www.elzse.com Open in urlscan Pro
209.127.116.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.elzse.com/item/new
Effective URL:
https://www.elzse.com/user/login
Submission: On November 05 via manual (November 5th 2023, 6:58:35 am UTC) from DE — Scanned from CH

Summary HTTP 149 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 23 domains to perform 149 HTTP transactions. The main IP is 209.127.116.234, located in Piscataway, United States and belongs to SERVER-MANIA, CA. The main domain is www.elzse.com.
TLS certificate: Issued by R3 on September 8th 2023. Valid for: 3 months.

This is the only time www.elzse.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	209.127.116.234 209.127.116.234	55286 (SERVER-MANIA) (SERVER-MANIA)
12	169.150.247.37 169.150.247.37	60068 (CDN77 ^_^) (CDN77 ^_^)
6	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
4	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
6	142.250.181.228 142.250.181.228	15169 (GOOGLE) (GOOGLE)
1	216.58.212.136 216.58.212.136	15169 (GOOGLE) (GOOGLE)
11	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
10	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
2 11	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
22	142.250.185.161 142.250.185.161	15169 (GOOGLE) (GOOGLE)
3	142.250.185.74 142.250.185.74	15169 (GOOGLE) (GOOGLE)
7	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
6	142.251.161.94 142.251.161.94	15169 (GOOGLE) (GOOGLE)
1	108.177.15.154 108.177.15.154	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
2	74.125.108.201 74.125.108.201	() ()
3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	91.228.74.159 91.228.74.159	() ()
1 2	104.18.25.173 104.18.25.173	() ()
1	3.33.220.150 3.33.220.150	() ()
1 1	35.190.0.66 35.190.0.66	() ()
6	142.250.186.130 142.250.186.130	() ()
2 2	213.155.156.168 213.155.156.168	() ()
1 1	35.208.249.213 35.208.249.213	() ()
3	142.250.184.226 142.250.184.226	() ()
1	216.58.206.34 216.58.206.34	() ()
1	142.250.185.98 142.250.185.98	() ()
149	26

5 209.127.116.234 (Piscataway, United States) 1 redirects

ASN55286 (SERVER-MANIA, CA)
PTR: mx233.dealsforhalf.com

www.elzse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 169.150.247.37 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-37.bunnyinfra.net

static.elzse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.136 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.161.94 (United States)

ASN15169 (GOOGLE, US)
PTR: ig-in-f94.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.110 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.108.201 (None, )

ASN- ()

r4---sn-1gi7znek.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.159 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.173 (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (None, ) 1 redirects

ASN- ()

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (None, )

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (None, ) 1 redirects

ASN- ()

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.34 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (None, )

ASN- ()

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149 ade.googlesyndication.com	416 KB
27	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	789 KB
19	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 bid.g.doubleclick.net — Cisco Umbrella Rank: 802 cm.g.doubleclick.net googleads4.g.doubleclick.net	204 KB
17	elzse.com 1 redirects www.elzse.com static.elzse.com	236 KB
13	google.com www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359	99 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com — Cisco Umbrella Rank: 447	140 KB
4	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1181 www.googleadservices.com	602 B
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	163 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	179 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1173 r4---sn-1gi7znek.c.2mdn.net	946 B
2	de17a.com 2 redirects d5p.de17a.com	653 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
1	mediago.io 1 redirects trace.mediago.io	454 B
1	travelaudience.com 1 redirects ads.travelaudience.com	554 B
1	adsrvr.org match.adsrvr.org	150 B
1	quantserve.com cms.quantserve.com	465 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	92 KB
0	teads.tv Failed sync.teads.tv Failed
0	yandex.ru Failed an.yandex.ru Failed
0	adform.net Failed c1.adform.net Failed
0	uuidksinc.net Failed s.uuidksinc.net Failed
0	appier.net Failed a.c.appier.net Failed
0	simpli.fi Failed um.simpli.fi Failed
149	23

	Domain	Requested by
22	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com
17	pagead2.googlesyndication.com	www.elzse.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	static.elzse.com	www.elzse.com
11	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net www.elzse.com
11	www.gstatic.com	www.google.com www.gstatic.com googleads.g.doubleclick.net
10	fonts.gstatic.com	fonts.googleapis.com www.google.com
7	fundingchoicesmessages.google.com	pagead2.googlesyndication.com www.elzse.com
6	cm.g.doubleclick.net	googleads.g.doubleclick.net www.elzse.com
6	csi.gstatic.com	imasdk.googleapis.com
6	www.google.com	www.elzse.com www.gstatic.com www.google.com googleads.g.doubleclick.net
6	fonts.googleapis.com	www.elzse.com googleads.g.doubleclick.net
5	www.elzse.com	1 redirects www.elzse.com
4	cdnjs.cloudflare.com	www.elzse.com cdnjs.cloudflare.com
3	www.googleadservices.com	www.elzse.com googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	imasdk.googleapis.com	googleads.g.doubleclick.net www.elzse.com
2	d5p.de17a.com	2 redirects
2	r4---sn-1gi7znek.c.2mdn.net	www.elzse.com
1	googleads4.g.doubleclick.net	www.elzse.com
1	ade.googlesyndication.com	www.elzse.com
1	trace.mediago.io	1 redirects
1	ads.travelaudience.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com	www.elzse.com
1	a.tribalfusion.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.elzse.com
0	sync.teads.tv Failed	googleads.g.doubleclick.net
0	an.yandex.ru Failed	googleads.g.doubleclick.net
0	c1.adform.net Failed	googleads.g.doubleclick.net
0	s.uuidksinc.net Failed	googleads.g.doubleclick.net
0	a.c.appier.net Failed	googleads.g.doubleclick.net
0	um.simpli.fi Failed	googleads.g.doubleclick.net
149	36

This site contains links to these domains. Also see Links.

Domain
www.themirch.com
www.facebook.com
www.pinterest.com
twitter.com

Subject Issuer	Validity	Valid
www.elzse.com R3	`2023-09-08` - `2023-12-07`	3 months	crt.sh
static.elzse.com R3	`2023-10-22` - `2024-01-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-10-10` - `2023-12-19`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://www.elzse.com/user/login
Frame ID: 94F958BEC97D51E5DB8D82751F8238C7
Requests: 46 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfYvcYfAAAAAIXkkxIavtY6TmaxJxc176G9dw-x&co=aHR0cHM6Ly93d3cuZWx6c2UuY29tOjQ0Mw..&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=normal&cb=8ix59z9xfw47
Frame ID: A5568ED2807FF7F880629D9B42BEAA19
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Frame ID: 93BEC8C7EB000DB8AEF532ED53C29113
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030198728032815&output=html&adk=2655925783&adf=3967345110&lmt=1699167510&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167509999&bpp=26&bdt=1653&idt=708&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4955364212498&frm=20&pv=2&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=740
Frame ID: E8DBF8BE477BDE4D7283DFB889793B10
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030198728032815&output=html&h=540&slotname=1354993823&adk=3172513012&adf=2868669181&pi=t.ma~as.1354993823&w=1080&cr_col=4&cr_row=2&fwrn=2&lmt=1699167510&rafmt=9&format=1080x540&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167510025&bpp=10&bdt=1679&idt=729&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=RYoa80RRkE&p=https%3A//www.elzse.com&dtd=734
Frame ID: 8F791DB5FB1347A5E16F634B94DB1BEF
Requests: 29 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6LfYvcYfAAAAAIXkkxIavtY6TmaxJxc176G9dw-x
Frame ID: 582EFC8B80EF9B5076C1EA5360A945CE
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=1498063870&pi=t.aa~a.864218115~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540&nras=2&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Cp6aNl6Ksx&p=https%3A//www.elzse.com&dtd=260
Frame ID: 50DFF87582C26296E1F0B13C8026D213
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=4012628939&pi=t.aa~a.864195334~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540%2C1080x90&nras=3&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OFyXTzTzi&p=https%3A//www.elzse.com&dtd=275
Frame ID: 4D47C6ACA9E43D34A315E8D031B7FBBE
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1
Frame ID: 40992E7FA041807174DCDDE20B2D473F
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: F555A982710BE7838C89130C6069D91F
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7CRoboto%3A400%2C500%2C900
Frame ID: 3C77B9EF89CF8299788718CAD658475C
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5A0FBAED66351271A779789C7FD3C52B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js
Frame ID: D473FBC00A6C6FB49C5B6B1ADF2CE38B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js
Frame ID: 1D055B60A658708132580BA3EF364416
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2297D5F2B535C3F89EADAF657A6E4FEB
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login into your account

Page URL History Show full URLs

https://www.elzse.com/item/new HTTP 302
https://www.elzse.com/user/login Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

149
Requests

89 %
HTTPS

0 %
IPv6

23
Domains

36
Subdomains

26
IPs

3
Countries

2319 kB
Transfer

8886 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.themirch.com/bl/item/new
Title: List Your Business

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ElzseClassifieds

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/elzseclassifieds/

Search URL Search Domain Scan URL

URL: https://twitter.com/ElzseClassified

Search URL Search Domain Scan URL

URL: https://www.themirch.com/
Title: Free Classifieds

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.elzse.com/item/new HTTP 302
https://www.elzse.com/user/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://gcdn.2mdn.net/videoplayback/id/109b3121d9b36459/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841920038/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/2C6E76FF856887F3F83408C3E5B00338AA07AA9E.29CC91B24C69D787D855E93A7B9DBED3A491E1F8/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-1gi7znek.c.2mdn.net/videoplayback/id/109b3121d9b36459/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841920038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5673F78E9F54FDBAAA68897A4D8FA2D7FB93A8C7.08E34E56476E45952281D4F62D92AA19E14B8869/key/cms1/cms_redirect/yes/mh/qT/mip/188.154.92.63/mm/42/mn/sn-1gi7znek/ms/onc/mt/1699167155/mv/m/mvi/4/pl/15/file/file.mp4

Request Chain 104

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBLwZt6FSp26QjZywEE9vnA&google_cver=1&google_push=AXcoOmRapMcYwFcGKtwjK3TJmpdbsmwiGHrFfwYFJE6nbnyB1hSpzfi7wLGrVP2Bij9F-EgLvBePf_7wYHvktpLRRBDAfql7E75CGNI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRapMcYwFcGKtwjK3TJmpdbsmwiGHrFfwYFJE6nbnyB1hSpzfi7wLGrVP2Bij9F-EgLvBePf_7wYHvktpLRRBDAfql7E75CGNI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBLwZt6FSp26QjZywEE9vnA&google_cver=1&google_push=AXcoOmRapMcYwFcGKtwjK3TJmpdbsmwiGHrFfwYFJE6nbnyB1hSpzfi7wLGrVP2Bij9F-EgLvBePf_7wYHvktpLRRBDAfql7E75CGNI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRapMcYwFcGKtwjK3TJmpdbsmwiGHrFfwYFJE6nbnyB1hSpzfi7wLGrVP2Bij9F-EgLvBePf_7wYHvktpLRRBDAfql7E75CGNI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 106

https://ads.travelaudience.com/google_pixel?google_gid=CAESENzl-ioNbt7seA8GgOkoUII&google_cver=1&google_push=AXcoOmR7LiouTaeC65ScfwwE4GY2Ldo35WNUxsrKPq3On0ALItzu_IDJ7IxVRfBglhrBvny93qVE0h98h8i8ETDIiX7F5ykSroX-vs8 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ezgEdrzCQzUd35QIg-O5Gw&google_push=AXcoOmR7LiouTaeC65ScfwwE4GY2Ldo35WNUxsrKPq3On0ALItzu_IDJ7IxVRfBglhrBvny93qVE0h98h8i8ETDIiX7F5ykSroX-vs8

Request Chain 107

https://a.c.appier.net/gcm?google_gid=CAESEDdbKT51E2XwFp1G0S5xJiY&google_cver=1&google_push=AXcoOmTFfzGZepvMekWy3uCeUdeJE9wGNKAk3XeS_MA_EnE3UwvQE3Rp8OavTnE0T1yjC7t0Kh6dTUSCMCArOmETCJYdQwI3yWlQWg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=dWxZbWRJWkFCcENnblVkTEdqMUhaUQ%3D%3D&google_push=AXcoOmTFfzGZepvMekWy3uCeUdeJE9wGNKAk3XeS_MA_EnE3UwvQE3Rp8OavTnE0T1yjC7t0Kh6dTUSCMCArOmETCJYdQwI3yWlQWg

Request Chain 108

https://d5p.de17a.com/cookies/google?google_gid=CAESEBSrjNocBR4VWgcoPsbZL8E&google_cver=1&google_push=AXcoOmQM0yPey5BjmxFeMRr40qCFK0Uj_CVSFSuWnxZeaP489QNLU3yf3YMrtVJek7IvjkIAYcHDLyVplYr-7YnDL31hOFw19cB2VIg HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBSrjNocBR4VWgcoPsbZL8E&google_cver=1&google_push=AXcoOmQM0yPey5BjmxFeMRr40qCFK0Uj_CVSFSuWnxZeaP489QNLU3yf3YMrtVJek7IvjkIAYcHDLyVplYr-7YnDL31hOFw19cB2VIg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQM0yPey5BjmxFeMRr40qCFK0Uj_CVSFSuWnxZeaP489QNLU3yf3YMrtVJek7IvjkIAYcHDLyVplYr-7YnDL31hOFw19cB2VIg

Request Chain 109

https://trace.mediago.io/cs/google?google_gid=CAESEOxW0S5LXwLxwI53o3Cazm0&google_cver=1&google_push=AXcoOmSUH7r52dEx6RXZn3VvW1_2-6LEOFmTldEfUL13a79J44xUrLbvPkaGBTrwcMVceoInkSNHvoGg145DzOeiWp9Vqsflquxv2cV6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSUH7r52dEx6RXZn3VvW1_2-6LEOFmTldEfUL13a79J44xUrLbvPkaGBTrwcMVceoInkSNHvoGg145DzOeiWp9Vqsflquxv2cV6&google_hm=f34e969957849b8e1zlcf600lol4gsqz

Request Chain 115

https://googleads.g.doubleclick.net/pagead/adview?ai=CJV3IGD1HZYK8DNyNjuwPuIOJgAOz3p73c73auOPwEWQQASD___8PYPWFgIDYBKAB0_z21QPIAQmpAircdGgTAbI-qAMByAPLBKoE2gFP0OI4oizPwVhwX36O19Ly8kJMW1eDYKZHZY4F7NFPB4vuQL11myHNzhKwmKt6PkvAhdTUE_0Ihu5obGZ6e0X1Uzy4SemrW2W-L7X6FmmfiFc4EvzbhJ95P6x1epet1eujvLz5D0DZ4e17se6Vq14Ez6vD6vDz6FrcpfwT8l9VLS8CzK3HRnPowB0F1nMiu4SJuckgMJPajGJuevnSCe_dhM7znJ27Nwx5mtlAnV7NHa8g_HoRYyLiBt20dw6_1fK4y2eyHANbnLZSklg3S34rz7dIAY7sni5djsAE7Mnqv8YEiAXg7aGCTZIFBAgEGAGSBQQIBRgEoAYugAfmqq6RBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEN7sBNIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgltaHR0cHM6Ly93d3cubmlrZS5jb20vY2gvZGUvcmV0YWlsLz9jcD0yNTczMDU3MTU0M19zZWFyY2hfJk1hY3JvPS0teC0yMDY2NzIyMTcwMy0tLWMtLS0tLTkxODgzMDcmZ2Nsc3JjPWF3LmRzJoAKAcgLAZgM_cHGx7QEogwMKgoKCOS0sQLutbEC2gwRCgsQgKfDrqrFj7X-ARICAQO4E4ME2BMO0BUBgBcBshccChoIABIUcHViLTYwMzAxOTg3MjgwMzI4MTUYAA&sigh=ywM8fyeTRq8&uach_m=[UACH]&ase=2&nis=4&cid=CAQSPADICaaN2RkCQmT-TBPD-TsVVmegkrwITJlpQEq5kyVCR2cwA3ctQWlJL7n60skZyuUyDmZ2ZgbsNXnUrhgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe9ef95c10203c650000000000000000%22,%222%22:%220x9b42ff9a5ac60aa10000000000000000%22,%223%22:%220x6d25a5961c68bb1e0000000000000000%22,%224%22:%220xc4dc7d1fd379fc4f0000000000000000%22,%225%22:%220xf6c1e237c06a88a50000000000000000%22},%22debug_key%22:%221329365587516835296%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985513555%22],%224%22:[%2211-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215620982872679894401%22}&andc=true

Request Chain 138

https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCtpL-5AhiRr_f6ASABMAE&v=APEucNV2xh82NG2OA2KxdZsZDM4jJHqk3Fpd3fQggSforHxN0ZLGC_ssla8kE2cX1fIhpzEY7OUnSUlMuNrO_heCkfj669IqrwHuNq-wbfGdxXmWXFoMGG8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Request Chain 144

https://googleads.g.doubleclick.net/pagead/adview?ai=Ch1m9GD1HZZP_DOaPjuwPxdi1SLPenvdzvdq44_ARZBABIP___w9g9YWAgNgEoAHT_PbVA8gBCakCKtx0aBMBsj6oAwHIA8sEqgTaAU_QjvJfh3DqvJ0KcM4b2-EXBUwIqZedDXCIud7uWkVA4pdKSN_EtBxmD4WUWAwzef-XChxqflPfInenem__po4MLQF6v5yvilikp8qID4xZ4-BkBfTEks2I44KUBy684QJolBlSq8mjNPz4yEJr61ul28ubUM2c20pISTKu_5qu9vsv9rwd9dWtMeL6YAd3F85a4Z6YAGbbtFMFkgnWtNbbviSfp9IJFOgTnK_XiZO2dFNIbzq0ppWzTX4-Lie8VoTTF3v7pQQnDSx5wygtRFTJ4NTSMlejyS05wATsyeq_xgSIBeDtoYJNkgUECAQYAZIFBAgFGASgBi6AB-aqrpEFqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5YoF0ggUCIBhEAEYHzICigI6AoBASL39wTqaCW1odHRwczovL3d3dy5uaWtlLmNvbS9jaC9kZS9yZXRhaWwvP2NwPTI1NzMwNTcxNTQzX3NlYXJjaF8mTWFjcm89LS14LTIwNjY3MjIxNzAzLS0tYy0tLS0tOTE4ODMwNyZnY2xzcmM9YXcuZHMmgAoByAsBmAz9wcbHtASiDAwqCgoI5LSxAu61sQLaDBAKChCA_NG7_7C39S0SAgEDuBODBNgTDtAVAYAXAbIXHAoaCAASFHB1Yi02MDMwMTk4NzI4MDMyODE1GAA&sigh=lKnpakJA86Y&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNmpjxxg3EJK5fYHeOO1d6Mn7otTxcXX951rqAKdw_74FRpM9TKvcnJwqzZW4wLFHtutNRPG4j_RgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe9ef95c10203c650000000000000000%22,%222%22:%220x9b42ff9a5ac60aa10000000000000000%22,%223%22:%220x6d25a5961c68bb1e0000000000000000%22,%224%22:%220xc4dc7d1fd379fc4f0000000000000000%22,%225%22:%220xf6c1e237c06a88a50000000000000000%22},%22debug_key%22:%2218169845887687877023%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985513555%22],%224%22:[%2211-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226260961812626729633%22}&andc=true

Request Chain 146

https://ads.travelaudience.com/google_pixel?google_gid=CAESENzl-ioNbt7seA8GgOkoUII&google_cver=1&google_push=AXcoOmTo3qeFOZa7BVBA5DORI4PNIZLwRvAELlsdjviXO3DCdsOaB4cOgveV74fhMbCkmS8Fu9bcKYAax_A56ruTcMaMlpR6FRinLrM HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ezgEdrzCQzUd35QIg-O5Gw&google_push=AXcoOmTo3qeFOZa7BVBA5DORI4PNIZLwRvAELlsdjviXO3DCdsOaB4cOgveV74fhMbCkmS8Fu9bcKYAax_A56ruTcMaMlpR6FRinLrM

149 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
www.elzse.com/user/
Redirect Chain

https://www.elzse.com/item/new
https://www.elzse.com/user/login

80 KB
15 KB

538ms
538ms

Document
text/html

209.127.116.234
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elzse.com/user/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.127.116.234 Piscataway, United States, ASN55286 (SERVER-MANIA, CA),

Reverse DNS

mx233.dealsforhalf.com

Software

nginx/1.24.0 /

Resource Hash

15150ba9b5aad46912d13626ab3660f1debed849fa977fb113045ea855553bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 05 Nov 2023 09:34:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.24.0
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT from Backend
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 05 Nov 2023 09:34:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://www.elzse.com/user/login
pragma: no-cache
server: nginx/1.24.0
strict-transport-security: max-age=31536000
x-cache: HIT from Backend
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 style.css
static.elzse.com/oc-content/themes/delta/css/ 172 KB
42 KB 546ms
62ms Stylesheet
text/css 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.elzse.com/oc-content/themes/delta/css/style.css
Requested by: Host: www.elzse.com
URL: https://www.elzse.com/user/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-37.bunnyinfra.net
Software: BunnyCDN-DE1-1080 /
Resource Hash: 3596a5bb362f6a4f33d43b89660051beaa440f13f75ab071ee25dca5fd48ee0f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:28 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-664
cdn-cachedat: 10/23/2023 03:21:22
cdn-pullzone: 1669105
last-modified: Sun, 22 Oct 2023 09:47:31 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6534efb3-2b180"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 626afbeb-d01b-44af-a6eb-94864d5ab790
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 707b4b54f30e0f3a4f641fa36e1d20fa
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 responsive.css
static.elzse.com/oc-content/themes/delta/css/ 47 KB
12 KB 584ms
101ms Stylesheet
text/css 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.elzse.com/oc-content/themes/delta/css/responsive.css
Requested by: Host: www.elzse.com
URL: https://www.elzse.com/user/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-37.bunnyinfra.net
Software: BunnyCDN-DE1-1080 /
Resource Hash: 7d397cebdbf1b9780d0119cfb05b4ce96f3ba1f9ea7cab16056a34d8d12c5465

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:28 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-165
cdn-cachedat: 10/23/2023 03:21:22
cdn-pullzone: 1669105
last-modified: Sun, 22 Oct 2023 09:47:33 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6534efb5-bd7a"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 626afbeb-d01b-44af-a6eb-94864d5ab790
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: df098c98f03b38a7d207b825817b469b
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 529ms
70ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lora:wght@700&family=Poppins:wght@300;400;500;600&display=swap

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

a0a3ecb235805f172a98f0ed786685ea8b9df4da8451677774bad6c6161156d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Nov 2023 06:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Nov 2023 06:58:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Nov 2023 06:58:28 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/ 56 KB
11 KB 530ms
77ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 285909
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10134
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-dff5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6UzsWF94ve8jOAbxGSuMEMdGI8ade86vDmcGbOyHOCSPVbpww1kMxFNnNktrdj9YijjBu9WO7GzbKdaSpaKqp58AzZkMSJGaLKz5w%2B1zu8I%2FcVl6EDOWqMvs6%2BynMuHuT2WJOr7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 821335622ac0233d-ZRH
expires: Fri, 25 Oct 2024 06:58:28 GMT

GET
H2 200 jquery-ui.min.css
static.elzse.com/oc-content/themes/delta/css/ 29 KB
8 KB 582ms
100ms Stylesheet
text/css 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.elzse.com/oc-content/themes/delta/css/jquery-ui.min.css
Requested by: Host: www.elzse.com
URL: https://www.elzse.com/user/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-37.bunnyinfra.net
Software: BunnyCDN-DE1-1080 /
Resource Hash: 3096c34742cce1244f284469cf78e9e2b7bd12057a62c0a73823450fec66942f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:28 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-383
cdn-cachedat: 11/03/2023 12:33:15
cdn-pullzone: 1669105
last-modified: Fri, 03 Nov 2023 12:32:41 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 599
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6544e869-754b"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 626afbeb-d01b-44af-a6eb-94864d5ab790
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: d72f6745e7f6931045e13be914fb38d7
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ultimate.css
static.elzse.com/oc-content/plugins/ultimatePayments/css/ 15 KB
4 KB 582ms
100ms Stylesheet
text/css 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.elzse.com/oc-content/plugins/ultimatePayments/css/ultimate.css
Requested by: Host: www.elzse.com
URL: https://www.elzse.com/user/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-37.bunnyinfra.net
Software: BunnyCDN-DE1-1080 /
Resource Hash: 8a82b857c4536fd803e50d2d83dbb6f7f5e3729cd4cac61ff385b3dfdffc4b11

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:28 GMT
content-encoding: br
cdn-edgestorageid: 1082
perma-cache: HIT
cdn-storageserver: DE-664
cdn-cachedat: 10/24/2023 15:38:51
cdn-pullzone: 1669105
last-modified: Tue, 24 Oct 2023 10:25:02 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 709
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65379b7e-3b7a"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 626afbeb-d01b-44af-a6eb-94864d5ab790
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: a65e9aae1f5d2c5a19bac55cff8dafc0
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 style.css
www.elzse.com/oc-content/plugins/spamprotection/assets/css/ 258 B
540 B 190ms
188ms Stylesheet
text/css 209.127.116.234
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elzse.com/oc-content/plugins/spamprotection/assets/css/style.css?1699176883

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.127.116.234 Piscataway, United States, ASN55286 (SERVER-MANIA, CA),

Reverse DNS

mx233.dealsforhalf.com

Software

nginx/1.24.0 /

Resource Hash

a518bad84497efd6f6b5d041989d59ae68984903c3b92056b87df56e0f11d87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/user/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 09:34:43 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 10 Aug 2022 08:46:10 GMT
server: nginx/1.24.0
etag: "62f37052-102"
x-cache: HIT from Backend
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 258
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
static.elzse.com/oc-includes/osclass/assets/js/ 90 KB
35 KB 579ms
97ms Script
application/javascript 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.elzse.com/oc-includes/osclass/assets/js/jquery.min.js
Requested by: Host: www.elzse.com
URL: https://www.elzse.com/user/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-37.bunnyinfra.net
Software: BunnyCDN-DE1-1080 /
Resource Hash: 8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:28 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-663
cdn-cachedat: 11/02/2023 19:46:18
cdn-pullzone: 1669105
last-modified: Thu, 02 Nov 2023 14:31:49 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6543b2d5-1698b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 626afbeb-d01b-44af-a6eb-94864d5ab790
cache-control: public, max-age=31919000
cdn-requestid: d65210fc9da678ca9b738d1c7891e0c1
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ultimate.js Show response
static.elzse.com/oc-content/plugins/ultimatePayments/js/ 1 KB
925 B 582ms
101ms Script
application/javascript 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.elzse.com/oc-content/plugins/ultimatePayments/js/ultimate.js
Requested by: Host: www.elzse.com
URL: https://www.elzse.com/user/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-37.bunnyinfra.net
Software: BunnyCDN-DE1-1080 /
Resource Hash: 5f50a47e0f412b4c473b9655d9c72d5b7322fbbc6dcbfd5960f10ac5417f66a1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:28 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-677
cdn-cachedat: 10/24/2023 15:38:51
cdn-pullzone: 1669105
last-modified: Tue, 24 Oct 2023 10:25:02 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 709
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65379b7e-52f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 626afbeb-d01b-44af-a6eb-94864d5ab790
cache-control: public, max-age=31919000
cdn-requestid: 445d91189840348e51c4ead504b63c9b
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tabber-minimized.js Show response
www.elzse.com/oc-includes/osclass/assets/js/ 5 KB
2 KB 301ms
300ms Script
application/javascript 209.127.116.234
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elzse.com/oc-includes/osclass/assets/js/tabber-minimized.js

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.127.116.234 Piscataway, United States, ASN55286 (SERVER-MANIA, CA),

Reverse DNS

mx233.dealsforhalf.com

Software

nginx/1.24.0 /

Resource Hash

c8d71fce9311660e88ab07da1633391917afbdc59a805bed6d595371fdcb9f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/user/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 09:34:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 10 Jun 2023 09:30:35 GMT
server: nginx/1.24.0
content-encoding: gzip
etag: W/"648442bb-1328"
vary: Accept-Encoding
x-cache: HIT from Backend
content-type: application/javascript
cache-control: max-age=315360000
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 838ms
117ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6030198728032815

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

eeed07b42886c2fcf93a64add239a4debc683eb20c5c358e81b12d679c4749f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elzse.com/
Origin: https://www.elzse.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52192
x-xss-protection: 0
server: cafe
etag: 9627638154330810385
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 06:58:29 GMT

GET
H2 200 jquery.validate.min.js Show response
www.elzse.com/oc-content/themes/delta/js/ 21 KB
6 KB 322ms
321ms Script
application/javascript 209.127.116.234
SERVER-MANIA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elzse.com/oc-content/themes/delta/js/jquery.validate.min.js

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

209.127.116.234 Piscataway, United States, ASN55286 (SERVER-MANIA, CA),

Reverse DNS

mx233.dealsforhalf.com

Software

nginx/1.24.0 /

Resource Hash

383e81584ef323f25e77868ee3d631388a4a6bcf9ec51e26be9ddcd5f0750d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/user/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 09:34:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 16 Mar 2022 08:28:36 GMT
server: nginx/1.24.0
content-encoding: gzip
etag: W/"62319fb4-5289"
vary: Accept-Encoding
x-cache: HIT from Backend
content-type: application/javascript
cache-control: max-age=315360000
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo.jpg
static.elzse.com/oc-content/themes/delta/images/ 15 KB
15 KB 76ms
76ms Image
image/jpeg 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.elzse.com/oc-content/themes/delta/images/logo.jpg
Requested by: Host: www.elzse.com
URL: https://www.elzse.com/user/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-37.bunnyinfra.net
Software: BunnyCDN-DE1-1080 /
Resource Hash: 88477b43c91f83af4307812200cc368d050a0f34e1e37672d3d8be94f359ee23

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:28 GMT
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-587
cdn-cachedat: 10/26/2023 01:45:25
cdn-pullzone: 1669105
content-length: 15266
last-modified: Tue, 24 Oct 2023 05:39:02 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 709
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "65375876-3ba2"
content-type: image/jpeg
cdn-cache: HIT
cdn-uid: 626afbeb-d01b-44af-a6eb-94864d5ab790
cache-control: public, max-age=31919000
cdn-requestid: c16b790e2cd7534d5487e2f0fb50a41f
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 535ms
77ms Script
text/javascript 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

d53237a1856c0e9197eb819d2c6b2f71955ea5d838fc58e5fa08c0b3912badee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 05 Nov 2023 06:58:28 GMT

GET
H2 200 no-image-240x200.png
static.elzse.com/oc-content/themes/delta/images/ 1 KB
2 KB 83ms
83ms Image
image/png 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.elzse.com/oc-content/themes/delta/images/no-image-240x200.png
Requested by: Host: www.elzse.com
URL: https://www.elzse.com/user/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-37.bunnyinfra.net
Software: BunnyCDN-DE1-1080 /
Resource Hash: 0a5fd33cd3712dc83d725f059dcc74cc64c237a62ced9a6e066f539acc9b7067

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:28 GMT
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-164
cdn-cachedat: 10/22/2023 10:16:42
cdn-pullzone: 1669105
content-length: 1441
last-modified: Sun, 22 Oct 2023 08:23:53 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 383
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: "6534dc19-5a1"
content-type: image/png
cdn-cache: HIT
cdn-uid: 626afbeb-d01b-44af-a6eb-94864d5ab790
cache-control: public, max-age=31919000
cdn-requestid: c702cf62c7944f34e634f8d132cd92ea
accept-ranges: bytes
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.validate.min.js Show response
static.elzse.com/oc-content/themes/delta/js/ 21 KB
7 KB 62ms
58ms Script
application/javascript 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.elzse.com/oc-content/themes/delta/js/jquery.validate.min.js
Requested by: Host: www.elzse.com
URL: https://www.elzse.com/user/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-37.bunnyinfra.net
Software: BunnyCDN-DE1-1080 /
Resource Hash: 383e81584ef323f25e77868ee3d631388a4a6bcf9ec51e26be9ddcd5f0750d9f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:28 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-663
cdn-cachedat: 10/23/2023 03:22:22
cdn-pullzone: 1669105
last-modified: Sun, 22 Oct 2023 07:16:12 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6534cc3c-5289"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 626afbeb-d01b-44af-a6eb-94864d5ab790
cache-control: public, max-age=31919000
cdn-requestid: adf90557abacb8380f1c5d7625d89157
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery-ui.min.js Show response
static.elzse.com/oc-includes/osclass/assets/js/ 223 KB
65 KB 78ms
75ms Script
application/javascript 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.elzse.com/oc-includes/osclass/assets/js/jquery-ui.min.js
Requested by: Host: www.elzse.com
URL: https://www.elzse.com/user/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-37.bunnyinfra.net
Software: BunnyCDN-DE1-1080 /
Resource Hash: 5e4e0c1a2d7b2f4d3835b1ea8f0c7c538e5a46e0b6b29258c5fbdf1d1b4480ba

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:29 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-382
cdn-cachedat: 10/23/2023 03:21:22
cdn-pullzone: 1669105
last-modified: Sun, 22 Oct 2023 07:16:12 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 587
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6534cc3c-37ade"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 626afbeb-d01b-44af-a6eb-94864d5ab790
cache-control: public, max-age=31919000
cdn-requestid: 8438490ef52bec95299f7af010d0f4fb
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.lazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/ 5 KB
2 KB 76ms
75ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/jquery.lazy.min.js

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 285914
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2090
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-139e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWnUNGvjfJvZAhipSpr5rJZaEKJ%2FHauXpZVsWowPjqniVQnF2gZY6u%2BGL6EjBRGJ7ePSF48e3rGsxUTIgbOe7MkcinC6iwNHqce3hjEbBe0bq05Uz9EimI8TvuahNL2efvzPaM4f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 821335633ca6233d-ZRH
expires: Fri, 25 Oct 2024 06:58:28 GMT

GET
H2 200 global.js Show response
static.elzse.com/oc-content/themes/delta/js/ 69 KB
17 KB 78ms
77ms Script
application/javascript 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.elzse.com/oc-content/themes/delta/js/global.js
Requested by: Host: www.elzse.com
URL: https://www.elzse.com/user/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-37.bunnyinfra.net
Software: BunnyCDN-DE1-1080 /
Resource Hash: 7d8b085f2fb389ba329a69204faf09b83bfd16008ff4ac9ad12b7b97fbb18ec3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:29 GMT
content-encoding: br
cdn-edgestorageid: 1081
perma-cache: HIT
cdn-storageserver: DE-383
cdn-cachedat: 10/23/2023 03:21:22
cdn-pullzone: 1669105
last-modified: Sun, 22 Oct 2023 07:16:12 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 588
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"6534cc3c-11392"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 626afbeb-d01b-44af-a6eb-94864d5ab790
cache-control: public, max-age=31919000
cdn-requestid: 9a1d77483506ce2cc7b937a91ca450d7
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cookie_consent.min.js Show response
static.elzse.com/oc-content/plugins/cookie_consent/js/ 5 KB
3 KB 78ms
77ms Script
application/javascript 169.150.247.37
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.elzse.com/oc-content/plugins/cookie_consent/js/cookie_consent.min.js
Requested by: Host: www.elzse.com
URL: https://www.elzse.com/user/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 169-150-247-37.bunnyinfra.net
Software: BunnyCDN-DE1-1080 /
Resource Hash: bb79e1a86e012eaf6f83b91ae8b2a33d73e9a24d48b9d17a6cdbd869dfafaef9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:29 GMT
content-encoding: br
cdn-edgestorageid: 1080
perma-cache: HIT
cdn-storageserver: DE-588
cdn-cachedat: 10/24/2023 15:38:52
cdn-pullzone: 1669105
last-modified: Tue, 24 Oct 2023 09:50:12 GMT
server: BunnyCDN-DE1-1080
cdn-fileserver: 382
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"65379354-142e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 626afbeb-d01b-44af-a6eb-94864d5ab790
cache-control: public, max-age=31919000
cdn-requestid: b29c3bbf81a767dc4f158b575d078714
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 276 KB
92 KB 794ms
80ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=G-MNK65XTGQR

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8f3fb34b7b97a370f271c935fa7dbd4de91f03fe16355d1ab5008ef116852f70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93424
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Nov 2023 06:58:29 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ 467 KB
188 KB 781ms
65ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elzse.com/
Origin: https://www.elzse.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 21:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191376
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Nov 2024 21:50:57 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 764ms
79ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:wght@700&family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.elzse.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 17:02:00 GMT
x-content-type-options: nosniff
age: 482189
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 17:02:00 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 746ms
61ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:wght@700&family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.elzse.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:35:17 GMT
x-content-type-options: nosniff
age: 170592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 07:35:17 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/ 74 KB
75 KB 737ms
73ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53d01bef7d50d0f0d9430748fae0c7a7d4082c60778a4945de398383f46ebfc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Origin: https://www.elzse.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:29 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 357999
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76120
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12958"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3W3F7Jeg1FRuCB7j1XY0H5vU3KC2Pv6M5tyHoOio8A2vESS7YHUIh7RNAdpRk2DhBGTrCf7nxooP4Qiakhcqs%2FGr%2Fp61bpIrRUQREy8O3UT9kicoYAFcwpc4y6O2VlhNf86sImj"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 821335678e2523f7-ZRH
expires: Fri, 25 Oct 2024 06:58:29 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 766ms
82ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:wght@700&family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.elzse.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 07:52:07 GMT
x-content-type-options: nosniff
age: 83182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7840
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 07:52:07 GMT

GET
H2 200 0QI6MX1D_JOuGQbT0gvTJPa787z5vBJBkq0.woff2
fonts.gstatic.com/s/lora/v32/ 19 KB
19 KB 746ms
63ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787z5vBJBkq0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:wght@700&family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

09aa3db4ed80078e75a8db69fb15792e73c62d89dcce10b935024f952ac3ef2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.elzse.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 20:44:17 GMT
x-content-type-options: nosniff
age: 123252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19308
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Nov 2024 20:44:17 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 767ms
84ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:wght@700&family=Poppins:wght@300;400;500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.elzse.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 18:56:09 GMT
x-content-type-options: nosniff
age: 216140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Nov 2024 18:56:09 GMT

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/ 75 KB
75 KB 717ms
55ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0c49a5b6a68b632cb69b5cb945ae2c431e32e040f311f539a4ddf4423f4bb3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.12.1/css/all.min.css
Origin: https://www.elzse.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:29 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 279431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 76548
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12b04"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QRadZrMLrIIsgegkpW2I9Q9aBWR7YyiIIXhnwZMh0V%2FNuoRp5oChC7ltD5uFP7nm8XfkCeU8i21CTjl%2BWAJmC2VLa06n9ndKCftxjfnoQ2L7emxR4FwmoQZ1Rue%2BI0HyozgipG08"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 821335678e2723f7-ZRH
expires: Fri, 25 Oct 2024 06:58:29 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A556 59 KB
34 KB 331ms
330ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfYvcYfAAAAAIXkkxIavtY6TmaxJxc176G9dw-x&co=aHR0cHM6Ly93d3cuZWx6c2UuY29tOjQ0Mw..&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=normal&cb=8ix59z9xfw47

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

046844e9848cfa6c24f1f33da2e65467d48c867c5ff5d2f3b5fb24efaefe3142

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1d2Da1J7FY4fsYi7n4L73A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elzse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1d2Da1J7FY4fsYi7n4L73A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 06:58:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 399 KB
135 KB 598ms
117ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6030198728032815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e8ae4120241837e91809a58a633705716768d96ffec8dc94c5ece0afae30b9c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138207
x-xss-protection: 0
server: cafe
etag: 9854624675757596821
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 06:58:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame 93BE 10 KB
5 KB 524ms
71ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6030198728032815

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elzse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 77540
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 09:26:10 GMT
etag: 251720774729838433
expires: Sat, 18 Nov 2023 09:26:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ Frame A556 55 KB
25 KB 507ms
59ms Stylesheet
text/css 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfYvcYfAAAAAIXkkxIavtY6TmaxJxc176G9dw-x&co=aHR0cHM6Ly93d3cuZWx6c2UuY29tOjQ0Mw..&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=normal&cb=8ix59z9xfw47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Nov 2024 03:55:03 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ Frame A556 467 KB
187 KB 524ms
77ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 21:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191376
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Nov 2024 21:50:57 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
602 B 516ms
61ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.elzse.com&callback=_gfp_s_&client=ca-pub-6030198728032815

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

34a16a10d3daef4a5f781a12d41c550f5c077c31e63d5c5b8442cced6191a971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E8DB 201 KB
53 KB 508ms
506ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030198728032815&output=html&adk=2655925783&adf=3967345110&lmt=1699167510&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167509999&bpp=26&bdt=1653&idt=708&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4955364212498&frm=20&pv=2&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=740

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

7ca7010bb9f21634a81fb08afb59e9cd1984f1cb2ba421419b5891ee81ad1d3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elzse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 54456
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 06:58:31 GMT
expires: Sun, 05 Nov 2023 06:58:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
57 B 90ms
89ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=body-banner&cls=bleft&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
122 B 89ms
89ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=body-banner&cls=bleft&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8F79 83 KB
26 KB 303ms
303ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030198728032815&output=html&h=540&slotname=1354993823&adk=3172513012&adf=2868669181&pi=t.ma~as.1354993823&w=1080&cr_col=4&cr_row=2&fwrn=2&lmt=1699167510&rafmt=9&format=1080x540&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167510025&bpp=10&bdt=1679&idt=729&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=RYoa80RRkE&p=https%3A//www.elzse.com&dtd=734

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3e89636b07d3ebd0018d7dae4cee356dfaa2850901577b23eb73348d8d9abdeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elzse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 25956
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 06:58:31 GMT
expires: Sun, 05 Nov 2023 06:58:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A556 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A556 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A556 2 KB
2 KB 44ms
43ms Image
image/png 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 15:15:26 GMT
x-content-type-options: nosniff
age: 229384
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 09 Nov 2023 15:15:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A556 15 KB
15 KB 42ms
41ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 100827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 02:58:03 GMT

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame A556 102 B
209 B 55ms
55ms Other
text/javascript 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

1c8bb9d1a8eec9d58deb70c22a52e8bc5bcfd0f57eb7ba9a3a3f3312c184da91

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfYvcYfAAAAAIXkkxIavtY6TmaxJxc176G9dw-x&co=aHR0cHM6Ly93d3cuZWx6c2UuY29tOjQ0Mw..&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=normal&cb=8ix59z9xfw47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 05 Nov 2023 06:58:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 8F79 23 KB
9 KB 579ms
67ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030198728032815&output=html&h=540&slotname=1354993823&adk=3172513012&adf=2868669181&pi=t.ma~as.1354993823&w=1080&cr_col=4&cr_row=2&fwrn=2&lmt=1699167510&rafmt=9&format=1080x540&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167510025&bpp=10&bdt=1679&idt=729&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=RYoa80RRkE&p=https%3A//www.elzse.com&dtd=734

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 03:09:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8F79 8 KB
848 B 107ms
106ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Nov 2023 06:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Nov 2023 06:28:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Nov 2023 06:58:31 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/ Frame 8F79 15 KB
3 KB 548ms
46ms Stylesheet
text/css 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 12:56:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 496929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 10:40:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 12:56:22 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/ Frame 8F79 374 KB
130 KB 548ms
48ms Script
text/javascript 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

sffe /

Resource Hash

4d59317c36ebdad1f2a6a32ac70c3d8d633192c15a961b668f6321997c15720b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 12:56:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 496929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132916
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 10:40:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 12:56:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 8F79 20 KB
9 KB 565ms
59ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41911
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:20:00 GMT

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 160 KB
55 KB 110ms
109ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

22a885ff326e4064155c528cf6447c1fb0db534821097cdebad721471a4cb79a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55825
x-xss-protection: 0
server: cafe
etag: 77021769585428612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 06:58:31 GMT

GET
H2 200 ca-pub-6030198728032815 Show response
fundingchoicesmessages.google.com/i/ 161 KB
53 KB 531ms
74ms Script
application/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6030198728032815?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

1e72506478f316e1c7571503361c572d7974ee5c86acfa487938af3c700481a6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-b8OTdEKqvfJTYw0K_eZXXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-b8OTdEKqvfJTYw0K_eZXXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
57 B 111ms
110ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pfno&evt=place&vh=1200&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&hl=en&pvc=3639219329833334

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
57 B 94ms
93ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_prose&sts=pfeofe&evt=place&vh=1200&eid=44787782&pos=UNKNOWN_POSITION&vpt=DESKTOP&pvc=3639219329833334

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 582E 7 KB
1 KB 79ms
78ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6LfYvcYfAAAAAIXkkxIavtY6TmaxJxc176G9dw-x

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

07f37319b0d32f606bf3861255008178a0007342dd99409e801993297f9a3751

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e20fCbZqXnsTW5QurnSLZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elzse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-e20fCbZqXnsTW5QurnSLZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 06:58:31 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ Frame 582E 55 KB
24 KB 43ms
43ms Stylesheet
text/css 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6LfYvcYfAAAAAIXkkxIavtY6TmaxJxc176G9dw-x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Nov 2024 03:55:03 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/ Frame 582E 467 KB
187 KB 61ms
60ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6LfYvcYfAAAAAIXkkxIavtY6TmaxJxc176G9dw-x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 21:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191376
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Nov 2024 21:50:57 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8F79 0
235 B 834ms
162ms Ping
image/gif 142.251.161.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lol4gr52&c=2202635235609&slotId=1101317617804.5&qqid=CNGklJ-krIIDFYS7dwodecoMEw&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.161.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ig-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8F79 15 KB
16 KB 53ms
52ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 18:18:43 GMT
x-content-type-options: nosniff
age: 477588
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 18:18:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8F79 15 KB
15 KB 47ms
46ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 23:02:07 GMT
x-content-type-options: nosniff
age: 460585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 23:02:07 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F79 0
57 B 105ms
105ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CWHe2Fj1HZdHBMIT33gP5lLOYAcyhqKNy19n94vwRwZG87fQvEAEg____D2D1hYCA2ASgAan_5cYByAEFqAMByAObBKoE9QFP0DMnL-DRcPZm0PPxywCXFPh9S_Ikhkt36QgG_TbVJM5jjYk6pcKKhs6WNhYBexON2uO4cOm2zALsKOfMNzmdDUPPAnnsZfh_F2XyPCVOEkXPuIax4Rte2i4E_Cb8G9rGWDcbIq94EVhOnt7W5Hl-ewvZMuhmZe6R5G4RKHvSjnS4CwpEjU9SFc9CzwrG1VWbbhlylWdbADIPtWFMDuyKODdhevmHGPDUYfEGKsw1ZdB63ABYJIuGvxTPwzCG-lgcQNfbXCme7VgD9fuNZ0U9ikvi82uoB83_6TO6yw77_43PogPMIytsE0ZTqP77PbX5gE1bqcAE6Y_y7aAE4AQDiAXHs4exSJAGAaAGToAHv4CauQKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHzICigI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATp8X2FNgTDYgUAtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1699167511936&ai=CWHe2Fj1HZdHBMIT33gP5lLOYAcyhqKNy19n94vwRwZG87fQvEAEg____D2D1hYCA2ASgAan_5cYByAEFqAMByAObBKoE9QFP0DMnL-DRcPZm0PPxywCXFPh9S_Ikhkt36QgG_TbVJM5jjYk6pcKKhs6WNhYBexON2uO4cOm2zALsKOfMNzmdDUPPAnnsZfh_F2XyPCVOEkXPuIax4Rte2i4E_Cb8G9rGWDcbIq94EVhOnt7W5Hl-ewvZMuhmZe6R5G4RKHvSjnS4CwpEjU9SFc9CzwrG1VWbbhlylWdbADIPtWFMDuyKODdhevmHGPDUYfEGKsw1ZdB63ABYJIuGvxTPwzCG-lgcQNfbXCme7VgD9fuNZ0U9ikvi82uoB83_6TO6yw77_43PogPMIytsE0ZTqP77PbX5gE1bqcAE6Y_y7aAE4AQDiAXHs4exSJAGAaAGToAHv4CauQKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHzICigI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATp8X2FNgTDYgUAtgUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8F79 0
46 B 789ms
166ms Ping
image/gif 142.251.161.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lol4gr5w&c=2202635235609&slotId=1101317617804.5&qqid=CNGklJ-krIIDFYS7dwodecoMEw&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.xz&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.161.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ig-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 8F79 30 KB
18 KB 291ms
117ms XHR
text/xml 108.177.15.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CCt4yX6YkhU9ljt8LZeWHqGfzrafXa3TNUYkuO7Y3QNIKlPmzRQq6hROJBhLHTPLGhITSVbcCFisaDZaZQmsSwSrvZjQ&cry=1&dbm_d=AKAmf-ADzyQ4fzs0UE50UzVUHBMKLZVe5F7CNn1qBFDXUb6n4i7S1JdZMYoLmkglD_sZxygGYr9W5-C-XSEcZm3DNTgrjRYAvtk0rLu_jGsrk5fhL67u5XxtwQsoDRCK0X99Nkdn9sfwiO-BjXHty8bAZeb6H9H84bNm2p9bOSIPe-N1IGNtygAaUZkS9WyB0gDt2GhB6qsTmXu6ci7WtwkRa9bvp9jo9TLswxQvRb16fquuuwfLKoW7CrDioqJKajcZg1YG40-PXZeEZRobrvSQ_PqbwHs7tc1Fejq-VRwQonb4NMFrZQdNStLfmGh4mLCZfqISUaph6eQQKhBTgY-Hd9fxtXeQE0EHZs0hwjutGwmXEEmcyTIsiy5lVlFiNQ926YyjU7PW1wkM2iI6RzXZ-9a2bLGoVx5GAGJlxSJiTJLu7rVgV1CIfKd_DxpgiNfuvfhXxIJ6aWk_J449875vp-EhVswnzd6gE0AcxmYLOav8kq2XdoE0DMDZsKVHE12tF2nzW7VMa_q3x7cs0LA2-_rStzwBKcFqvzbfIwnmum04vyw4H4s2PeRtARg284SeXuOaHpg2ncEZw2HdaTzNBi3BunOAQf7nyEyqxSd7RCSHX7idY47Z6i8Yv0XJ0GgFKtuyK9HfB7wuLnWl3j4cmlWe5cCOSpiESAECA8ml54JPtu2oiLYKnEUaEhhTVMiw0AyMgjWAgzbHV4IpLTR9iwvFdgj1VuRjjq-wVnslHMoU-06YMT7tYvfbEmVODY2vKMH4Jqt3OMG9sf5SYfO9ydjxIUxtHKChB3RUcI9RGuS9QvJcZ_o3PDqnxV9789CDGUncvb2NLyPeWTmZ8LPdiQ534Es712St_Lg7vDq0_X-OsMeKT0CtNPdotJ5jtWn7tYRVG12B-AlKrJj05U98lNPbsL8WwA9SR0DPvA_RiPm_puz4cpRRFbLlxfz8H-_M3jJxicMekM2bzIqfj3Yxj7x9LmcydvZFFLloBvg8lDek6Wy4Oj3FEMO0te_3R1p_Ngf6NiJh7ZZSZVsuQkthW4ynAC2_oV1O4btZAXhudPzzU6avSImc-HnNMWqDLJPT4RHE7HIn-b1P3smd0dBu47cvM9z8Svq6FG9_NwIWU9VFNJABEfNfbqm-0prnIg17aaoSLevv-yZrLA1P-rXqQTEmF3Xh_nJB4RpaDXK0vI2YRPYXKjadv4oJ49F80qXu-F7C8q8-XTsezbIxf0MC5L4nPuTipI20lTinLjNmMYfaR6rKg55R0YBvzcXK1vLG9ebeXo2fzz_yb43l9yQIpCTGgk4qRtNRwgAsdn_yN8nWkH1gr-OtRQivC0tJq7EBEogiMGpJlPOoov19xWHmfREOBnGEusrzGJxX0Qk_4iQx4C1xJYTYLlvMERTJGEnK93HSGMwGolPRwOSiB4GZ4mpYrW8_yMBHRRKIJSKk4YEXBw7uP3_mdUxpG-zROCJZrjB2R6efjM-eyzOr-F86o2ofIT-ndQirT66ZyBEQqxckJZVkdKAsUFFHUnWS_5BbSyfAf5yMdTGO0Cjr29mA9FbPSwfHkiJ0P5nTgOU-W7KebMHcP8Et7-DbQJqqPVZILfsbDKZNB88OpJqBJqcGyUU3cO_H1a0Zu7fuBvt4IL-VVj89Q8vE9e-HilYz0Qt8ONKfcnObeTCGAICCmpDtcnIYLX3iyScS5-hKSRYT2meKfOlaO4spnSof5wftr7pCXemogFBrSVDIktnjudGAKHB3LOs2uD2xAzRhebRjj5YddZhY2L69njouD5FawydeRnhGlkcXsiXgfH972LJLtM0MAdasGup2A8g3H1fEPxmQkJ_awJRc74Ffoq04aKn74k89Mj_wFKwyG9iIgsYukYLltxGCxfKTJ9tKFYYXDIp45-5c1w34HRhgZGe8jM4uzlZNVo9LQDKtzFqAgFhb_KBslhh0wmFTUvE7tflo03d3bSLDw1w32cGlTUGRoUUzna7eQ7_E07gqKeMgUJqr_YGmzE7cjvlBnVmIZPZbeOWl-KK1Il7Twp7jxuLKlFnjJaCRR5VVzrunJH_7k7ZQNV0BE7Dz3tSVXJqpB5tUfKiYmDshCgWYv2wRLznCGVIGcNo8C_Yh-_1RwyUjsohBl5RxOF3iU-N__NeTIS6AM5PLTVuSXpld7IChl72dvX6HsImY-m6dTIp-F3Ylti1ZH7A0aeI7Fidi-o51kz2lWo9IlOMo2bWBnqcOT2HuBVpH0GKKP6Vkzotjwyu_N7rS2Lb3f49NAt8aFQAri8o78ahnhSl8nZcUGITvqxhKQ94BHc61F8bEUQEhq-P_QMTRspMvKHMB_H66TXShjTih4IwzZKi6MzoyN2qd1Z8p1zo8YTpZ7y9vyAaDGbeCrsxtKlIHDh7kwZ7axvu_U_zblLSzySbdrZpRxFIfBuTkV90rhhaB_bD9ytunqVtTMtVNVt3ch8NvUZBVs60oI-Subkm1NgP5tVuQfEXZT0GX4NO_yKQwU-tupmH0V02vlcj75lRnAdX4JRQc7RP4EMzufk5cU9JgJuZndYl13WNjWGe8YfZMiHdbV-xPVIl_xi-W2SAOieMywqGMKelbwRJ2iQ6tS9goGGvtwSHka4eB1DsiLOf5GvMKK5YXoGwITFj2aQ6ql230oL4POS73sPWH08Kmfhvt-tRriBF4RtlRJY9vL-1mmVtac_gbelR7TNTKtcti-Ypq4nXaulBIInXj4bvh3TOQkwLrJNmxYKyet_Qm4zIDnagXKXqKmT34uzFj02Sni5RAVoLjVJ0_VD_dbgXuCy95jPsrQcWFU9uJ3U6SlHJuyBmpst21CCm7E9tCh5S0RLkHdw67xukWsjAdnAhsSA3BPULq3XscZNaSslzZS6eisIu7xMv0kZm4al5GN5TQ6nQM4N6ndjI9jeOxaQB2oDz5-s3dWueZJI7dheTdiQj53C6RLodi3-8Q3JrYkpacfO2gAW5QGk5_nHmYfiigvcPHmlwZcDOQ85BbRUg8MxGadiCofILwXbljt_c2CAZdX3JlCWn4YaTJLjpMpXEXjKa4tqCgFGYEQ-zYjsrDiHeEKT-51TcH2oVufkTFqTvxJ9KXEJv46bQW77pgfba0jIWo0PYqCEWSLD9GTZ7_xsWPvpEOJsgNbweUDuANas2BElweG1xsIwOvxyQ_rRVkSMy04z7d1_i2516Yux6mu6o_eZHvxy2r9_F1uqnJuXHMySI6uIBxJxSAisuvd3Aue0TrDkAjVihCbuHIIVooCz4vQcq94zFO4cGmYPsgvhD_NHxJ6xcq4A4GyiIIgZBXIs7pNl_jq-2xTXYi-AsWbQ88FwJvbjX58avcCDB_-_waw0X44iQdI2u7wDKOk4RQIew7Mqu2T7-uTy2K6YSbv4-4m-EqQB3N-opjf5uFCMZeHg-N1WPikrnHY34bKDFE8HZHp1kIb-LT1G8FCv9159XkFGdUN5bNtTpgCa9hXBuOwD94IIinBOOPOdtdRWpl2XY3wRl8-DxtL6AK2lK2R7A5nC1c&cid=CAQSTADICaaNhTAUn3ErRKgNqfDOkQRQLisXxESc6ZJV6qMkQ8Waf8X5qFk8A2Ngbns29pWlCd9gkC03a5JnMxXwSToeRhFrtlIvVxRul3QYAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f154.1e100.net

Software

cafe /

Resource Hash

c406c78f68b0fa0ca078d9d8f9d33a07e08562804e151b3e5d8aee40b277abcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17684
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8F79 0
0 132ms
132ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnzIAFj1HZdHBMIT33gP5lLOYAcyhqKNy19n94vwRwZG87fQvEAEg____D2D1hYCA2ASgAan_5cYByAEFqAMBqgTyAU_QMycv4NFw9mbQ8_HLAJcU-H1L8iSGS3fpCAb9NtUkzmONiTqlwoqGzpY2FgF7E43a47hw6bbMAuwo58w3OZ0NQ88Ceexl-H8XZfI8JU4SRc-4hrHhG17aLgT8Jvwb2sZYNxsir3gRWE6e3tbkeX57C9ky6GZl7pHkbhEoe9KOdLgLCkSNT1IVz0LPCsbVVZtuGXKVZ1sAMg-1YUwO7Io4N2F6-YcY8NRh8QYqzDVl0CLd6lws-QiNhhErl-44_2PNVu_sqJEMryMVJNlDT7mDYvoDrUcnLSo5HpTTxWtmuX8B_OAPM7DO-TtqrFD-NL4bwATpj_LtoATgBAOIBcezh7FIkgUGCAMQARgBkgUGCBsQAxgBkgUMCCIQAhgBSJisfFABkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAe_gJq5AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEIyBDxiRr_f6AdIIFAiAYRABGB8yAooCOgKAQEi9_cE6gAoByAsBogwMKgoKCOS0sQLutbEC2gwQCgoQ4KzoifSnp69aEgIBA7ATp8X2FMgTuanh4QPYEw2IFALYFAHQFQGAFwGyFxwKGggAEhRwdWItNjAzMDE5ODcyODAzMjgxNRgA&sigh=MheI4sBGoKw&uach_m=[UACH]&ase=2&cid=CAQSTADICaaNhTAUn3ErRKgNqfDOkQRQLisXxESc6ZJV6qMkQ8Waf8X5qFk8A2Ngbns29pWlCd9gkC03a5JnMxXwSToeRhFrtlIvVxRul3QYAQ&vt=10&nis=5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030198728032815&output=html&h=540&slotname=1354993823&adk=3172513012&adf=2868669181&pi=t.ma~as.1354993823&w=1080&cr_col=4&cr_row=2&fwrn=2&lmt=1699167510&rafmt=9&format=1080x540&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167510025&bpp=10&bdt=1679&idt=729&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=RYoa80RRkE&p=https%3A//www.elzse.com&dtd=734
Attribution-Reporting-Eligible: event-source
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Nov 2023 06:58:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 05 Nov 2023 06:58:32 GMT

GET
DATA 200
OK truncated
/ Frame 8F79 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: caed8f917d91a12f15ae0d00b1a50971d6ca29ed3c06a3eee53ea81e252beadc

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 50DF 160 KB
48 KB 779ms
776ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=1498063870&pi=t.aa~a.864218115~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540&nras=2&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Cp6aNl6Ksx&p=https%3A//www.elzse.com&dtd=260

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

de4d56327948be28e205fd63ee0f5c6d3bb412e2ade1d3b295f7b0d6de21aa96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elzse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 48892
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 06:58:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D47 159 KB
47 KB 1395ms
1394ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=4012628939&pi=t.aa~a.864195334~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540%2C1080x90&nras=3&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OFyXTzTzi&p=https%3A//www.elzse.com&dtd=275

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

47afad0ba4f922125c5d08a40a639a8b16a02e4bc90486730cb0ab64a230969b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elzse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 48536
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 06:58:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/ Frame 4099 10 KB
4 KB 57ms
57ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elzse.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 36271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 20:54:01 GMT
etag: 251720774729838433
expires: Sat, 18 Nov 2023 20:54:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxU4_p1KZm3FFX5yrhF2-wbt2T8YkFMwCO_Y5cwC0WK9PFtVWMOSz2E36q3oAoaY8escDKGQfvgjK2fts7Kg58BXjRqyksruNarxsKwZN1dmVYik_vyZ0I3vFw2fcfKcW7MsMla2pg== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 90ms
89ms Script
application/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU4_p1KZm3FFX5yrhF2-wbt2T8YkFMwCO_Y5cwC0WK9PFtVWMOSz2E36q3oAoaY8escDKGQfvgjK2fts7Kg58BXjRqyksruNarxsKwZN1dmVYik_vyZ0I3vFw2fcfKcW7MsMla2pg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk5MTY3NTEyLDI1MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuZWx6c2UuY29tL3VzZXIvbG9naW4iLG51bGwsW1s4LCJHOGZ1eXlIZ21ZQSJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.G8fuyyHgmYA.es5.O/am=CAM/d=1/rs=AJlcJMx_jpkMhP9dhh32T7DHO3r_YSDUJg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

7be401b49ca8017151981a80193f8cd339ac0c6c4721beae20810988efc9d1d0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jH8S0Qw1f6cU2om8Rqyw0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jH8S0Qw1f6cU2om8Rqyw0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8F79 0
55 B 456ms
163ms Ping
image/gif 142.251.161.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lol4gr78&c=2202635235609&slotId=1101317617804.5&qqid=CNGklJ-krIIDFYS7dwodecoMEw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.161.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ig-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 8F79 41 KB
15 KB 48ms
47ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 15:06:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57115
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Nov 2024 15:06:37 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-1gi7znek.c.2mdn.net/videoplayback/id/109b3121d9b36459/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841920038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8F79
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/109b3121d9b36459/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841920038/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r4---sn-1gi7znek.c.2mdn.net/videoplayback/id/109b3121d9b36459/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841920038/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

601ms
60ms

Fetch
video/mp4

74.125.108.201

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-1gi7znek.c.2mdn.net/videoplayback/id/109b3121d9b36459/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841920038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5673F78E9F54FDBAAA68897A4D8FA2D7FB93A8C7.08E34E56476E45952281D4F62D92AA19E14B8869/key/cms1/cms_redirect/yes/mh/qT/mip/188.154.92.63/mm/42/mn/sn-1gi7znek/ms/onc/mt/1699167155/mv/m/mvi/4/pl/15/file/file.mp4

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

HTTP/1.1

Server

74.125.108.201 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 05 Nov 2023 06:58:33 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4890667
Last-Modified: Mon, 16 Oct 2023 15:59:27 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 05 Nov 2023 06:58:33 GMT

Redirect headers

date: Sun, 05 Nov 2023 06:58:32 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 643
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-1gi7znek.c.2mdn.net/videoplayback/id/109b3121d9b36459/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841920038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/5673F78E9F54FDBAAA68897A4D8FA2D7FB93A8C7.08E34E56476E45952281D4F62D92AA19E14B8869/key/cms1/cms_redirect/yes/mh/qT/mip/188.154.92.63/mm/42/mn/sn-1gi7znek/ms/onc/mt/1699167155/mv/m/mvi/4/pl/15/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 8F79 453 B
587 B 68ms
67ms Image
image/png 142.250.185.74
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-6030198728032815

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f10.1e100.net

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
expires: Sun, 05 Nov 2023 07:48:32 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8F79 0
55 B 564ms
291ms Ping
image/gif 142.251.161.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lol4grge&c=2202635235609&slotId=1101317617804.5&qqid=CNGklJ-krIIDFYS7dwodecoMEw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.17e~atrd.17o~videopreviewvisible.17u&ua_e=1&ape=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.161.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ig-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 4099 4 KB
769 B 76ms
75ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Nov 2023 06:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Nov 2023 05:50:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Nov 2023 06:58:32 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4099 205 B
493 B 47ms
47ms Image
image/png 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 02:28:25 GMT
x-content-type-options: nosniff
age: 189007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 02 Nov 2024 02:28:25 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4099 604 B
696 B 72ms
72ms Image
image/png 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 13:30:38 GMT
x-content-type-options: nosniff
age: 235674
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Nov 2024 13:30:38 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 4099 16 KB
7 KB 50ms
49ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

913dd787ddb1c1055833af1b085aeccbed3dc54e94bdd1e143ad9f9372c46969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 00:07:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24650
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6828
x-xss-protection: 0
server: cafe
etag: 11986448221276412250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 00:07:42 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 4099 21 KB
9 KB 69ms
68ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8796
x-xss-protection: 0
server: cafe
etag: 1225823381704108053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:56:31 GMT

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame F555 23 KB
8 KB 62ms
55ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 327203
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 12:05:09 GMT
expires: Thu, 31 Oct 2024 12:05:09 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 3C77 12 KB
996 B 55ms
55ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7CRoboto%3A400%2C500%2C900

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

866b86cab8d59721bb46b53c7da7548234e99c63d02fc69cce11622f482411dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Nov 2023 06:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Nov 2023 06:58:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Nov 2023 06:58:32 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 3C77 2 KB
884 B 63ms
62ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41912
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:20:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 3C77 23 KB
9 KB 60ms
60ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 03:09:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 3C77 3 KB
1 KB 75ms
75ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 12:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 12:36:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 3C77 20 KB
8 KB 56ms
56ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41912
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:20:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C77 189 KB
60 KB 529ms
75ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Nov 2023 06:58:32 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 3C77 36 KB
15 KB 54ms
54ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 19:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 19:58:49 GMT

GET
H2 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame F555 38 KB
15 KB 46ms
46ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:53:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Nov 2024 19:53:23 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F555 0
57 B 100ms
99ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B1vLgGD1HZb-yDai0mLAP0fyQ6AQAAAAAOAHgBAI&bg=!hYalhsnNAAb4oU7C2KE7ADQBe5WfOPIoTp4DRKy-BkdHBJcr3QuxkvYp0TD8AjRu_xprkjNjX2HvK4yB2b72l-2fQql8AgAAAKhSAAAAEGgBBwoAF3nfwGyWt94i8xf6ZAf1qyIgJ2WwmF5QmQLUKuCdI5lOq4ClNF3aCCv0AyL44ff2amXxzKgQ1Z8X4g2UrK4vtXEDj8R7zLPg7CNEqZ5Uq5bsB9jf0WYDaTK6CMlaq68_g0lESysYUOIRDi4ySxLOuaiwGC19wmV9jI3tFNuR9UC-Hlbwa3r9HxfVbQEEWXIBiC4JiA2vcR99iFb_iU2fCYKmJI5DjrUh5RaGDWl_ooHmt0rpFuM6-7LynMZlc9uUUjbUYvHB-pU1onLQl7f0aEikKYVUXNwiwvbuAgXld3iRWceb6eu-kysMNivLVx9bi9ImeyPEGMRqmj-NsCJKnqXw-TyLWPXPxU3ozqztqGyYk1rZKy0_egGIBHSxQ2d5COfp7TIjOwS-iNl0VBnV0MEJQYb2MB2Wb-cZz8vZPQ7s0cnFAAGQ1v_dbwT9gUJkT7zbdiZvYgD3l1RgnyQYGmTLqSTkeaztaPanHEQ-ZUoEzFaOWZN0YSwJdwl_U6P_cVr3xvU-r2gAKZpECesJFt--ggogj7HIXuIQ689Cbzsz7d5uNsuGkcsGqgYOEpQNYjL-O4LdLGw3y6PxwB_8WIpyTb2WZcmsvcrMEZK4k9Yb55is95a3Jb7mQao0-rojSGXXJ02FMLMx7HEBDdxe5kqr0PxzhuVa5xCSCVQZKrIeCjJZb--Qs9_57psyb38v4TlL9T0xgvRGbSy_L10Qb-wVbn15Ed2wxsL9Kfv4cjLrwzgmgP9te7ZTm8mbJU-ip5chBkvMdS7FctJ3CoD96k2N81WDjd3N2HcUf29uQTvrgPKg5rDXoAwyoJ2dH6cKwuyemxnHaa5mqaQFO-3PN0i96g3SKYqVl5W5G-Q2NKKKOYG09mIx4ca6IYfWgbs5hSxbch0NLMeujrouqlHUgMDfGUfAVwqDe6aSlQO3T6aeuOF_1vXRvnE_2zEUW5ctekM9RS0mnOvmkhPIxs0YD2lClUpj23MmwVq-jjz26Q

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 50DF 14 KB
1 KB 59ms
58ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=1498063870&pi=t.aa~a.864218115~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540&nras=2&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Cp6aNl6Ksx&p=https%3A//www.elzse.com&dtd=260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Nov 2023 06:58:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Nov 2023 05:27:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Nov 2023 06:58:32 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 50DF 225 B
355 B 47ms
46ms Image
image/png 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 12:26:03 GMT
x-content-type-options: nosniff
server: cafe
age: 66749
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Sun, 05 Nov 2023 12:26:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 50DF 2 KB
859 B 51ms
50ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41912
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:20:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 50DF 23 KB
9 KB 52ms
52ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 03:09:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 50DF 3 KB
1 KB 55ms
54ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 12:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 12:36:30 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5A0F 1 KB
758 B 52ms
47ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 16586
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Mon, 06 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 50DF 20 KB
8 KB 54ms
52ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:20:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 50DF 0
0 56ms
55ms Image
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTSQsi9WGmkYoICND_FksEASHbVa3RLZjKU-2Z_QVxkGUw3D84fR1lsbuumvLhoBi4n6ztZAsdccAqeTXumBfq03P2wog
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=1498063870&pi=t.aa~a.864218115~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540&nras=2&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Cp6aNl6Ksx&p=https%3A//www.elzse.com&dtd=260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50DF 189 KB
59 KB 70ms
69ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Nov 2023 06:58:33 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 50DF 36 KB
15 KB 44ms
43ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 19:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 19:58:49 GMT

GET
H2 200 14953593165695678381
tpc.googlesyndication.com/simgad/ Frame 50DF 955 B
1 KB 62ms
58ms Image
image/png 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14953593165695678381?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

cdab8b90273fae15c79d462b4cc359570a587b64ef17e06dae8fdee202e4a5b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 12:42:31 GMT
x-content-type-options: nosniff
age: 152162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 955
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:52:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Nov 2024 12:42:31 GMT

GET
DATA 200
OK truncated
/ Frame 50DF 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 50DF 246 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 50DF 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 50DF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 576def41e81f6f99f7f7fb8746bae2cbc39ddca5934c2c34f64f3b9482e22884

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5A0F 35 B
465 B 654ms
193ms Image
image/gif 91.228.74.159

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAHXByvTTpw56lP6wV3iNGw&google_cver=1&google_push=AXcoOmTScahbZFJk0gbqA6tRe1_ls2Aji2EsLO-KMg4S-4QveOuR9evG8k43y0CQYJ6BpScskknIzZkgw-Fl8uizqscfNkySQ3ov2A

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.159 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 5A0F
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBLwZt6FSp26QjZywEE9vnA&google_cver=1&google_push=AXcoOmRapMcYwFcGKtwjK3TJmpdbsmwiGHrFfwYFJE6nbnyB1hSpzfi7wLGrVP2Bij9F-EgLvBePf_7wYHvktpLRRBDAfql7E75CG...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBLwZt6FSp26QjZywEE9vnA&google_cver=1&google_push=AXcoOmRapMcYwFcGKtwjK3TJmpdbsmwiGHrFfwYFJE6nbnyB1hSpzfi7wLGrVP2Bij9F-EgLvBePf_7wYHvktpLRRBDAfql7E75...

43 B
438 B

322ms
310ms

Image
image/gif

104.18.25.173

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBLwZt6FSp26QjZywEE9vnA&google_cver=1&google_push=AXcoOmRapMcYwFcGKtwjK3TJmpdbsmwiGHrFfwYFJE6nbnyB1hSpzfi7wLGrVP2Bij9F-EgLvBePf_7wYHvktpLRRBDAfql7E75CGNI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRapMcYwFcGKtwjK3TJmpdbsmwiGHrFfwYFJE6nbnyB1hSpzfi7wLGrVP2Bij9F-EgLvBePf_7wYHvktpLRRBDAfql7E75CGNI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: www.elzse.com
URL: https://www.elzse.com/user/login
Protocol: H2
Server: 104.18.25.173 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:34 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 821335835ade2397-ZRH
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:34 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 337
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBLwZt6FSp26QjZywEE9vnA&google_cver=1&google_push=AXcoOmRapMcYwFcGKtwjK3TJmpdbsmwiGHrFfwYFJE6nbnyB1hSpzfi7wLGrVP2Bij9F-EgLvBePf_7wYHvktpLRRBDAfql7E75CGNI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRapMcYwFcGKtwjK3TJmpdbsmwiGHrFfwYFJE6nbnyB1hSpzfi7wLGrVP2Bij9F-EgLvBePf_7wYHvktpLRRBDAfql7E75CGNI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 821335818fde2397-ZRH
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 5A0F 70 B
150 B 264ms
81ms Image
image/gif 3.33.220.150

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKeHTITskp5oehlMvbd-5lw&google_cver=1&google_push=AXcoOmSgr8Da1aC7dliR3MV0TosIngcj13r4leLEyj7A4AhRBNCxvhRbcHRymp_PaglTdTNKjF4ogd7YUqu1cLIbt2ZJM12_PeJYYIM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=1498063870&pi=t.aa~a.864218115~rp.4&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540&nras=2&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=1991&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Cp6aNl6Ksx&p=https%3A//www.elzse.com&dtd=260
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:33 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5A0F
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESENzl-ioNbt7seA8GgOkoUII&google_cver=1&google_push=AXcoOmR7LiouTaeC65ScfwwE4GY2Ldo35WNUxsrKPq3On0ALItzu_IDJ7IxVRfBglhrBvny93qVE0h98h8i8ETDI...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ezgEdrzCQzUd35QIg-O5Gw&google_push=AXcoOmR7LiouTaeC65ScfwwE4GY2Ldo35WNUxsrKPq3On0ALItzu_IDJ7IxVRfBglhrBvny93qVE0h98h8i8ETDIiX7F5ykSroX-vs8

170 B
330 B

66ms
63ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ezgEdrzCQzUd35QIg-O5Gw&google_push=AXcoOmR7LiouTaeC65ScfwwE4GY2Ldo35WNUxsrKPq3On0ALItzu_IDJ7IxVRfBglhrBvny93qVE0h98h8i8ETDIiX7F5ykSroX-vs8

Requested by

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 05 Nov 2023 06:58:33 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ezgEdrzCQzUd35QIg-O5Gw&google_push=AXcoOmR7LiouTaeC65ScfwwE4GY2Ldo35WNUxsrKPq3On0ALItzu_IDJ7IxVRfBglhrBvny93qVE0h98h8i8ETDIiX7F5ykSroX-vs8
x-host: tde-deliveryengine-production-bb588bf9-bhmr8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET

pixel
cm.g.doubleclick.net/ Frame 5A0F
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEDdbKT51E2XwFp1G0S5xJiY&google_cver=1&google_push=AXcoOmTFfzGZepvMekWy3uCeUdeJE9wGNKAk3XeS_MA_EnE3UwvQE3Rp8OavTnE0T1yjC7t0Kh6dTUSCMCArOmETCJYdQwI3yWlQWg
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=dWxZbWRJWkFCcENnblVkTEdqMUhaUQ%3D%3D&google_push=AXcoOmTFfzGZepvMekWy3uCeUdeJE9wGNKAk3XeS_MA_EnE3UwvQE3Rp8OavTnE0T1yjC7t0Kh6dTUSCMCArO...

0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5A0F
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEBSrjNocBR4VWgcoPsbZL8E&google_cver=1&google_push=AXcoOmQM0yPey5BjmxFeMRr40qCFK0Uj_CVSFSuWnxZeaP489QNLU3yf3YMrtVJek7IvjkIAYcHDLyVplYr-7YnDL31hOFw...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBSrjNocBR4VWgcoPsbZL8E&google_cver=1&google_push=AXcoOmQM0yPey5BjmxFeMRr40qCFK0Uj_CVSFSuWnxZeaP489QNLU3yf3YMrtVJek7IvjkIAYcHDLyVplYr-7YnDL31hO...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQM0yPey5BjmxFeMRr40qCFK0Uj_CVSFSuWnxZeaP489QNLU3yf3YMrtVJek7IvjkIAYcHDLyVplYr-7YnDL31hOFw19cB2VIg

170 B
233 B

120ms
119ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQM0yPey5BjmxFeMRr40qCFK0Uj_CVSFSuWnxZeaP489QNLU3yf3YMrtVJek7IvjkIAYcHDLyVplYr-7YnDL31hOFw19cB2VIg

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQM0yPey5BjmxFeMRr40qCFK0Uj_CVSFSuWnxZeaP489QNLU3yf3YMrtVJek7IvjkIAYcHDLyVplYr-7YnDL31hOFw19cB2VIg
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5A0F
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEOxW0S5LXwLxwI53o3Cazm0&google_cver=1&google_push=AXcoOmSUH7r52dEx6RXZn3VvW1_2-6LEOFmTldEfUL13a79J44xUrLbvPkaGBTrwcMVceoInkSNHvoGg145DzOeiWp9Vqsflq...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSUH7r52dEx6RXZn3VvW1_2-6LEOFmTldEfUL13a79J44xUrLbvPkaGBTrwcMVceoInkSNHvoGg145DzOeiWp9Vqsflquxv2cV6&google_hm=f34e969957...

170 B
233 B

89ms
89ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSUH7r52dEx6RXZn3VvW1_2-6LEOFmTldEfUL13a79J44xUrLbvPkaGBTrwcMVceoInkSNHvoGg145DzOeiWp9Vqsflquxv2cV6&google_hm=f34e969957849b8e1zlcf600lol4gsqz

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmSUH7r52dEx6RXZn3VvW1_2-6LEOFmTldEfUL13a79J44xUrLbvPkaGBTrwcMVceoInkSNHvoGg145DzOeiWp9Vqsflquxv2cV6&google_hm=f34e969957849b8e1zlcf600lol4gsqz
date: Sun, 05 Nov 2023 06:58:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5A0F 0
131 B 229ms
54ms Image
text/html 142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IwqsrWyMU-0CdKhqfj2i7daQpiud1IZqgKbrFS0GQojQbC4QzLaDULybjCZeZwJ-vaMAuPOg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
518 B 65ms
65ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=0.32341187566049734

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-HIclMfYMLM-tRsTIlcNcjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-HIclMfYMLM-tRsTIlcNcjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
254 B 75ms
75ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=6.2485288090461335

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-33UkTJvn5EElu97301S0vA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-33UkTJvn5EElu97301S0vA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8F79 0
55 B 209ms
208ms Ping
image/gif 142.251.161.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~lol4grgz&c=2202635235609&slotId=1101317617804.5&qqid=CNGklJ-krIIDFYS7dwodecoMEw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&ple=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.161.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ig-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js Show response
pagead2.googlesyndication.com/bg/ Frame D473 50 KB
19 KB 48ms
48ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

1453549abcc36f4c32668a9a53fd97636bf413ab654cad46e226b876669022c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Nov 2024 16:08:41 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 50DF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CJV3IGD1HZYK8DNyNjuwPuIOJgAOz3p73c73auOPwEWQQASD___8PYPWFgIDYBKAB0_z21QPIAQmpAircdGgTAbI-qAMByAPLBKoE2gFP0OI4oizPwVhwX36O19Ly8kJMW1eDYKZHZY4F7NF...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe9ef95c10203c650000000000000000%22,%222%22:%220x9b42ff9a5ac60aa10000000000000000%22,%223%22:%220x6d25a5...

0
0

640ms
301ms

Fetch
text/css

142.250.184.226

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe9ef95c10203c650000000000000000%22,%222%22:%220x9b42ff9a5ac60aa10000000000000000%22,%223%22:%220x6d25a5961c68bb1e0000000000000000%22,%224%22:%220xc4dc7d1fd379fc4f0000000000000000%22,%225%22:%220xf6c1e237c06a88a50000000000000000%22},%22debug_key%22:%221329365587516835296%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985513555%22],%224%22:[%2211-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215620982872679894401%22}&andc=true

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Server

142.250.184.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:34 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xfe9ef95c10203c650000000000000000","2":"0x9b42ff9a5ac60aa10000000000000000","3":"0x6d25a5961c68bb1e0000000000000000","4":"0xc4dc7d1fd379fc4f0000000000000000","5":"0xf6c1e237c06a88a50000000000000000"},"debug_key":"1329365587516835296","debug_reporting":true,"destination":"https://nike.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["985513555"],"4":["11-05"],"6":["true"]},"priority":"500","source_event_id":"15620982872679894401"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 05 Nov 2023 06:58:34 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Nov 2023 06:58:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xfe9ef95c10203c650000000000000000","2":"0x9b42ff9a5ac60aa10000000000000000","3":"0x6d25a5961c68bb1e0000000000000000","4":"0xc4dc7d1fd379fc4f0000000000000000","5":"0xf6c1e237c06a88a50000000000000000"},"debug_key":"1329365587516835296","debug_reporting":true,"destination":"https://nike.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["985513555"],"4":["11-05"],"6":["true"]},"priority":"500","source_event_id":"15620982872679894401"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 50DF 33 KB
33 KB 45ms
45ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 424155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Oct 2024 09:09:18 GMT

GET
H/1.1 206
Partial Content file.mp4
r4---sn-1gi7znek.c.2mdn.net/videoplayback/id/109b3121d9b36459/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3841920038/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 8F79 3 MB
0 171ms
106ms Media
video/mp4 74.125.108.201

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.125.108.201 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 05 Nov 2023 06:58:33 GMT
X-Content-Type-Options: nosniff
Content-Range: bytes 0-4890666/4890667
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4890667
Last-Modified: Mon, 16 Oct 2023 15:59:27 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://googleads.g.doubleclick.net
Expires: Sun, 05 Nov 2023 06:58:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4D47 14 KB
1 KB 152ms
152ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=4012628939&pi=t.aa~a.864195334~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540%2C1080x90&nras=3&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OFyXTzTzi&p=https%3A//www.elzse.com&dtd=275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Nov 2023 06:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Nov 2023 05:53:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Nov 2023 06:58:33 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 4D47 225 B
290 B 153ms
152ms Image
image/png 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=4012628939&pi=t.aa~a.864195334~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540%2C1080x90&nras=3&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OFyXTzTzi&p=https%3A//www.elzse.com&dtd=275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 12:26:03 GMT
x-content-type-options: nosniff
server: cafe
age: 66750
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Sun, 05 Nov 2023 12:26:03 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 4D47 2 KB
867 B 190ms
189ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=4012628939&pi=t.aa~a.864195334~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540%2C1080x90&nras=3&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OFyXTzTzi&p=https%3A//www.elzse.com&dtd=275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:20:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame 4D47 23 KB
9 KB 189ms
188ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=4012628939&pi=t.aa~a.864195334~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540%2C1080x90&nras=3&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OFyXTzTzi&p=https%3A//www.elzse.com&dtd=275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13750
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 03:09:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 4D47 3 KB
1 KB 404ms
403ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=4012628939&pi=t.aa~a.864195334~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540%2C1080x90&nras=3&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OFyXTzTzi&p=https%3A//www.elzse.com&dtd=275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 12:36:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66124
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 12:36:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 4D47 20 KB
8 KB 215ms
214ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=4012628939&pi=t.aa~a.864195334~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540%2C1080x90&nras=3&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OFyXTzTzi&p=https%3A//www.elzse.com&dtd=275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:20:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41913
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:20:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4D47 0
0 116ms
115ms Image
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTbVW7W6RTIOt0KahOk40PdhhlxhNeFBztGmYzXCXSrcOuRuWtd-9uFgeFRJloOY94KneyjUfAbeX7cgQ_9sxle5InCgQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=4012628939&pi=t.aa~a.864195334~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540%2C1080x90&nras=3&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OFyXTzTzi&p=https%3A//www.elzse.com&dtd=275
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D47 189 KB
59 KB 127ms
126ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=4012628939&pi=t.aa~a.864195334~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540%2C1080x90&nras=3&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OFyXTzTzi&p=https%3A//www.elzse.com&dtd=275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Nov 2023 06:58:33 GMT

GET
H2 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame 4D47 36 KB
15 KB 105ms
104ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=4012628939&pi=t.aa~a.864195334~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540%2C1080x90&nras=3&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OFyXTzTzi&p=https%3A//www.elzse.com&dtd=275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 19:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 19:58:49 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 593ms
120ms Preflight
text/html 142.250.184.226

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 05 Nov 2023 06:58:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 AGSKWxWwwnEBLy5J-8OkPkm88yhzOiyerp1n6j0HORC-ikjLyqt0JyJkqOzWQi5CE-H_MzS_dmywrQ6NIoxGAohdk_9qcB9lQtkOrtRMOMfiYyE_9H1bplRrMc7mjSCb_aQw9uPTlHz0EQ== Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 672ms
152ms XHR
text/html 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWwwnEBLy5J-8OkPkm88yhzOiyerp1n6j0HORC-ikjLyqt0JyJkqOzWQi5CE-H_MzS_dmywrQ6NIoxGAohdk_9qcB9lQtkOrtRMOMfiYyE_9H1bplRrMc7mjSCb_aQw9uPTlHz0EQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gI1OklupkcnrfRpp9G5sjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.elzse.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 05 Nov 2023 06:58:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gI1OklupkcnrfRpp9G5sjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.elzse.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1D05 50 KB
19 KB 88ms
87ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FFNUmrzDb0wyZoqaU_2XY2v0E6tlTK1G4ia4dmaQIsI.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

1453549abcc36f4c32668a9a53fd97636bf413ab654cad46e226b876669022c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 16:08:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Nov 2024 16:08:41 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2297 1 KB
682 B 435ms
432ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=4012628939&pi=t.aa~a.864195334~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540%2C1080x90&nras=3&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OFyXTzTzi&p=https%3A//www.elzse.com&dtd=275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 16587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Mon, 06 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14953593165695678381
tpc.googlesyndication.com/simgad/ Frame 4D47 955 B
1 KB 417ms
416ms Image
image/png 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14953593165695678381?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=4012628939&pi=t.aa~a.864195334~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540%2C1080x90&nras=3&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OFyXTzTzi&p=https%3A//www.elzse.com&dtd=275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

cdab8b90273fae15c79d462b4cc359570a587b64ef17e06dae8fdee202e4a5b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 12:42:31 GMT
x-content-type-options: nosniff
age: 152163
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 955
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 12:52:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Nov 2024 12:42:31 GMT

GET
DATA 200
OK truncated
/ Frame 4D47 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4D47 246 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4D47 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 dc_oe=ChMIv57rn6SsggMVKBoGAB1RPgRNEAAYACDms7VgQhMI0aSUn6SsggMVhLt3Ch15ygwT;met=1;acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ Frame 8F79 42 B
402 B 341ms
168ms Image
image/gif 216.58.206.34

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIv57rn6SsggMVKBoGAB1RPgRNEAAYACDms7VgQhMI0aSUn6SsggMVhLt3Ch15ygwT;met=1;acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D17066%26vmtime%3D259%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D846318613%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699167514675;dc_rfl=%5BURL_SIGNALS%5D;ecn1=1;etm1=0;eid1=11;

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8F79 42 B
175 B 104ms
99ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CWHe2Fj1HZdHBMIT33gP5lLOYAcyhqKNy19n94vwRwZG87fQvEAEg____D2D1hYCA2ASgAan_5cYByAEFqAMByAObBKoE9QFP0DMnL-DRcPZm0PPxywCXFPh9S_Ikhkt36QgG_TbVJM5jjYk6pcKKhs6WNhYBexON2uO4cOm2zALsKOfMNzmdDUPPAnnsZfh_F2XyPCVOEkXPuIax4Rte2i4E_Cb8G9rGWDcbIq94EVhOnt7W5Hl-ewvZMuhmZe6R5G4RKHvSjnS4CwpEjU9SFc9CzwrG1VWbbhlylWdbADIPtWFMDuyKODdhevmHGPDUYfEGKsw1ZdB63ABYJIuGvxTPwzCG-lgcQNfbXCme7VgD9fuNZ0U9ikvi82uoB83_6TO6yw77_43PogPMIytsE0ZTqP77PbX5gE1bqcAE6Y_y7aAE4AQDiAXHs4exSJAGAaAGToAHv4CauQKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHzICigI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATp8X2FNgTDYgUAtgUAdAVAfgWAYAXAQ&sigh=jrP7XlcnzI0&label=part2viewed&ad_mt=260&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D17066%26vmtime%3D259%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D846318613%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699167514675

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030198728032815&output=html&h=540&slotname=1354993823&adk=3172513012&adf=2868669181&pi=t.ma~as.1354993823&w=1080&cr_col=4&cr_row=2&fwrn=2&lmt=1699167510&rafmt=9&format=1080x540&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167510025&bpp=10&bdt=1679&idt=729&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=RYoa80RRkE&p=https%3A//www.elzse.com&dtd=734
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8F79 0
558 B 340ms
171ms Image
image/gif 142.250.185.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssEac5yUsDWQWi9zglV9Vd4waQS03MGE5xsen27RoqxaODmvow4TJv0a4EYD3wZMVRlGOqnAmYd8kCbaPpkLhz_cUv2E6yPBSSv3_pxnLXO1SmSPrgYMJg_mrxRnwHZzUYUbh0VLDj10MnxK_ZJm-IgUVnldDyex1Hj1T8lQ2nF8vlvMrIaPhk7dv2myFb4_DZo9WBzsDawGIS1SDr-1QFOgstLG5OHitbnkMzJyYdfQFg3sMxqnxDlx98ejK2iyBAzZHTx5-u8_pyHygEFu5u6HZj75PDiApd3NFy3BrHtTwKXwBaJmgtYWGyZ-2xy0RORb6bcDlTFzLMYbZepIEyfkIecDeuiyNlxBFiQCLXTQ6o8cN7VBvQV0RPD2-xBlAIiBxCCljBZrDgRorQpXXdQif1dbaBoOuBlo1aqlcqeFubWmfcYFVOHybUYlfiinkWxOrRZO8Ru0LPV8CjEV6Mokyrdo2YtFLSqcltXxrrsdiHDoYTQboWLsHlPU9zSBJPIulunpbVtZz7n3qkmvpG-7Mhl-kCnyLQ_afsUy9xDE5cE1exqO27pqWC0rF7-MrRaXUxE367g01BdapuE-eTpJ7x5GwS8m759e5smqRgEtHNvg9R0QrtrDJdkYTIdksZ_dyPrKm-mCSp4sA-mIrc9S6FKM6HDTe2isFnUSHfbKpju06dYBUoGz6MQ-eb20MjVZWZ_hogWkeJsCD8uSZeaECfTiTZizLIFC76elkyQioRLLCc-ZOY2KruvcMT3Nn0jnY82naQcojYpaurgxE09Vd3GJIBAnIxsOM-_7k1ynEWQrlox_WfRZ7mLuQIFf3APTJvdwbvqdVN2YIA4dIQJz7trp-7GYiPhNoT9EIKS-A6HNZrvhEsCM2C16wfAPLoXApO5H9obKvF1-zJe1qwON8Z3OIA0IJPe6KyELQxUhU3-IIFhhUFFbg6ZNN4KPFi0bt1t0igoI1u96oU2Z2waXVNKjfNK_HNI-MTms25EtIv6coFTxBlLV-U_MTYU3HmsQQ7hDAbYHbHfpo_gefoaK5036QJb4j1Tv0ETbGLYAsTpXQnGL2i47tasuP9lbeubhcy-OLM4XPWIwbvhW74zgcsGYMpawmaEFiKX6wquN2-ax-qu1Pc2iVIie__FRT-AmvH3Lo2a0xcBKCVBGJuKsB3Bxwg6giA3pGWEPsOz8j5g7n5Al7A3UTi1Z0oFEkZrgcFyXS3IgivP5nI8LGdnrQrMwDMg_fGrh76y-P-N6r7RGhWf9Fohws7QxP2FS5nQda34vNFnsD9DFfR8omWNHpSyPDz0ytmUn5_M649vcfLOaPJtmZOzjA&sai=AMfl-YT9yXIaKrNSZbiWQR7NVwHAgYOV9GV5UL_fcqWrbv0BdJBib_Y-zM1O1natDwezThzQD1OJnsQYp8y3pbjr0xDQKJAqd1VM1-afReG9VEGS2GTHoiZ1H8p5j7biADlaedIDmDiePt4nyKv8Gk9P6Np4Z79Q4vfjzw-JguMrDjh4lb_mL7R8d3B4B-AwEKL1JS-KCnPqqqFdkWRAeokNzEPIWx135VaqJ68vIU1n2b2aTqwekwR5FEVvNYEeclcdFkS9fFSaIBF3Qf9QlFcCtSuY1yL9ueCNAvnqo5HMJU4Gb-6UrpyEJ0OwO4NXDXo&sig=Cg0ArKJSzH5Jfmez5qpwEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 05 Nov 2023 06:58:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8F79
Redirect Chain

https://googleads.g.doubleclick.net/xbbe/pixel?d=CInSVRCtpL-5AhiRr_f6ASABMAE&v=APEucNV2xh82NG2OA2KxdZsZDM4jJHqk3Fpd3fQggSforHxN0ZLGC_ssla8kE2cX1fIhpzEY7OUnSUlMuNrO_heCkfj669IqrwHuNq-wbfGdxXmWXFoMGG8
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

170 B
188 B

159ms
158ms

Image
image/png

142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 05 Nov 2023 06:58:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F79 0
57 B 95ms
93ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8F79 42 B
114 B 149ms
148ms Image
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKV--w5pDL2E0vkLuF-amTmITvi3c5vy1o6eHq8aXnZVBmoGaA-az7wHy2P7YlyJ9mBKNbu9uadnckSNtiQogzkd3zCz0PXQ8U9FLWSjoq4g-hg5tnX3Aqr6RE8ZJCWIC-XapiPzgLVg&sai=AMfl-YQiRzBakjFJ2XdHKHsrvpNTclxUc-7viZR9DkAjx7jslnT42WL2e_G3HPITxKAnXsQ4N2CXM6lyUZwFWVarSMngeaxCkyVHDRxvlkdKQJvq4GFWSl5bLMGYuURNNc3bO9dXOjMdPEmqK875Qw&sig=Cg0ArKJSzGRyptI0jL2qEAE&cid=CAQSTADICaaNhTAUn3ErRKgNqfDOkQRQLisXxESc6ZJV6qMkQ8Waf8X5qFk8A2Ngbns29pWlCd9gkC03a5JnMxXwSToeRhFrtlIvVxRul3QYAQ&id=lidarv&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D17066%26vmtime%3D259%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D846318613%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1699167514675&avm=1

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 8F79 42 B
109 B 150ms
149ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CWHe2Fj1HZdHBMIT33gP5lLOYAcyhqKNy19n94vwRwZG87fQvEAEg____D2D1hYCA2ASgAan_5cYByAEFqAMByAObBKoE9QFP0DMnL-DRcPZm0PPxywCXFPh9S_Ikhkt36QgG_TbVJM5jjYk6pcKKhs6WNhYBexON2uO4cOm2zALsKOfMNzmdDUPPAnnsZfh_F2XyPCVOEkXPuIax4Rte2i4E_Cb8G9rGWDcbIq94EVhOnt7W5Hl-ewvZMuhmZe6R5G4RKHvSjnS4CwpEjU9SFc9CzwrG1VWbbhlylWdbADIPtWFMDuyKODdhevmHGPDUYfEGKsw1ZdB63ABYJIuGvxTPwzCG-lgcQNfbXCme7VgD9fuNZ0U9ikvi82uoB83_6TO6yw77_43PogPMIytsE0ZTqP77PbX5gE1bqcAE6Y_y7aAE4AQDiAXHs4exSJAGAaAGToAHv4CauQKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIBhEAEYHzICigI6AoBASL39wTqACgGYCwHICwGADAGiDAwqCgoI5LSxAu61sQKqDQJDSLATp8X2FNgTDYgUAtgUAdAVAfgWAYAXAQ&sigh=jrP7XlcnzI0&label=vast_creativeview&ad_mt=260&acvw=sv%3D958%26v%3D20231030%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D17066%26vmtime%3D259%26is%3D33554450%26i0%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%3D200104%26avms%3Dnio%26qi%3D846318613%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,200104c,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1699167514675

Requested by

Host: www.elzse.com
URL: https://www.elzse.com/user/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6030198728032815&output=html&h=540&slotname=1354993823&adk=3172513012&adf=2868669181&pi=t.ma~as.1354993823&w=1080&cr_col=4&cr_row=2&fwrn=2&lmt=1699167510&rafmt=9&format=1080x540&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167510025&bpp=10&bdt=1679&idt=729&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&xpc=RYoa80RRkE&p=https%3A//www.elzse.com&dtd=734
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8F79 0
55 B 217ms
216ms Ping
image/gif 142.251.161.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~lol4gsdn&c=2202635235609&slotId=1101317617804.5&qqid=CNGklJ-krIIDFYS7dwodecoMEw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&dm=17000&umsem=0&event_name=first_play&asset_bytes=198856&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.30q~ff.31k~videopreviewstarted.31m
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231030_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.161.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ig-in-f94.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 06:58:34 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 4D47 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01af9617c7e061218a22bc7aaaa50ecabdac88fac1575d6aafd71e7fe8b56de2

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET

/
www.googleadservices.com/pagead/ar-adview/ Frame 4D47
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ch1m9GD1HZZP_DOaPjuwPxdi1SLPenvdzvdq44_ARZBABIP___w9g9YWAgNgEoAHT_PbVA8gBCakCKtx0aBMBsj6oAwHIA8sEqgTaAU_QjvJfh3DqvJ0KcM4b2-EXBUwIqZedDXCIud7uWkV...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe9ef95c10203c650000000000000000%22,%222%22:%220x9b42ff9a5ac60aa10000000000000000%22,%223%22:%220x6d25a5...

0
0

GET gp_match
um.simpli.fi/ Frame 2297 0
0

GET

pixel
cm.g.doubleclick.net/ Frame 2297
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESENzl-ioNbt7seA8GgOkoUII&google_cver=1&google_push=AXcoOmTo3qeFOZa7BVBA5DORI4PNIZLwRvAELlsdjviXO3DCdsOaB4cOgveV74fhMbCkmS8Fu9bcKYAax_A56ruT...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ezgEdrzCQzUd35QIg-O5Gw&google_push=AXcoOmTo3qeFOZa7BVBA5DORI4PNIZLwRvAELlsdjviXO3DCdsOaB4cOgveV74fhMbCkmS8Fu9bcKYAax_A56ruTcMaMlpR6FRinLrM

0
0

GET gcm
a.c.appier.net/ Frame 2297 0
0

GET /
s.uuidksinc.net/match/47/ Frame 2297 0
0

GET /
c1.adform.net/serving/cookie/match/ Frame 2297 0
0

GET CAESEFEKkAOQ_Q5mcYlVN4pmmIU
an.yandex.ru/mapuid/google/ Frame 2297 0
0

GET um
sync.teads.tv/ Frame 2297 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2297 0
12 B 81ms
81ms Image
text/html 142.250.186.130

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ItKxvQt0Bg3eIVlDm12bTrD2xMWcNHf79g9cWVDvOoa2MxrbiqDZEFxLrCo1tNTKK58APLcCk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-6030198728032815&output=html&h=90&adk=2205936063&adf=4012628939&pi=t.aa~a.864195334~rp.1&w=1080&fwrn=4&fwrnh=100&lmt=1699167512&rafmt=1&to=qs&pwprc=3711107284&format=1080x90&url=https%3A%2F%2Fwww.elzse.com%2Fuser%2Flogin&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699167511896&bpp=1&bdt=3550&idt=-M&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9724366e2abf2422%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw&gpic=UID%3D00000cb5170b9074%3AT%3D1699167510%3ART%3D1699167510%3AS%3DALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w&prev_fmts=0x0%2C1080x540%2C1080x90&nras=3&correlator=4955364212498&frm=20&pv=1&ga_vid=221707544.1699167511&ga_sid=1699167511&ga_hid=802583759&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2454&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079297%2C44807048%2C44807334%2C44807454%2C31078301%2C31079382%2C21065725&oid=2&psts=AOrYGsk-VbDwpso3X0oV7Rt4tc-R4nowTUwr7c9I8MeQzgOASul0e84N_m6z6FVJbiERXjRiGiSTo8pJTrHEfrUIo8o9Oe8&pvsid=3639219329833334&tmod=586441640&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1OFyXTzTzi&p=https%3A//www.elzse.com&dtd=275

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 4D47 28 KB
0 75ms
75ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 424156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Oct 2024 09:09:18 GMT

GET
H2 200 adsi-j. Show response
fundingchoicesmessages.google.com/f/AGSKWxWw5Nt5UCEJxtPbZJR9N8yyXx2csSkNJ1kbOnc6A0uG0l80WEKC7dhmdIcN7KS0zrUAwQMDXLJnCoPH4pEv_Qk7YOPhbPnjNpc2JVHpuhbHdmQ9hrC4mkQPQvsofkFKhCucLvDjVVmQciYsX4fCQyNkSvFnI... 54 B
299 B 103ms
102ms Script
application/javascript 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWw5Nt5UCEJxtPbZJR9N8yyXx2csSkNJ1kbOnc6A0uG0l80WEKC7dhmdIcN7KS0zrUAwQMDXLJnCoPH4pEv_Qk7YOPhbPnjNpc2JVHpuhbHdmQ9hrC4mkQPQvsofkFKhCucLvDjVVmQciYsX4fCQyNkSvFnIgpbWJiKGhQZPke-Yoq5SknODFdQs6pf/_/aff.htm/top-ad._468x60ad./dspads./adsi-j.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.G8fuyyHgmYA.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxJ9jX15Bic0GcSFoeZTi8H8FnpJg/m=ad_blocking_detection_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

d9574d7eda8d5656d84e74b9d42ddea6fbf1ed1a0ac6610ff586dd91d735af8b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sxV1V-yTv6JQAaLeRU8_Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:58:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-sxV1V-yTv6JQAaLeRU8_Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lidar.js
pagead2.googlesyndication.com/pagead/js/ 7 KB
0 101ms
100ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.elzse.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 06:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2988
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31123
x-xss-protection: 0
server: cafe
etag: 10911908197831445157
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 07:08:46 GMT

POST
H2 204 AGSKWxWwwnEBLy5J-8OkPkm88yhzOiyerp1n6j0HORC-ikjLyqt0JyJkqOzWQi5CE-H_MzS_dmywrQ6NIoxGAohdk_9qcB9lQtkOrtRMOMfiYyE_9H1bplRrMc7mjSCb_aQw9uPTlHz0EQ== Show response
fundingchoicesmessages.google.com/el/ 0
201 B 86ms
85ms XHR
text/html 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWwwnEBLy5J-8OkPkm88yhzOiyerp1n6j0HORC-ikjLyqt0JyJkqOzWQi5CE-H_MzS_dmywrQ6NIoxGAohdk_9qcB9lQtkOrtRMOMfiYyE_9H1bplRrMc7mjSCb_aQw9uPTlHz0EQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eAI5RTKSJdynw7pWX2etPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.elzse.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 05 Nov 2023 06:58:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eAI5RTKSJdynw7pWX2etPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.elzse.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 123ms
122ms Preflight
text/html 142.250.184.226

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe9ef95c10203c650000000000000000%22,%222%22:%220x9b42ff9a5ac60aa10000000000000000%22,%223%22:%220x6d25a5961c68bb1e0000000000000000%22,%224%22:%220xc4dc7d1fd379fc4f0000000000000000%22,%225%22:%220xf6c1e237c06a88a50000000000000000%22},%22debug_key%22:%2218169845887687877023%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985513555%22],%224%22:[%2211-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226260961812626729633%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 05 Nov 2023 06:58:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST AGSKWxWwwnEBLy5J-8OkPkm88yhzOiyerp1n6j0HORC-ikjLyqt0JyJkqOzWQi5CE-H_MzS_dmywrQ6NIoxGAohdk_9qcB9lQtkOrtRMOMfiYyE_9H1bplRrMc7mjSCb_aQw9uPTlHz0EQ==
fundingchoicesmessages.google.com/el/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=dWxZbWRJWkFCcENnblVkTEdqMUhaUQ%3D%3D&google_push=AXcoOmTFfzGZepvMekWy3uCeUdeJE9wGNKAk3XeS_MA_EnE3UwvQE3Rp8OavTnE0T1yjC7t0Kh6dTUSCMCArOmETCJYdQwI3yWlQWg

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xfe9ef95c10203c650000000000000000%22,%222%22:%220x9b42ff9a5ac60aa10000000000000000%22,%223%22:%220x6d25a5961c68bb1e0000000000000000%22,%224%22:%220xc4dc7d1fd379fc4f0000000000000000%22,%225%22:%220xf6c1e237c06a88a50000000000000000%22},%22debug_key%22:%2218169845887687877023%22,%22debug_reporting%22:true,%22destination%22:%22https://nike.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985513555%22],%224%22:[%2211-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226260961812626729633%22}&andc=true

Domain: um.simpli.fi
URL: https://um.simpli.fi/gp_match?google_gid=CAESEECwso5rpYWAPOikg6C-UOk&google_cver=1&google_push=AXcoOmQDp2UN7CAlnVBieJVpH1h6VcuEvIb82ZtQXhmDCD3Y0HLW9gnVa8cCSLOQ1fZzWF8h064hKhGtjAS2fssyjnvY0qy0v1DaNQ

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=ezgEdrzCQzUd35QIg-O5Gw&google_push=AXcoOmTo3qeFOZa7BVBA5DORI4PNIZLwRvAELlsdjviXO3DCdsOaB4cOgveV74fhMbCkmS8Fu9bcKYAax_A56ruTcMaMlpR6FRinLrM

Domain: a.c.appier.net
URL: https://a.c.appier.net/gcm?google_gid=CAESEDdbKT51E2XwFp1G0S5xJiY&google_cver=1&google_push=AXcoOmS9DDL-Jd7gcZ18g4xbqaN5pNHabihjz9WF7wjTu86HepDleNEAkkPre317iWRwkNaZh2-qHTZxxe-Wmpg1oPUS9C5bxcYtyQ4

Domain: s.uuidksinc.net
URL: https://s.uuidksinc.net/match/47/?remote_uid=CAESEI5SgWVTec2r0utfrpageqU&c_param1=AXcoOmS0ZzBEXDbUVaECrAoVCTI_citHV8b8ULo7W-Rkl6tloSzKmv7nsyigdav7DEJd6HArlynbXrj4YIq-vvo6Xgx4yAlIC9qcbe8&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDMdCf26hmRxBK-rVXF7aD8&google_cver=1&google_push=AXcoOmRbXDWPyjBERhGty7jOeCj14NH2kC6lhApGKZGqBaZ8VEqkG-aX2RDSF7gFbLDIYa7WRSNZbrM8bc8wzrbNwS7EsiED4OHmxw

Domain: an.yandex.ru
URL: https://an.yandex.ru/mapuid/google/CAESEFEKkAOQ_Q5mcYlVN4pmmIU?ext-param=AXcoOmRpljLdntHlzkoAZrc10qS4El1Y_8Nw_63EeE83Ll3jCTujAC9hAIR1PmV4gCUtDmCh_KiUqbPHdOfy4JVUN1SqTu2lNDuguI4&partner-tag=yandex_ag&google_cver=1

Domain: sync.teads.tv
URL: https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEAlumTf3agAcjZAjPjWILSg&google_cver=1&google_push=AXcoOmQRjqtaMNyqiUS_8HSa41_8JD-3GmnmK67vImMkdSsDCxK45UTX4PlbZsgLFXGYDFoDX_iQL1yb3P8KfYa5WfeJFokmOPwbRTfn

Domain: fundingchoicesmessages.google.com
URL: https://fundingchoicesmessages.google.com/el/AGSKWxWwwnEBLy5J-8OkPkm88yhzOiyerp1n6j0HORC-ikjLyqt0JyJkqOzWQi5CE-H_MzS_dmywrQ6NIoxGAohdk_9qcB9lQtkOrtRMOMfiYyE_9H1bplRrMc7mjSCb_aQw9uPTlHz0EQ==

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.elzse.com/	1969-12-31 23:59:59	Name: osclass Value: bi60t7q2t59egb2l3mme63dknq
.elzse.com/	1970-01-21 01:21:03	Name: __gads Value: ID=9724366e2abf2422:T=1699167510:RT=1699167510:S=ALNI_MYe-VURwqdSiR1fTNmKSFDARRB-kw
.elzse.com/	1970-01-21 01:21:03	Name: __gpi Value: UID=00000cb5170b9074:T=1699167510:RT=1699167510:S=ALNI_MYdBgo8gF4GOfduh5t7Ob7w6IaM_w
.doubleclick.net/	1970-01-21 01:35:27	Name: IDE Value: AHWqTUnyW8iEGsyU8Vtasefx0-X9pArLNdBjhniVUTonQf0zIUhdkvBNO9o76jF2ODw
.travelaudience.com/	1970-01-21 01:29:41	Name: _tracker Value: %7B%22UUID%22%3A%227B380476-BCC2-4335-1DDF-940883E3B91B%22%7D
.de17a.com/	1970-01-21 00:37:51	Name: guid Value: 1.7594129327002183660

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.tribalfusion.com
ade.googlesyndication.com
ads.travelaudience.com
an.yandex.ru
bid.g.doubleclick.net
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
d5p.de17a.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
r4---sn-1gi7znek.c.2mdn.net
s.tribalfusion.com
s.uuidksinc.net
static.elzse.com
sync.teads.tv
tpc.googlesyndication.com
trace.mediago.io
um.simpli.fi
www.elzse.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
a.c.appier.net
an.yandex.ru
c1.adform.net
cm.g.doubleclick.net
fundingchoicesmessages.google.com
s.uuidksinc.net
sync.teads.tv
um.simpli.fi
www.googleadservices.com
104.17.24.14
104.18.25.173
108.177.15.154
142.250.181.228
142.250.184.226
142.250.184.234
142.250.185.110
142.250.185.130
142.250.185.161
142.250.185.194
142.250.185.74
142.250.185.98
142.250.186.130
142.250.186.34
142.250.186.67
142.250.74.206
142.251.161.94
169.150.247.37
172.217.18.2
172.217.18.3
209.127.116.234
213.155.156.168
216.58.206.34
216.58.212.136
3.33.220.150
35.190.0.66
35.208.249.213
74.125.108.201
91.228.74.159
01af9617c7e061218a22bc7aaaa50ecabdac88fac1575d6aafd71e7fe8b56de2
046844e9848cfa6c24f1f33da2e65467d48c867c5ff5d2f3b5fb24efaefe3142
07f37319b0d32f606bf3861255008178a0007342dd99409e801993297f9a3751
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09aa3db4ed80078e75a8db69fb15792e73c62d89dcce10b935024f952ac3ef2f
0a5fd33cd3712dc83d725f059dcc74cc64c237a62ced9a6e066f539acc9b7067
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
1453549abcc36f4c32668a9a53fd97636bf413ab654cad46e226b876669022c2
15150ba9b5aad46912d13626ab3660f1debed849fa977fb113045ea855553bf7
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c8bb9d1a8eec9d58deb70c22a52e8bc5bcfd0f57eb7ba9a3a3f3312c184da91
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e72506478f316e1c7571503361c572d7974ee5c86acfa487938af3c700481a6
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
22a885ff326e4064155c528cf6447c1fb0db534821097cdebad721471a4cb79a
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3096c34742cce1244f284469cf78e9e2b7bd12057a62c0a73823450fec66942f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34a16a10d3daef4a5f781a12d41c550f5c077c31e63d5c5b8442cced6191a971
3596a5bb362f6a4f33d43b89660051beaa440f13f75ab071ee25dca5fd48ee0f
383e81584ef323f25e77868ee3d631388a4a6bcf9ec51e26be9ddcd5f0750d9f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e89636b07d3ebd0018d7dae4cee356dfaa2850901577b23eb73348d8d9abdeb
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
47afad0ba4f922125c5d08a40a639a8b16a02e4bc90486730cb0ab64a230969b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d59317c36ebdad1f2a6a32ac70c3d8d633192c15a961b668f6321997c15720b
53d01bef7d50d0f0d9430748fae0c7a7d4082c60778a4945de398383f46ebfc9
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
576def41e81f6f99f7f7fb8746bae2cbc39ddca5934c2c34f64f3b9482e22884
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e4e0c1a2d7b2f4d3835b1ea8f0c7c538e5a46e0b6b29258c5fbdf1d1b4480ba
5f50a47e0f412b4c473b9655d9c72d5b7322fbbc6dcbfd5960f10ac5417f66a1
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7be401b49ca8017151981a80193f8cd339ac0c6c4721beae20810988efc9d1d0
7ca7010bb9f21634a81fb08afb59e9cd1984f1cb2ba421419b5891ee81ad1d3d
7d397cebdbf1b9780d0119cfb05b4ce96f3ba1f9ea7cab16056a34d8d12c5465
7d8b085f2fb389ba329a69204faf09b83bfd16008ff4ac9ad12b7b97fbb18ec3
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
866b86cab8d59721bb46b53c7da7548234e99c63d02fc69cce11622f482411dd
88477b43c91f83af4307812200cc368d050a0f34e1e37672d3d8be94f359ee23
8a82b857c4536fd803e50d2d83dbb6f7f5e3729cd4cac61ff385b3dfdffc4b11
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f3fb34b7b97a370f271c935fa7dbd4de91f03fe16355d1ab5008ef116852f70
913dd787ddb1c1055833af1b085aeccbed3dc54e94bdd1e143ad9f9372c46969
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a680b90260b5106d79f4075491ab31daafa7429eff686453c40b58357309649
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
a0a3ecb235805f172a98f0ed786685ea8b9df4da8451677774bad6c6161156d0
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a518bad84497efd6f6b5d041989d59ae68984903c3b92056b87df56e0f11d87c
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b0c49a5b6a68b632cb69b5cb945ae2c431e32e040f311f539a4ddf4423f4bb3b
bb79e1a86e012eaf6f83b91ae8b2a33d73e9a24d48b9d17a6cdbd869dfafaef9
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c406c78f68b0fa0ca078d9d8f9d33a07e08562804e151b3e5d8aee40b277abcb
c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37
c8d71fce9311660e88ab07da1633391917afbdc59a805bed6d595371fdcb9f90
caed8f917d91a12f15ae0d00b1a50971d6ca29ed3c06a3eee53ea81e252beadc
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cdab8b90273fae15c79d462b4cc359570a587b64ef17e06dae8fdee202e4a5b1
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572
d53237a1856c0e9197eb819d2c6b2f71955ea5d838fc58e5fa08c0b3912badee
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d9574d7eda8d5656d84e74b9d42ddea6fbf1ed1a0ac6610ff586dd91d735af8b
de4d56327948be28e205fd63ee0f5c6d3bb412e2ade1d3b295f7b0d6de21aa96
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7
e8ae4120241837e91809a58a633705716768d96ffec8dc94c5ece0afae30b9c4
ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3
eeed07b42886c2fcf93a64add239a4debc683eb20c5c358e81b12d679c4749f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

www.elzse.com Open in urlscan Pro 209.127.116.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

149 Requests

89 %HTTPS

0 %IPv6

23 Domains

36 Subdomains

26 IPs

3 Countries

2319 kBTransfer

8886 kBSize

6 Cookies

5 Outgoing links

Page URL History

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.elzse.com Open in urlscan Pro
209.127.116.234 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

89 %
HTTPS

0 %
IPv6

23
Domains

36
Subdomains

26
IPs

3
Countries

2319 kB
Transfer

8886 kB
Size

6
Cookies

149 HTTP transactions
11 data transactions