9O8UYibS9oDjfn7jo7aFjlxCEHA9Ap6VUBW5cVyIlWMNEAgAAAg1SAAAABWgBB5kC17PoIFruyAItRbhC6hFjKo3XLQcWcmSsapQnfwf7pMCPvf37P8o9yvcJTTWqoEkcajrNsIRSs8D0hdlY_xI9jAvMSFIgU1ucsw0RRzbCOEVGtFkypuaVO3hLMBGQrCNkH6caGoWNePPEHTzLMaApcg29C534U8tj8OUJwoaNk0-sRc9E3U4buFQ_4GfUkbpdtLMUYgbIXKaHkaV-DEM0WwEG9AgyexYuVLgxx-1BRXwjaEmRzc1f_laYyOOzkU1JEy3MbbHqrF09EEefx-4wzhOOqA6bKBoHoTkxC_Ju5aPdqXQ8Jfb4rEfxYNZp-TiXwa02tdi0keM7XvkzjbYABaFZEfkktpAgjmXafNXXDmJ9PGNm22IgV0g1hu-M_n4buJ-r7q9MDRnyYHN8gibHNt5rg573StfK6sm-IQmfgywH1p060qULpoHbyPRjQ3rJ004sj5xNSjUAMAIQJdzuo3c-H3yLFoCWBaSVTIW2XaQFpeMSBaXqJww3i6OiMpzncCJ4_xd5jC-cUjImNtd10q4T0RJMIzZDVoHAeBbkBFyPofPQydkJG8fFONns9IzHEEUwL-ZvN9vRudRC96Ez-HO3cAOrZ2NwwKcA5YmMee9i0wHENGTq3rr2wxCAm7rDoYlDThC3XdkCe0MRiXXSg1pRXzpJdVuxmjnwenmUSnQBCFYrX9soP5r3LRh0E_UFpwSOZ2POj5tW7xMxhdsvsSKiqWqbhayzmQ-U_AlCVv6OIWlZXZJe72e2zzdzQsIOyLNV44IQ8K41WQpl6eMU-KMcihEC7q630at_Pb45PyZxuDb5AD8kmjiYiBvZrFXQRr-Hks1pxbep3zP5JTUNpXzYpIK044rKeZ3ckPUnt21xDK9lC2aMBEzY4_wwy7tXjNmd1rD3huwqMTgWThqlRi-Xtl5S4nZIRBA8UA-QtWpN8VB4KjxcVOnwDUdR3p-QEaVdptDTzm8 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4004:c0b::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers
POST H2	204	collect analytics.google.com/g/	0 54 B	22ms 21ms	Ping text/plain	2001:4860:4802:34::181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-T9BJYJS9TW&gtm=45je43d0v887343506za200&_p=1710764001333&gcd=13l3l3l3l1&npa=0&dma=0&cid=1723967549.1710764002&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&sid=1710764002&sct=1&seg=0&dl=https%3A%2F%2Fwww.bonus.ch%2F&dt=Krankenkassenvergeich%2C%20Autoversicherung%20Schweiz%20und%20vieles%20mehr&_s=2&tfd=8556 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-T9BJYJS9TW&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.bonus.ch/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:28 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.bonus.ch cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 9489	43 B 215 B	94ms 84ms	Image image/gif	2600:1f13:800:7780:7f42:b2c1:ce1d:2019 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1608565&asId=4d5ff19d-dbf1-d3b1-54d3-72abf3f7230d&tv=%7Bc:7gM5uS,pingTime:5,time:6185,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:32%7D,%7Bpiv:65,vs:pp,r:,t:1184%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1184,n:0,pp:5001,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1174~0,0~50%5D,as:%5B1174~300.250%5D%7D%7D,%7Bsl:pp,t:1184,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:65,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~50%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:86,fm:u7nhqkZ+11%7C12%7C13%7C14%7C151*.1608565-73384177%7C1511%7C1512%7C1513%7C1514%7C16%7C1711%7C172%7C181%7C1821,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:34,sis:198%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7780:7f42:b2c1:ce1d:2019 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-US,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2024 12:13:32 GMT server nginx x-server-name dt22.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	204	unip Show response trc-events.taboola.com/1104625/log/3/	0 244 B	8ms 7ms	XHR text/plain	141.226.224.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Full URL https://trc-events.taboola.com/1104625/log/3/unip?en=pre_d_eng_tb&tos=10973&scd=0&ssd=1&est=1710764002226&ver=36&isls=true&src=i&invt=6000&msa=4620&rv=1&tim=1710764013200&vi=1710764002213&ri=d8ca30e780fbd29e26201844447d4ffe&ref=null&cv=20240317-34-RELEASE&item-url=https%3A%2F%2Fwww.bonus.ch%2F Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/unip/1104625/tfa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.bonus.ch/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers access-control-allow-origin https://www.bonus.ch pragma no-cache date Mon, 18 Mar 2024 12:13:33 GMT cache-control no-cache access-control-allow-credentials true server nginx p3p policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"