www.222.ch Open in urlscan Pro
135.181.76.204 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ticketkorner.ch/
Effective URL:
http://www.222.ch/katalog/freizeit/tickets.html
Submission: On September 16 via automatic, source certstream-suspicious (September 16th 2021, 1:01:43 am UTC) — Scanned from DE

Summary HTTP 47 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 47 HTTP transactions. The main IP is 135.181.76.204, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is www.222.ch.

This is the only time www.222.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	84.16.66.164 84.16.66.164	29222 (INFOMANIA...) (INFOMANIAK-AS)
6	135.181.76.204 135.181.76.204	24940 (HETZNER-AS) (HETZNER-AS)
1	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
10	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 3	142.250.181.228 142.250.181.228	15169 (GOOGLE) (GOOGLE)
1	142.250.186.46 142.250.186.46	15169 (GOOGLE) (GOOGLE)
1 2	35.186.231.97 35.186.231.97	15169 (GOOGLE) (GOOGLE)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	5.148.168.135 5.148.168.135	29691 (NINE) (NINE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	142.250.180.226 142.250.180.226	15169 (GOOGLE) (GOOGLE)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
8	142.250.184.225 142.250.184.225	15169 (GOOGLE) (GOOGLE)
1	172.217.19.98 172.217.19.98	15169 (GOOGLE) (GOOGLE)
6	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
47	15

1 84.16.66.164 (Switzerland) 1 redirects

ASN29222 (INFOMANIAK-AS, CH)
PTR: vip12-reverse-proxy.infomaniak.ch

ticketkorner.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 135.181.76.204 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: henrycommon.domns.com

www.222.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.228 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.231.97 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com

impch.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.148.168.135 (Zurich, Switzerland)

ASN29691 (NINE, CH)
PTR: adresult08.nine.ch

www.adtracker.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.19.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s27-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	277 KB
6	2mdn.net s0.2mdn.net	58 KB
6	google.com 1 redirects www.google.com cse.google.com adservice.google.com	4 KB
6	222.ch www.222.ch	19 KB
5	doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net	31 KB
2	googletagservices.com www.googletagservices.com	66 KB
2	tradedoubler.com 1 redirects impch.tradedoubler.com	1 KB
1	googleadservices.com partner.googleadservices.com	654 B
1	adtracker.ch www.adtracker.ch	49 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	ticketkorner.ch 1 redirects ticketkorner.ch	209 B
0	thumbsniper.com Failed api.thumbsniper.com Failed
47	12

	Domain	Requested by
10	pagead2.googlesyndication.com	www.222.ch pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
6	s0.2mdn.net	googleads.g.doubleclick.net s0.2mdn.net
6	www.222.ch	www.222.ch
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	www.google.com	1 redirects www.222.ch tpc.googlesyndication.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	impch.tradedoubler.com	1 redirects www.222.ch
1	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.adtracker.ch	www.222.ch
1	cse.google.com	www.222.ch
1	fonts.googleapis.com	www.222.ch
1	ticketkorner.ch	1 redirects
0	api.thumbsniper.com Failed	www.222.ch
47	16

This site contains links to these domains. Also see Links.

Domain
clk.tradedoubler.com
twitter.com
www.facebook.com
plus.google.com

Subject Issuer	Validity	Valid
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.tradedoubler.com R3	`2021-07-05` - `2021-10-03`	3 months	crt.sh
adtracker.ch R3	`2021-07-22` - `2021-10-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://www.222.ch/katalog/freizeit/tickets.html
Frame ID: 25C22C7F5C38D492CACDF8427604E83D
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20190131/zrt_lookup.html
Frame ID: 9929A0DB605F43C364BD9970D81146D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0718663806610923&output=html&h=600&slotname=8308254417&adk=377511953&adf=4005121826&pi=t.ma~as.8308254417&w=160&lmt=1631754098&url=http%3A%2F%2Fwww.222.ch%2Fkatalog%2Ffreizeit%2Ftickets.html&flash=0&wgl=1&dt=1631754098534&bpp=15&bdt=64&idt=134&shv=r20210913&mjsv=m202109140101&ptt=5&saldr=sa&abxe=1&correlator=6879113853008&frm=20&pv=2&ga_vid=212892395.1631754099&ga_sid=1631754099&ga_hid=1802880945&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=31&ady=275&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062369%2C31062519%2C31062311&oid=3&pvsid=2546989294833300&pem=268&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=6eUh7To4AX&p=http%3A//www.222.ch&dtd=150
Frame ID: 9D110FE2FA13A40C20555B1FDB497B41
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2716340379468155&output=html&h=280&slotname=3934867176&adk=205176156&adf=3993316317&pi=t.ma~as.3934867176&w=616&fwrn=4&fwrnh=100&lmt=1631754098&rafmt=1&psa=0&format=616x280&url=http%3A%2F%2Fwww.222.ch%2Fkatalog%2Ffreizeit%2Ftickets.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631754098590&bpp=9&bdt=121&idt=101&shv=r20210913&mjsv=m202109140101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8308254417&correlator=6879113853008&frm=20&pv=2&ga_vid=212892395.1631754099&ga_sid=1631754099&ga_hid=1802880945&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=224&ady=220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062369%2C31062519%2C31062311&oid=3&pvsid=2546989294833300&pem=268&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6Iex6MQzHX&p=http%3A//www.222.ch&dtd=106
Frame ID: 6A854457CC0CB9A166E1A6246CF23732
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B3D60A92D2BA35F634E4F4D4883CEB20
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/index.html
Frame ID: AB376995AF98206DD2672FF02497FB30
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0718663806610923&output=html&adk=1812271804&adf=3025194257&lmt=1631754099&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.222.ch%2Fkatalog%2Ffreizeit%2Ftickets.html&ea=0&flash=0&pra=7&wgl=1&dt=1631754099531&bpp=1&bdt=1061&idt=1&shv=r20210913&mjsv=m202109140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78f808a706a4d536-223f22c337cb0016%3AT%3D1631754098%3ART%3D1631754098%3AS%3DALNI_MZcDQi_QgF1OAGBri1bagxXCOaGVg&prev_fmts=616x280&prev_slotnames=8308254417&nras=1&correlator=6879113853008&frm=20&pv=1&ga_vid=212892395.1631754099&ga_sid=1631754099&ga_hid=1802880945&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062369%2C31062519%2C31062311&oid=3&psts=AGkb-H8x_A1Ka7aWM5cuG6hI924sS6nd-28uOr_x9YJGeqSWFy2Ob78tpDEUGsHTCruWoqZAk-RUho2NgQ&pvsid=2546989294833300&pem=268&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=5
Frame ID: 31C81A2929D23335A26CE3ADAF334457
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C9FE5DF0F1D69518EECBF6CA5DA572CA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 67D96544BABAA945DB50C3D625E6F1CE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tickets für Freizeitveranstaltungen Konzerttickets, Fussballtickets

Page URL History Show full URLs

https://ticketkorner.ch/ HTTP 301
http://www.222.ch/katalog/freizeit/tickets.html Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

47
Requests

77 %
HTTPS

0 %
IPv6

12
Domains

16
Subdomains

15
IPs

3
Countries

507 kB
Transfer

1209 kB
Size

5
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://clk.tradedoubler.com/click?p=31182&a=1173898&g=22727094&pools=528850

Search URL Search Domain Scan URL

URL: https://twitter.com/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://plus.google.com/
Title: GooglePlus

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ticketkorner.ch/ HTTP 301
http://www.222.ch/katalog/freizeit/tickets.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://www.google.com/cse/api/branding.css HTTP 301
https://cse.google.com/cse/api/branding.css

Request Chain 11

http://impch.tradedoubler.com/imp?type(js)pool(528850)a(1173898)464629033 HTTP 302
https://impch.tradedoubler.com/imp?type(js)pool(528850)a(1173898)464629033

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request tickets.html Show response
www.222.ch/katalog/freizeit/
Redirect Chain

https://ticketkorner.ch/
http://www.222.ch/katalog/freizeit/tickets.html

6 KB
7 KB

672ms
479ms

Document
text/html

135.181.76.204
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.222.ch/katalog/freizeit/tickets.html
Protocol: HTTP/1.1
Server: 135.181.76.204 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: henrycommon.domns.com
Software: Apache /
Resource Hash: 56aa89de7f211bf4535a47ffaa228ffbe310e82832db6fc845226fdc73377529

Request headers

Host: www.222.ch
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 16 Sep 2021 01:01:38 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

Redirect headers

server: gunicorn
date: Thu, 16 Sep 2021 01:01:37 GMT
content-type: text/html; charset=utf-8
content-length: 301
location: http://www.222.ch/katalog/freizeit/tickets.html

GET
H/1.1 200
OK css
fonts.googleapis.com/ 2 KB
1 KB 24ms
17ms Stylesheet
text/css 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Raleway

Requested by

Host: www.222.ch
URL: http://www.222.ch/katalog/freizeit/tickets.html

Protocol

HTTP/1.1

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

ESF /

Resource Hash

080a53c9e74d2ccfd35517c92de6fa61435733524f778b8bf93e7d5d8020d2db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:01:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Sep 2021 23:30:28 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Thu, 16 Sep 2021 01:01:38 GMT

GET
H/1.1 200
OK style.css
www.222.ch/ 9 KB
9 KB 26ms
26ms Stylesheet
text/css 135.181.76.204
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.222.ch/style.css
Requested by: Host: www.222.ch
URL: http://www.222.ch/katalog/freizeit/tickets.html
Protocol: HTTP/1.1
Server: 135.181.76.204 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: henrycommon.domns.com
Software: Apache /
Resource Hash: f1f3853dc454a5e29463bbf147265d18922543efd60bef8112deb0ccdf1ce703

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.222.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.222.ch/katalog/freizeit/tickets.html
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/katalog/freizeit/tickets.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:01:38 GMT
Last-Modified: Tue, 08 Dec 2015 10:55:32 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9162

GET
H/1.1 200
OK folder.jpg
www.222.ch/images/ 211 B
453 B 75ms
49ms Image
image/jpeg 135.181.76.204
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.222.ch/images/folder.jpg
Requested by: Host: www.222.ch
URL: http://www.222.ch/katalog/freizeit/tickets.html
Protocol: HTTP/1.1
Server: 135.181.76.204 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: henrycommon.domns.com
Software: Apache /
Resource Hash: 7848ea87aa388f9134fd4a9ea84db4615ef1e4d623aae7cdfa641cfb3aeffd89

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.222.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.222.ch/katalog/freizeit/tickets.html
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/katalog/freizeit/tickets.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:01:38 GMT
Last-Modified: Sat, 05 Dec 2015 12:34:13 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 211

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 106 KB
38 KB 31ms
24ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.222.ch
URL: http://www.222.ch/katalog/freizeit/tickets.html

Protocol

HTTP/1.1

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

83521d0af8359501b043cf385715fb88a47ca2bf49e5d0072b46229230f81714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 16 Sep 2021 01:01:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 15729754719284631032
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 38467
X-XSS-Protection: 0
Expires: Thu, 16 Sep 2021 01:01:38 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 52ms
38ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.222.ch
URL: http://www.222.ch/katalog/freizeit/tickets.html

Protocol

HTTP/1.1

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

0d31f9ef5ca01cd58c00ad335e2da1f1da2f24c364dc2a3a71aba824a11a532f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 16 Sep 2021 01:01:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 5364064961286132441
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 48882
X-XSS-Protection: 0
Expires: Thu, 16 Sep 2021 01:01:38 GMT

GET
H2

200

branding.css
cse.google.com/cse/api/
Redirect Chain

http://www.google.com/cse/api/branding.css
https://cse.google.com/cse/api/branding.css

1 KB
714 B

76ms
20ms

Stylesheet
text/css

142.250.186.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/api/branding.css

Requested by

Host: www.222.ch
URL: http://www.222.ch/katalog/freizeit/tickets.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f14.1e100.net

Software

pfe /

Resource Hash

91159d29398f8658ba786a663518da08b05681c305df38158865916e23552bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 00:43:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 17 Nov 2007 23:34:50 GMT
server: pfe
age: 1076
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 322
x-xss-protection: 0
expires: Thu, 16 Sep 2021 01:13:42 GMT

Redirect headers

Date: Thu, 16 Sep 2021 00:53:07 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 511
Content-Type: text/html; charset=UTF-8
Location: https://cse.google.com/cse/api/branding.css
Cache-Control: public, max-age=1800
Content-Length: 240
X-XSS-Protection: 0
Expires: Thu, 16 Sep 2021 01:23:07 GMT

GET
H/1.1 200
OK poweredby_FFFFFF.gif
www.google.com/images/poweredby_transparent/ 488 B
1 KB 22ms
15ms Image
image/gif 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/poweredby_transparent/poweredby_FFFFFF.gif

Requested by

Host: www.222.ch
URL: http://www.222.ch/katalog/freizeit/tickets.html

Protocol

HTTP/1.1

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

sffe /

Resource Hash

f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:01:38 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Type: image/gif
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 488
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Expires: Thu, 16 Sep 2021 01:01:38 GMT

GET api_free.php
api.thumbsniper.com/ 0
0

GET
H/1.1 200
OK top_logo.jpg
www.222.ch/images/ 2 KB
2 KB 49ms
48ms Image
image/jpeg 135.181.76.204
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.222.ch/images/top_logo.jpg
Requested by: Host: www.222.ch
URL: http://www.222.ch/style.css
Protocol: HTTP/1.1
Server: 135.181.76.204 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: henrycommon.domns.com
Software: Apache /
Resource Hash: 707c2a7f567565aa3f42b79dc5c0acde873e04dfd9d24b31e5daf40196fc3d5b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.222.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.222.ch/style.css
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:01:38 GMT
Last-Modified: Sat, 05 Dec 2015 12:34:18 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=100
Content-Length: 1545

GET
H/1.1 200
OK bg_buttom2.png
www.222.ch/images/ 180 B
448 B 53ms
27ms Image
image/png 135.181.76.204
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.222.ch/images/bg_buttom2.png
Requested by: Host: www.222.ch
URL: http://www.222.ch/style.css
Protocol: HTTP/1.1
Server: 135.181.76.204 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: henrycommon.domns.com
Software: Apache /
Resource Hash: 6e6e71e299d83c893de6d684ef0d6dd5ede71840753a76bdb211fea1581ecfb1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.222.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.222.ch/style.css
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:01:38 GMT
Last-Modified: Sat, 05 Dec 2015 12:34:09 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=100
Content-Length: 180

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109140101/ 251 KB
93 KB 54ms
30ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109140101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

aeaa1008e3dde9bd88972aa821f05b68a4741eb39599a45287daf658b8ad5779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94931
x-xss-protection: 0
server: cafe
etag: 380288124553421194
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 01:01:38 GMT

GET
H2

200

imp Show response
impch.tradedoubler.com/
Redirect Chain

http://impch.tradedoubler.com/imp?type(js)pool(528850)a(1173898)464629033
https://impch.tradedoubler.com/imp?type(js)pool(528850)a(1173898)464629033

268 B
828 B

25ms
8ms

Script
application/x-javascript

35.186.231.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://impch.tradedoubler.com/imp?type(js)pool(528850)a(1173898)464629033
Requested by: Host: www.222.ch
URL: http://www.222.ch/katalog/freizeit/tickets.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.231.186.35.bc.googleusercontent.com
Software: TXServerHttp /
Resource Hash: 9a0a1c19e29015831b6eaaec47f1bc4c2b3cbb64478e42c9edf5851ba472466f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:01:38 GMT
via: 1.1 google
referrer-policy: origin
server: TXServerHttp
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin: *
cache-control: private, max-age=0
content-type: application/x-javascript; charset=ISO-8859-1
alt-svc: clear
content-length: 268

Redirect headers

Location: https://impch.tradedoubler.com/imp?type(js)pool(528850)a(1173898)464629033
Date: Thu, 16 Sep 2021 01:01:37 GMT
Via: 1.1 google
Content-Length: 279
Content-Type: text/html; charset=ISO-8859-1

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210913/r20190131/ Frame 9929 10 KB
5 KB 29ms
6ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210913/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210913/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.222.ch/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 15 Sep 2021 20:57:54 GMT
expires: Wed, 29 Sep 2021 20:57:54 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 14624
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 160x600_DE.jpg
www.adtracker.ch/upload/leshop/NEW%20BANNER%2004122018/DE/ 48 KB
49 KB 83ms
17ms Image
image/jpeg 5.148.168.135
NINE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.adtracker.ch/upload/leshop/NEW%20BANNER%2004122018/DE/160x600_DE.jpg
Requested by: Host: www.222.ch
URL: http://www.222.ch/katalog/freizeit/tickets.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.148.168.135 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: adresult08.nine.ch
Software: Apache /
Resource Hash: 2e895475b32bbc7b6495eabafcec075a779269dd7afbdf69eacfb77f93876119

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:01:38 GMT
last-modified: Tue, 31 Mar 2020 22:00:01 GMT
server: Apache
accept-ranges: bytes
etag: "c161-5a22db075a5b3"
content-length: 49505
content-type: image/jpeg

GET
H/1.1 200
OK bg_buttom.png
www.222.ch/images/ 311 B
552 B 26ms
26ms Image
image/png 135.181.76.204
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.222.ch/images/bg_buttom.png
Requested by: Host: www.222.ch
URL: http://www.222.ch/style.css
Protocol: HTTP/1.1
Server: 135.181.76.204 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: henrycommon.domns.com
Software: Apache /
Resource Hash: 111b3eb17c2ca98a5a9cd56ce1d3a976e4edb48c25eb6ab33785b2dc57fa5655

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.222.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.222.ch/style.css
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:01:38 GMT
Last-Modified: Sat, 05 Dec 2015 12:34:09 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 311

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 196 B
654 B 44ms
21ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.222.ch&callback=_gfp_s_&client=ca-pub-0718663806610923

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109140101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

af5489fa46fd15503d7210f4502b593889d80df5358a2f3bf6611282bd60b8a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 188
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 103ms
42ms Script
application/javascript 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.222.ch

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109140101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Sep 2021 01:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9D11 58 KB
26 KB 418ms
417ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0718663806610923&output=html&h=600&slotname=8308254417&adk=377511953&adf=4005121826&pi=t.ma~as.8308254417&w=160&lmt=1631754098&url=http%3A%2F%2Fwww.222.ch%2Fkatalog%2Ffreizeit%2Ftickets.html&flash=0&wgl=1&dt=1631754098534&bpp=15&bdt=64&idt=134&shv=r20210913&mjsv=m202109140101&ptt=5&saldr=sa&abxe=1&correlator=6879113853008&frm=20&pv=2&ga_vid=212892395.1631754099&ga_sid=1631754099&ga_hid=1802880945&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=31&ady=275&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062369%2C31062519%2C31062311&oid=3&pvsid=2546989294833300&pem=268&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=6eUh7To4AX&p=http%3A//www.222.ch&dtd=150

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109140101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

aa1586c95772d9da25c9797ef220c379fea5b5c932b82cd4827f187031a8ca41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0718663806610923&output=html&h=600&slotname=8308254417&adk=377511953&adf=4005121826&pi=t.ma~as.8308254417&w=160&lmt=1631754098&url=http%3A%2F%2Fwww.222.ch%2Fkatalog%2Ffreizeit%2Ftickets.html&flash=0&wgl=1&dt=1631754098534&bpp=15&bdt=64&idt=134&shv=r20210913&mjsv=m202109140101&ptt=5&saldr=sa&abxe=1&correlator=6879113853008&frm=20&pv=2&ga_vid=212892395.1631754099&ga_sid=1631754099&ga_hid=1802880945&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=31&ady=275&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062369%2C31062519%2C31062311&oid=3&pvsid=2546989294833300&pem=268&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=6eUh7To4AX&p=http%3A//www.222.ch&dtd=150
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.222.ch/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 16 Sep 2021 01:01:39 GMT
server: cafe
content-length: 26499
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 16-Sep-2021 01:16:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 16 Sep 2021 01:01:39 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 62ms
26ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109140101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

a97000b74006f16532e2d380cbed2e3dabd80ea9b85625fcb123d96cb9a0369a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:01:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27627
x-xss-protection: 0
server: sffe
etag: "1631705383510867"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 16 Sep 2021 01:01:38 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6A85 430 B
375 B 513ms
512ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2716340379468155&output=html&h=280&slotname=3934867176&adk=205176156&adf=3993316317&pi=t.ma~as.3934867176&w=616&fwrn=4&fwrnh=100&lmt=1631754098&rafmt=1&psa=0&format=616x280&url=http%3A%2F%2Fwww.222.ch%2Fkatalog%2Ffreizeit%2Ftickets.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631754098590&bpp=9&bdt=121&idt=101&shv=r20210913&mjsv=m202109140101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8308254417&correlator=6879113853008&frm=20&pv=2&ga_vid=212892395.1631754099&ga_sid=1631754099&ga_hid=1802880945&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=224&ady=220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062369%2C31062519%2C31062311&oid=3&pvsid=2546989294833300&pem=268&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6Iex6MQzHX&p=http%3A//www.222.ch&dtd=106

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109140101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

752cf8cbddcefd51e40af46c836bf2351db1b36e4ed6f3f3ca0171a93c2c0ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2716340379468155&output=html&h=280&slotname=3934867176&adk=205176156&adf=3993316317&pi=t.ma~as.3934867176&w=616&fwrn=4&fwrnh=100&lmt=1631754098&rafmt=1&psa=0&format=616x280&url=http%3A%2F%2Fwww.222.ch%2Fkatalog%2Ffreizeit%2Ftickets.html&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1631754098590&bpp=9&bdt=121&idt=101&shv=r20210913&mjsv=m202109140101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8308254417&correlator=6879113853008&frm=20&pv=2&ga_vid=212892395.1631754099&ga_sid=1631754099&ga_hid=1802880945&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=224&ady=220&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062369%2C31062519%2C31062311&oid=3&pvsid=2546989294833300&pem=268&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=6Iex6MQzHX&p=http%3A//www.222.ch&dtd=106
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.222.ch/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 16 Sep 2021 01:01:39 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 16-Sep-2021 01:16:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 16 Sep 2021 01:01:39 GMT
cache-control: private

GET
H2 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 9D11 31 KB
13 KB 38ms
15ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0718663806610923&output=html&h=600&slotname=8308254417&adk=377511953&adf=4005121826&pi=t.ma~as.8308254417&w=160&lmt=1631754098&url=http%3A%2F%2Fwww.222.ch%2Fkatalog%2Ffreizeit%2Ftickets.html&flash=0&wgl=1&dt=1631754098534&bpp=15&bdt=64&idt=134&shv=r20210913&mjsv=m202109140101&ptt=5&saldr=sa&abxe=1&correlator=6879113853008&frm=20&pv=2&ga_vid=212892395.1631754099&ga_sid=1631754099&ga_hid=1802880945&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=31&ady=275&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062369%2C31062519%2C31062311&oid=3&pvsid=2546989294833300&pem=268&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=6eUh7To4AX&p=http%3A//www.222.ch&dtd=150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

cafe /

Resource Hash

09da166bbd2a7421ea3b4842666bddce3d97c04c95f5e96c464544e1911bdaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:53:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18486
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12782
x-xss-protection: 0
server: cafe
etag: 7555688245467925627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 19:53:33 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 9D11 2 KB
1 KB 38ms
14ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17828
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 20:04:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9D11 128 KB
39 KB 47ms
25ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

fc8bce6b98f344ceb503d0c7c623ecf395808995efd843d616c3e7ab401a116f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39459
x-xss-protection: 0
server: sffe
etag: "1631705359914318"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 16 Sep 2021 01:01:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/ Frame 9D11 14 KB
7 KB 30ms
7ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 20:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16661
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 20:23:58 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210913/r20110914/ Frame 9D11 18 KB
8 KB 31ms
8ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210913/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 19:58:21 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9D11 0
0 131ms
63ms Fetch
image/gif 172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7Pofpywx_-OEiqobm3NwOFJTkTwoH9GWC9w8GkWPwplpg-dAs0HGVDZx23_aQDzRjjxEtKrNcdlC5DiaYPEkxSP1gjZGYroK-yqKeF0LawqZsfNog64NSABpDsdErg0nkbtAULNOrkZXSpV_-k9QY9YoyZL2scvwIq7nqnZWdSEINYHfZ8oREaICNA-dY2xIhrNXE-beaBF4XA2G_P8zSGFzUuky8cWBT27zfN7IrSu0w5tJ_r5mpFB8O1HOz1a_OgqpMhW0WAvbUYLz3_QwwPHuJozXUBiM_-QXJy8CUypnFFa0jPYY0eoBhzahg8M1hQXbgAsit4XS2WNx6oUUvGUz0VKhL4oG02xDh8VI_G1-s3z5UmDSO3WjD0WOpdUN0WPq3GeS1X2C07ZVaE4sn8_qYDewvIS7YbZoKVLhkZjGkphWJDshiZyzbImLlCyyDjf7_9gwoMzEeBTFqWMNSke4HbMBAqJPRu8lZcrCt6Np4MBZYwvaAvgZXx4ftRqYCStNU68GBFxtu4u4Zkd1TRl__wD0y3bjrsCV1Z10LdbQoqYSGXZ8hdE2Z9FGA8sH-J8V4VkM5fy75_MV3WDgZswciKUe-6E5WHmDKkFZ_NEZMkRCLlZtUWVjwp6jYW50abnxMvvPTmlO3AekiJ2KKPS5NYZMCSUn0DC42kVkBYlLFeBRzYKf5kwZjWXhZt0mA06atWgwnesG-UWVRleGEz3IS_BcZCsFji5eRhaQl2DoD0hlqDs-YYOBKtQOcNsaiOZGFrqXK3REvYd7TQytvDzp-3y8lwIVAGcEhJFZKIv-hMTGzIoK3hOZCYL2uW34-hTHQJ_3lft3eRWxqiAGt1COeTlO0JZ5xQmZs-WG7W_Z49k3oHQ8lILU41ASZNAS-w80G9YrggMzYuEeUDAUiFLmoxS0_C9kgL4FrEMwj9Mf3VcW4ImhU4LzT1JBKU3KgLqw&sig=Cg0ArKJSzIMgXfiegaUsEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Thu, 16 Sep 2021 01:01:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 16 Sep 2021 01:01:39 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 9D11 114 KB
40 KB 55ms
7ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 22:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Sep 2021 22:05:28 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9D11 41 KB
15 KB 31ms
11ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 15 Sep 2022 19:02:20 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B3D6 22 KB
8 KB 42ms
16ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 15 Sep 2021 19:02:20 GMT
expires: Thu, 15 Sep 2022 19:02:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 21559
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9D11 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b133bdf427e37bc4476033f894114958948b4eecf518f040314f6ae737b701f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/ Frame AB37 5 KB
2 KB 97ms
74ms Document
text/html 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

4af1df5a2f448e2197cd83518d19146b94c5ab3b2a357479f8d833ec2bb5b02e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 1656
date: Thu, 16 Sep 2021 01:01:39 GMT
expires: Fri, 17 Sep 2021 01:01:39 GMT
cache-control: public, max-age=86400
last-modified: Fri, 30 Jul 2021 19:32:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js Show response
pagead2.googlesyndication.com/bg/ Frame B3D6 35 KB
13 KB 21ms
7ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0laMBStFIjGDX-Lbokpit1PiwVNzXcztY6qwAF7AamA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 19:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 106449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13319
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 14 Sep 2022 19:27:30 GMT

GET
H3 200 style.css
s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/styles/ Frame AB37 3 KB
958 B 65ms
65ms Stylesheet
text/css 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/styles/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

0c5372c1a8bc11f4e004364b4f9fe8fb2bedd226ed1bba34b557a23450946995

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 934
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 19:32:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 17 Sep 2021 01:01:39 GMT

GET
H3 200 arrow-down.png
s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/images/ Frame AB37 15 KB
15 KB 44ms
43ms Image
image/png 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/images/arrow-down.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

1dbde451f92f45875249b5ae5150c6a3b7c3e22d487146f04ae882743a667f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:01:39 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Jul 2021 19:32:06 GMT
server: sffe
age: 0
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15185
x-xss-protection: 0
expires: Fri, 17 Sep 2021 01:01:39 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/scripts/ Frame AB37 2 KB
633 B 94ms
94ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/scripts/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

4e890ccac9b39999fe735391c29266f342fdac25328f1c5042e3cc6621139a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 609
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 19:32:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 17 Sep 2021 01:01:39 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B3D6 0
20 B 17ms
16ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BL9V7cpdCYd37KuTI7_UPkdasCAAAAAA4AeAEAg&bg=!SEulSw_NAAaUnz4elJ87ACkAdvg8WtKR-0VkGj-fPzpkxV0Cub5wQwECdObMrM4a7VEOcmHbJZ2Q-QIAAABfUgAAAApoAQcKAA-BcgsAj57y-F5CXvSWb9qZAqUMUoK34r1EVhmkfGLAF4bjtb_S0B_9HSv6yarL5FkdMUbVbvuKYG6FmkRn0U7TE0A6scJMi8w5xQ3Qxb9VkEBS8bsClnC3CCrSbTEsuWOF5NzF_71ZtZ1fChQzoKYFkFqtJjUfr6hT5Vn7cvXdiS9p83IsukNsQpbCp4FC9Z6erBBOl4f-cekQYKcLA2h-QFKFMrPuFoTpFnge8nfYjdEo_bofTVdowX8c6m4UZ4OP0vN2t5x9uZgiYeB8wgh2h1rTVv2VGscPuEQKPll9g5Ca6EhPjrD5xekfW_WgZ9h6BRhsd1EZ0afnp-cqpr-Brmc3P6FqJMAd8_EX2tYVyFsICumllq13MPl07ydbPZk6rvyUFFKp6hSqBYkRMY0h2hj_2pmbkIxeQ4KU9cvhLo0NDGpnNNorCX62KLFYQzhXUU1OFQ_77aVxl_l7xrRk-dsvfsn-751xqCdw4Xtf8rUU6zbziw8FrR8J3et63kCbjKQTWvWSqhcHhoFXIbG7k0EfRe9ImkusfiT2JFfVjiRDslIQKGDlL8Vj_9OR0iQj6BeiRLiaem9lzU9ybwh6nISluOQrKmRJxKprAs0XzAq2Li-z3zUBQHoFCkgBh0I0iJcMzll1U62iBW33j8HmV3k0yFy71E-bfVQIvAj5BlbAjLXkBfP72HuiD80M4mcTq_DzTc-yCouZXHEYBJSxoAH1V0UW0x2z4JFprg4gNzv6KsA0qyoI8Z6gHhI9gPXcCqHK_9E20f_Ycpch5U7MbYFmnBgneZhWUjx4lWZb_7p0DHezX3CpkYTYllaUukVDC_X-QePcU7Ee2uO6Fp6KCqm6HMjjs-jnPqZcsTEQTB7FCMX_boK9AND_CpJ-P0GMnjcZkMA1WfJ_gIJmJrljhQ70uRLQkw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:01:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 search.png
s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/images/ Frame AB37 514 B
536 B 96ms
95ms Image
image/png 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/images/search.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

sffe /

Resource Hash

c8eb253ff9058165db575680b7b02a051c5095ecb74688dad21f87095b9d9792

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/6440760/1627673526127/MAR-403-HTML-peopleSearch-160X600/styles/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:01:39 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Jul 2021 19:32:06 GMT
server: sffe
age: 0
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 514
x-xss-protection: 0
expires: Fri, 17 Sep 2021 01:01:39 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 85ms
43ms Script
application/javascript 142.250.180.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.222.ch

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Sep 2021 01:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 31C8 0
16 B 16ms
16ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0718663806610923&output=html&adk=1812271804&adf=3025194257&lmt=1631754099&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.222.ch%2Fkatalog%2Ffreizeit%2Ftickets.html&ea=0&flash=0&pra=7&wgl=1&dt=1631754099531&bpp=1&bdt=1061&idt=1&shv=r20210913&mjsv=m202109140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78f808a706a4d536-223f22c337cb0016%3AT%3D1631754098%3ART%3D1631754098%3AS%3DALNI_MZcDQi_QgF1OAGBri1bagxXCOaGVg&prev_fmts=616x280&prev_slotnames=8308254417&nras=1&correlator=6879113853008&frm=20&pv=1&ga_vid=212892395.1631754099&ga_sid=1631754099&ga_hid=1802880945&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062369%2C31062519%2C31062311&oid=3&psts=AGkb-H8x_A1Ka7aWM5cuG6hI924sS6nd-28uOr_x9YJGeqSWFy2Ob78tpDEUGsHTCruWoqZAk-RUho2NgQ&pvsid=2546989294833300&pem=268&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=5

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-0718663806610923&output=html&adk=1812271804&adf=3025194257&lmt=1631754099&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.222.ch%2Fkatalog%2Ffreizeit%2Ftickets.html&ea=0&flash=0&pra=7&wgl=1&dt=1631754099531&bpp=1&bdt=1061&idt=1&shv=r20210913&mjsv=m202109140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D78f808a706a4d536-223f22c337cb0016%3AT%3D1631754098%3ART%3D1631754098%3AS%3DALNI_MZcDQi_QgF1OAGBri1bagxXCOaGVg&prev_fmts=616x280&prev_slotnames=8308254417&nras=1&correlator=6879113853008&frm=20&pv=1&ga_vid=212892395.1631754099&ga_sid=1631754099&ga_hid=1802880945&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062369%2C31062519%2C31062311&oid=3&psts=AGkb-H8x_A1Ka7aWM5cuG6hI924sS6nd-28uOr_x9YJGeqSWFy2Ob78tpDEUGsHTCruWoqZAk-RUho2NgQ&pvsid=2546989294833300&pem=268&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=5
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.222.ch/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUmKUf05Fb33DdUsWyl8njDki8rvo__T3JJqSCMUvytqedv3CcOLqzdtj80L7d8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 16 Sep 2021 01:01:39 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 35ms
20ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210913&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

0c66fcd3616e44240cbfc520a273aab0c7f35c1e55c20d893c580e16b7faec19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Sep 2021 01:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8464
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
30ms Script
text/javascript 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109140101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:01:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 16 Sep 2021 01:01:39 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C9FE 12 KB
5 KB 16ms
16ms Document
text/html 142.250.184.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.222.ch/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 15 Sep 2021 21:21:12 GMT
expires: Thu, 15 Sep 2022 21:21:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 13227
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 67D9 783 B
1 KB 59ms
24ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

da25f236ac92d413cd2e4011f606631189bfa710de741a352823b3759c378753

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SnRehpdGlgkkujOrj5kHIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.222.ch/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/

Response headers

expires: Thu, 16 Sep 2021 01:01:39 GMT
date: Thu, 16 Sep 2021 01:01:39 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-SnRehpdGlgkkujOrj5kHIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js Show response
pagead2.googlesyndication.com/bg/ Frame C9FE 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 13:41:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13196
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 10:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 15 Sep 2022 13:41:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 67D9 0
0 19ms
18ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210913&jk=2546989294833300&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 17ms
16ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210913&jk=2546989294833300&bg=!ubqluv7NAAYT0U73E9E7ACkAdvg8WtUbt_sW8dlKS4Kp8QqV4tposohFvHS9LbrlgUKMjBgW_XF80QIAAABgUgAAAAloAQcKAErEQExW94X8Kbzc3D_cPL4YF-zHpQKvUZ1VxrLo7ngPJhFEddWUcWf2xqxUpJF1V2Ci2c7Ko9h8C5aKc9Pt35dAXWZNoV3iM6f6TpkCcCqQWcGBANZSb9fMDYc4Mj0UnscAfsZ6ap-5FfqOQKT-TuMAUU_HDiaEVdBkvEQRpd33vxEdzsb4j4Rklf2QSZXoKWSw6K94PDqW-sPhwSsM88m9r_Dvp5hJufftAA3gUhT1JtXGiGodWyiNyYgmAcY_QBugx-gCuR8ZJE__5Rn5IG97dC-tahSQVzxOC2_2MiL5wKhdpEjyedlyn4YVPlRtes2eUZXdA8SJFw4n-cLQITSk_fqO5ERTYBLSCjNw4IKgMV-AJbUI7jPnYjzZX6kHBNICUNM8MnFFrNqz7cHyZI0bIbrotofB5m1l5rOl1FjC_xHHeDmAe1L7s49DB_IqyFYxY4rEfKiO_5pxfUIQuZy9Zjx2_VokOgwYfxrfPFLUws4tlhjCjpN0ZDJEX2LIQ_WlbLbDkj8JqCS6ZsHA6jjnHmF1FIfY5z5Clmt1GK6A7IhreIm7PJStixt_biVaNOhVAnHevFUnu0aXl0inO1fg9IQsGWVjw6C46PdW98H3WFZUZsSjP1R7yvRqzauujOEUT45H1eyccKYwMQzmbMpxxl0ui7wheKIV5QUZ38Cm-FnOz_O0l_w2p2Ug_daUJncdPKvf3pyVZqCQ83RweaIgNKUf8BtNOfN0o9DF0tVeAlCmyMExLV2oxS0j3BhFiuzv-wG1MmBcsTBXGH5oEJVbuOxnmjs6yoWowd35yJpMbD_fM99qbP1FF5F4SIrpjAK09StFdYurQsbUWFMdYKYe8bQDyg-gUOS_S-4r2XgZFs88tUD73R30kfhNvyFjf2KF1pmMKiRxtfox00HdjmEB7h_pSTpf_8gMd9d7iA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.222.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:01:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9D11 42 B
64 B 18ms
18ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuK3MDyA_b1fEdc5LQSjrL_Rp9iMASV9aItNgttZf70sqnz7DyAfm6yM3YkrmgXZxsU4k7PhXRgL45nsvIKbU4QZd9E0yg8N6GSKZst3KyF66BmVxaWClvBPGHGT2gLa_SlFs79LpKRFkDRMsbsupio2_4Alhred1WzBmXQDCU&sai=AMfl-YQYvkgFYc4CzGdWm75LsSBMvnJNbxQ6rqQpkqeI8r3VIAjRpQCzZoOWr2tMFGimiSCb-_oOFnftejFH&sig=Cg0ArKJSzMYGcrRsz-BMEAE&id=lidar2&mcvt=1000&p=275,31,875,191&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210915&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=377511953&rs=2&met=ie&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1631754098686&rpt=841&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:01:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.thumbsniper.com
URL: http://api.thumbsniper.com/api_free.php?size=6&effect=1&url=http://www.ticketcorner.ch/

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tradedoubler.com/	1970-01-20 06:01:30	Name: BT Value: 1z11zzq8z1KItExzceOTLhTzzGx1z9yceOTLhT
.tradedoubler.com/	1970-01-20 06:01:30	Name: UI Value: 1z11zzq8z3KXovz8dgyKmc1
.tradedoubler.com/	1970-01-20 06:01:30	Name: PL Value: 1z11zzq8z1WRSrWz2fC6yPgF3yN20vyy-3FiO48y40tsqw1
.222.ch/	1970-01-20 06:37:30	Name: __gads Value: ID=78f808a706a4d536-223f22c337cb0016:T=1631754098:RT=1631754098:S=ALNI_MZcDQi_QgF1OAGBri1bagxXCOaGVg
.doubleclick.net/	1970-01-20 14:47:06	Name: IDE Value: AHWqTUmKUf05Fb33DdUsWyl8njDki8rvo__T3JJqSCMUvytqedv3CcOLqzdtj80L7d8

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://api.thumbsniper.com/api_free.php?size=6&effect=1&url=http://www.ticketcorner.ch/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: http://www.222.ch/katalog/freizeit/tickets.html(Line 186) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://impch.tradedoubler.com/imp?type(js)pool(528850)a(1173898)464629033, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.222.ch/katalog/freizeit/tickets.html(Line 186) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://impch.tradedoubler.com/imp?type(js)pool(528850)a(1173898)464629033, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
api.thumbsniper.com
cse.google.com
fonts.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
impch.tradedoubler.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
ticketkorner.ch
tpc.googlesyndication.com
www.222.ch
www.adtracker.ch
www.google.com
www.googletagservices.com
api.thumbsniper.com
135.181.76.204
142.250.180.226
142.250.181.228
142.250.184.202
142.250.184.225
142.250.185.194
142.250.185.198
142.250.185.226
142.250.185.66
142.250.185.98
142.250.186.46
172.217.19.98
35.186.231.97
5.148.168.135
84.16.66.164
080a53c9e74d2ccfd35517c92de6fa61435733524f778b8bf93e7d5d8020d2db
09da166bbd2a7421ea3b4842666bddce3d97c04c95f5e96c464544e1911bdaa3
0c5372c1a8bc11f4e004364b4f9fe8fb2bedd226ed1bba34b557a23450946995
0c66fcd3616e44240cbfc520a273aab0c7f35c1e55c20d893c580e16b7faec19
0d31f9ef5ca01cd58c00ad335e2da1f1da2f24c364dc2a3a71aba824a11a532f
111b3eb17c2ca98a5a9cd56ce1d3a976e4edb48c25eb6ab33785b2dc57fa5655
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
1dbde451f92f45875249b5ae5150c6a3b7c3e22d487146f04ae882743a667f92
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2e895475b32bbc7b6495eabafcec075a779269dd7afbdf69eacfb77f93876119
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
4af1df5a2f448e2197cd83518d19146b94c5ab3b2a357479f8d833ec2bb5b02e
4e890ccac9b39999fe735391c29266f342fdac25328f1c5042e3cc6621139a39
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
56aa89de7f211bf4535a47ffaa228ffbe310e82832db6fc845226fdc73377529
6e6e71e299d83c893de6d684ef0d6dd5ede71840753a76bdb211fea1581ecfb1
707c2a7f567565aa3f42b79dc5c0acde873e04dfd9d24b31e5daf40196fc3d5b
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
752cf8cbddcefd51e40af46c836bf2351db1b36e4ed6f3f3ca0171a93c2c0ace
7848ea87aa388f9134fd4a9ea84db4615ef1e4d623aae7cdfa641cfb3aeffd89
83521d0af8359501b043cf385715fb88a47ca2bf49e5d0072b46229230f81714
91159d29398f8658ba786a663518da08b05681c305df38158865916e23552bf3
9a0a1c19e29015831b6eaaec47f1bc4c2b3cbb64478e42c9edf5851ba472466f
9b133bdf427e37bc4476033f894114958948b4eecf518f040314f6ae737b701f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a97000b74006f16532e2d380cbed2e3dabd80ea9b85625fcb123d96cb9a0369a
aa1586c95772d9da25c9797ef220c379fea5b5c932b82cd4827f187031a8ca41
aeaa1008e3dde9bd88972aa821f05b68a4741eb39599a45287daf658b8ad5779
af5489fa46fd15503d7210f4502b593889d80df5358a2f3bf6611282bd60b8a1
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c8eb253ff9058165db575680b7b02a051c5095ecb74688dad21f87095b9d9792
d2568c052b452231835fe2dba24a62b753e2c153735dcced63aab0005ec06a60
da25f236ac92d413cd2e4011f606631189bfa710de741a352823b3759c378753
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe
f1f3853dc454a5e29463bbf147265d18922543efd60bef8112deb0ccdf1ce703
fc8bce6b98f344ceb503d0c7c623ecf395808995efd843d616c3e7ab401a116f

www.222.ch Open in urlscan Pro 135.181.76.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

47 Requests

77 %HTTPS

0 %IPv6

12 Domains

16 Subdomains

15 IPs

3 Countries

507 kBTransfer

1209 kBSize

5 Cookies

4 Outgoing links

Page URL History

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.222.ch Open in urlscan Pro
135.181.76.204 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

77 %
HTTPS

0 %
IPv6

12
Domains

16
Subdomains

15
IPs

3
Countries

507 kB
Transfer

1209 kB
Size

5
Cookies

47 HTTP transactions
1 data transactions