www.gonser.ch Open in urlscan Pro
18.193.98.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.capitalonebankcard.com/
Effective URL:
https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s...
Submission: On May 04 via api (May 4th 2021, 12:02:50 am UTC) from US

Summary HTTP 209 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 50 IPs in 8 countries across 51 domains to perform 209 HTTP transactions. The main IP is 18.193.98.4, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.gonser.ch.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 10th 2021. Valid for: a year.

This is the only time www.gonser.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	212.32.237.101 212.32.237.101	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	54.192.210.60 54.192.210.60	16509 (AMAZON-02) (AMAZON-02)
1 1	54.208.107.202 54.208.107.202	14618 (AMAZON-AES) (AMAZON-AES)
2	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2606:4700:20:... 2606:4700:20::681a:728	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3036::ac43:8065	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	84.200.5.215 84.200.5.215	31400 (ACCELERAT...) (ACCELERATED-IT)
21	18.193.98.4 18.193.98.4	16509 (AMAZON-02) (AMAZON-02)
29	52.222.183.22 52.222.183.22	16509 (AMAZON-02) (AMAZON-02)
2	65.9.84.90 65.9.84.90	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.114.109 151.101.114.109	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2a01:ab20:0:2... 2a01:ab20:0:203::52	47302 (CYON) (CYON)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:2600:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a04:4e42:1b::84 2a04:4e42:1b::84	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
68	65.9.66.75 65.9.66.75	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
1	195.201.108.174 195.201.108.174	24940 (HETZNER-AS) (HETZNER-AS)
1 2	94.130.102.164 94.130.102.164	24940 (HETZNER-AS) (HETZNER-AS)
3 5	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
2	37.157.6.236 37.157.6.236	198622 (ADFORM) (ADFORM)
1 2	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
7	2606:4700:303... 2606:4700:3039::6815:c056	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
2	212.48.120.130 212.48.120.130	8893 (ARTFILES-...) (ARTFILES-AS Artfiles New Media GmbH)
1 3	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.255.138.57 34.255.138.57	16509 (AMAZON-02) (AMAZON-02)
2	104.79.88.164 104.79.88.164	16625 (AKAMAI-AS) (AKAMAI-AS)
10 12	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:aa7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
6	3.94.218.138 3.94.218.138	14618 (AMAZON-AES) (AMAZON-AES)
1 1	212.83.50.108 212.83.50.108	47447 (TTM) (TTM)
2 2	3.123.96.39 3.123.96.39	16509 (AMAZON-02) (AMAZON-02)
2 3	18.195.54.133 18.195.54.133	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.112 85.114.159.112	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	217.79.188.10 217.79.188.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	18.184.22.220 18.184.22.220	16509 (AMAZON-02) (AMAZON-02)
1	54.153.123.185 54.153.123.185	16509 (AMAZON-02) (AMAZON-02)
1	99.86.2.80 99.86.2.80	16509 (AMAZON-02) (AMAZON-02)
1 1	146.148.21.162 146.148.21.162	15169 (GOOGLE) (GOOGLE)
2 2	3.123.78.164 3.123.78.164	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	85.215.5.31 85.215.5.31	6724 (STRATO ST...) (STRATO STRATO AG)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	18.215.11.20 18.215.11.20	14618 (AMAZON-AES) (AMAZON-AES)
2	34.204.215.213 34.204.215.213	14618 (AMAZON-AES) (AMAZON-AES)
2	52.0.189.149 52.0.189.149	14618 (AMAZON-AES) (AMAZON-AES)
209	50

1 212.32.237.101 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

www.capitalonebankcard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.210.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-210-60.ham50.r.cloudfront.net

r.lnk8j7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.107.202 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

kamala-cha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:728 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.searchfor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:8065 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.smartredirect.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 2 redirects

ASN31400 (ACCELERATED-IT, DE)

cct.connects.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cct.gonser.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tc.connects.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lacmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 18.193.98.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com

www.gonser.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 52.222.183.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-183-22.ham50.r.cloudfront.net

cdn10.plentymarkets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.84.90 (United States)

ASN16509 (AMAZON-02, US)

cdn02.plentymarkets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

cdn.findologic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:ab20:0:203::52 (Switzerland)

ASN47302 (CYON, CH)

gonser-services.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:2600:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

68 65.9.66.75 (United States)

ASN16509 (AMAZON-02, US)

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.108.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.108.201.195.clients.your-server.de

static.newsletter2go.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.102.164 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.2.236 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.236 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.63.157 (Lingenfeld, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3039::6815:c056 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.48.120.130 (Hamburg, Germany)

ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE)
PTR: lb.usemaxserver.de

www.usemax.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.usemaxserver.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.250 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.138.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-138-57.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.79.88.164 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-88-164.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.230 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4780959.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)

ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.94.218.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

metrics.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.83.50.108 (Germany) 1 redirects

ASN47447 (TTM, DE)

r.adserver01.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.96.39 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.54.133 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.112 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

ad11.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.22.220 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

secure.converto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.153.123.185 (San Jose, United States)

ASN16509 (AMAZON-02, US)

saxp.zedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.2.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-80.fra6.r.cloudfront.net

embeds.driftcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.148.21.162 (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

dmp.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.78.164 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.110 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.246 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Germany) 1 redirects

ASN6724 (STRATO STRATO AG, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.215.11.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

bootstrap.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.204.215.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-215-213.compute-1.amazonaws.com

targeting.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.189.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

event.api.drift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	driftt.com js.driftt.com	746 KB
31	plentymarkets.com cdn10.plentymarkets.com cdn02.plentymarkets.com	2 MB
22	gonser.ch 1 redirects cct.gonser.ch www.gonser.ch	296 KB
15	doubleclick.net 12 redirects stats.g.doubleclick.net 5994599.fls.doubleclick.net ad.doubleclick.net 4780959.fls.doubleclick.net cm.g.doubleclick.net	3 KB
11	drift.com metrics.api.drift.com bootstrap.api.drift.com targeting.api.drift.com event.api.drift.com	5 KB
7	ad4m.at ad4m.at as.ad4m.at	18 KB
7	adform.net 3 redirects track.adform.net s2.adform.net	59 KB
7	google.com www.google.com adservice.google.com	1 KB
5	gstatic.com fonts.gstatic.com	72 KB
4	adnxs.com 1 redirects acdn.adnxs.com secure.adnxs.com ib.adnxs.com	5 KB
4	pinterest.com ct.pinterest.com	2 KB
4	google-analytics.com www.google-analytics.com	55 KB
3	bidswitch.net 2 redirects x.bidswitch.net	1 KB
3	bing.com bat.bing.com	9 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	adscale.de 2 redirects ih.adscale.de	736 B
2	adition.com 1 redirects ad11.adfarm1.adition.com imagesrv.adition.com	802 B
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	ad4mat.net 1 redirects ad4mat.net dmp.ad4mat.net	2 KB
2	mathtag.com pixel.mathtag.com	2 KB
2	redintelligence.net 1 redirects hal9000.redintelligence.net	2 KB
2	ad-srv.net 1 redirects ad.ad-srv.net	2 KB
2	facebook.com www.facebook.com	347 B
2	google.de www.google.de adservice.google.de	984 B
2	facebook.net connect.facebook.net	96 KB
2	pinimg.com s.pinimg.com	18 KB
2	findologic.com cdn.findologic.com	11 KB
2	connects.ch 1 redirects cct.connects.ch tc.connects.ch	5 KB
2	searchfor.org 1 redirects www.searchfor.org	4 KB
2	clever-redirect.com clever-redirect.com tracker.clever-redirect.com	763 B
1	twiago.com 1 redirects a.twiago.com	293 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com	694 B
1	driftcdn.com embeds.driftcdn.com	3 KB
1	zedo.com saxp.zedo.com	983 B
1	converto.com 1 redirects secure.converto.com	243 B
1	adserver01.de 1 redirects r.adserver01.de	224 B
1	usemaxserver.de www.usemaxserver.de	564 B
1	adsrvr.org insight.adsrvr.org	261 B
1	usemax.de www.usemax.de	812 B
1	lacmp.net www.lacmp.net	5 KB
1	newsletter2go.com static.newsletter2go.com	7 KB
1	dwin1.com www.dwin1.com	7 KB
1	gonser-services.ch gonser-services.ch	843 B
1	googletagmanager.com www.googletagmanager.com	57 KB
1	jsdelivr.net cdn.jsdelivr.net	17 KB
1	cloudflare.com cdnjs.cloudflare.com	3 KB
1	smartredirect.de 1 redirects www.smartredirect.de	918 B
1	kamala-cha.com 1 redirects kamala-cha.com	466 B
1	lnk8j7.com r.lnk8j7.com	1023 B
1	capitalonebankcard.com 1 redirects www.capitalonebankcard.com	463 B
209	51

	Domain	Requested by
68	js.driftt.com	r.lnk8j7.com js.driftt.com
29	cdn10.plentymarkets.com	www.gonser.ch cdn10.plentymarkets.com
21	www.gonser.ch	www.searchfor.org www.gonser.ch cdn10.plentymarkets.com
8	ad.doubleclick.net	8 redirects
6	metrics.api.drift.com	js.driftt.com
6	adservice.google.com	ad.ad-srv.net 5994599.fls.doubleclick.net www.gonser.ch 4780959.fls.doubleclick.net
5	track.adform.net	3 redirects www.gonser.ch track.adform.net
5	fonts.gstatic.com	fonts.googleapis.com
4	as.ad4m.at	www.gonser.ch
4	ct.pinterest.com	s.pinimg.com www.gonser.ch
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.gonser.ch
3	x.bidswitch.net	2 redirects www.gonser.ch
3	ad4m.at	r.lnk8j7.com ad4m.at www.gonser.ch
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.gonser.ch
3	fonts.googleapis.com	cdn10.plentymarkets.com js.driftt.com
2	event.api.drift.com	js.driftt.com
2	targeting.api.drift.com	js.driftt.com
2	dsum-sec.casalemedia.com	1 redirects www.gonser.ch
2	ih.adscale.de	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	ads.creative-serving.com	2 redirects
2	4780959.fls.doubleclick.net	1 redirects ad.ad-srv.net
2	5994599.fls.doubleclick.net	1 redirects hal9000.redintelligence.net
2	pixel.mathtag.com	hal9000.redintelligence.net
2	secure.adnxs.com	1 redirects ad.ad-srv.net
2	hal9000.redintelligence.net	1 redirects r.lnk8j7.com
2	s2.adform.net	www.gonser.ch hal9000.redintelligence.net
2	ad.ad-srv.net	1 redirects r.lnk8j7.com
2	www.facebook.com	www.gonser.ch
2	connect.facebook.net	r.lnk8j7.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	cdn.findologic.com	www.gonser.ch cdn.findologic.com
2	cdn02.plentymarkets.com	www.gonser.ch
2	www.searchfor.org	1 redirects
1	bootstrap.api.drift.com	js.driftt.com
1	adservice.google.de	adservice.google.com
1	a.twiago.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	dmp.ad4mat.net	1 redirects
1	embeds.driftcdn.com	js.driftt.com
1	saxp.zedo.com	www.gonser.ch
1	secure.converto.com	1 redirects
1	imagesrv.adition.com	www.gonser.ch
1	ad11.adfarm1.adition.com	1 redirects
1	r.adserver01.de	1 redirects
1	www.usemaxserver.de	www.usemax.de
1	ad4mat.net	ad4m.at
1	ib.adnxs.com	www.gonser.ch
1	insight.adsrvr.org	ad.ad-srv.net
1	www.usemax.de	ad.ad-srv.net
1	acdn.adnxs.com	www.gonser.ch
1	www.lacmp.net	tc.connects.ch
1	static.newsletter2go.com	www.gonser.ch
1	www.google.de	www.gonser.ch
1	www.google.com	www.gonser.ch
1	stats.g.doubleclick.net	www.google-analytics.com
1	tc.connects.ch	www.googletagmanager.com
1	www.dwin1.com	www.googletagmanager.com
1	gonser-services.ch	cdn10.plentymarkets.com
1	www.googletagmanager.com	www.gonser.ch
1	cdn.jsdelivr.net	www.gonser.ch
1	cdnjs.cloudflare.com	www.gonser.ch
1	cct.gonser.ch	1 redirects
1	cct.connects.ch	1 redirects
1	www.smartredirect.de	1 redirects
1	tracker.clever-redirect.com
1	clever-redirect.com	r.lnk8j7.com
1	kamala-cha.com	1 redirects
1	r.lnk8j7.com
1	www.capitalonebankcard.com	1 redirects
209	70

This site contains links to these domains. Also see Links.

Domain
charity.gonser.ch
hubs.gonser.ch
www.facebook.com

Subject Issuer	Validity	Valid
lnk8j7.com Amazon	`2021-02-02` - `2022-03-03`	a year	crt.sh
tracker.clever-redirect.com R3	`2021-04-12` - `2021-07-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-06` - `2021-07-06`	a year	crt.sh
www.gonser.ch Sectigo RSA Domain Validation Secure Server CA	`2021-02-10` - `2022-02-10`	a year	crt.sh
cdn10.plentymarkets.com Amazon	`2021-03-18` - `2022-04-16`	a year	crt.sh
*.plentymarkets.com Amazon	`2021-03-01` - `2022-03-29`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-03` - `2022-03-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
1470211240.rsc.cdn77.org R3	`2021-04-24` - `2021-07-23`	3 months	crt.sh
gonser-services.ch R3	`2021-05-01` - `2021-07-30`	3 months	crt.sh
*.dwin1.com Amazon	`2020-12-04` - `2022-01-02`	a year	crt.sh
tc.connects.ch R3	`2021-03-25` - `2021-06-23`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.newsletter2go.com RapidSSL TLS RSA CA G1	`2020-05-31` - `2022-05-31`	2 years	crt.sh
www.lacmp.net R3	`2021-03-25` - `2021-06-23`	3 months	crt.sh
ad-srv.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
redintelligence.net R3	`2021-04-21` - `2021-07-20`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
usemax.de Sectigo RSA Domain Validation Secure Server CA	`2019-11-04` - `2021-11-07`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
usemaxserver.de Sectigo RSA Domain Validation Secure Server CA	`2020-06-22` - `2021-06-22`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G2	`2021-04-15` - `2022-05-17`	a year	crt.sh
saxp.zedo.com Go Daddy Secure Certificate Authority - G2	`2020-04-08` - `2022-06-07`	2 years	crt.sh
*.driftcdn.com Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Frame ID: A8741633B853F88591AAC7CE2EE5E3EA
Requests: 95 HTTP requests in this frame

Frame: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
Frame ID: 6E5FF3458C1D232B1DBCFC9BF9577674
Requests: 35 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat
Frame ID: EAAB72641BB742434DE1312C7E5D7E54
Requests: 43 HTTP requests in this frame

Frame: https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1
Frame ID: 9D8BBC5DBDDF59618C55C221190936C2
Requests: 5 HTTP requests in this frame

Frame: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Frame ID: 4350732F5453ED43344FD1E09C19A560
Requests: 17 HTTP requests in this frame

Frame: https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1
Frame ID: 7634036EA03BB20890A6E30B508093E0
Requests: 5 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 0F0D4F33D40FBC88B4CF2AD36A0260A6
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817
Frame ID: A5998299EFA3F74A7E7126F24D4AE3D1
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 1B94B25466B8BAEAE37224317DDA7CF8
Requests: 1 HTTP requests in this frame

Frame: https://www.usemaxserver.de/rt.php?ext_i=4866577946&ext_domain=1
Frame ID: 69F3B9444C928ED888CC0D752146F08E
Requests: 1 HTTP requests in this frame

Frame: https://4780959.fls.doubleclick.net/activityi;dc_pre=CKb3mN3crvACFU2i3godx30HIw;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1627907087134.6968
Frame ID: 11809A7D80B472D5B99A2571160CE5FF
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817;~oref=https://hal9000.redintelligence.net/
Frame ID: A7383EE96576EA92264D4B7DF742F399
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817;~oref=https://hal9000.redintelligence.net/
Frame ID: D6B38FF1F6212EF3388EDCBD7C43816D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.capitalonebankcard.com/ HTTP 302
https://r.lnk8j7.com/link/br/fJoGTf5ZnnYKYeKGfzUgo?u=http%3A%2F%2Fcapitalonebankcard.com&campaign... Page URL
https://kamala-cha.com/zcvisitor/02ff3ff0-ac6c-11eb-8444-0ad7d29af651/1fe9cab0-90fa-11e9-a574-0a15c... HTTP 302
https://clever-redirect.com/s/ra?s=r6a Page URL
https://tracker.clever-redirect.com/?u=https%3A%2F%2Fwww.searchfor.org%2Fin%3Fp%3D4%26d%3Dgonser.ch%26s%3D728a50... Page URL
https://www.searchfor.org/in?p=4&d=gonser.ch&s=728a50172be8d45fa67a970acfcb6378 HTTP 302
https://www.searchfor.org/ Page URL
https://www.smartredirect.de/redir/clickGate.php?u=i4Stw485&m=1&p=7FtxL3PGAW&t=crFCP6D0&s=4_6088b58e37009... HTTP 302
https://cct.connects.ch/tc.php?t=116625C1843151959BT&subid=at106772_a125186_m1_p25416_t10276_cDE_s4_... HTTP 302
https://cct.gonser.ch/tc.php?sdtr=1&t=116625C1843151959BT&subid=at106772_a125186_m1_p25416_t10276_... HTTP 302
https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1... Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

209
Requests

100 %
HTTPS

34 %
IPv6

51
Domains

70
Subdomains

50
IPs

8
Countries

4052 kB
Transfer

6902 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://charity.gonser.ch/
Title: Charity

Search URL Search Domain Scan URL

URL: http://hubs.gonser.ch/
Title: Charity

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gonser.ch

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.capitalonebankcard.com/ HTTP 302
https://r.lnk8j7.com/link/br/fJoGTf5ZnnYKYeKGfzUgo?u=http%3A%2F%2Fcapitalonebankcard.com&campaign_id=fxQJojW2AQU7XrX3b49nMB Page URL
https://kamala-cha.com/zcvisitor/02ff3ff0-ac6c-11eb-8444-0ad7d29af651/1fe9cab0-90fa-11e9-a574-0a15cb739170?campaignid=656a8050-9dfc-11eb-a408-125350acfc3d HTTP 302
https://clever-redirect.com/s/ra?s=r6a Page URL
https://tracker.clever-redirect.com/?u=https%3A%2F%2Fwww.searchfor.org%2Fin%3Fp%3D4%26d%3Dgonser.ch%26s%3D728a50172be8d45fa67a970acfcb6378&h=4fbddfff1dd6830d501de7db8a674b70 Page URL
https://www.searchfor.org/in?p=4&d=gonser.ch&s=728a50172be8d45fa67a970acfcb6378 HTTP 302
https://www.searchfor.org/ Page URL
https://www.smartredirect.de/redir/clickGate.php?u=i4Stw485&m=1&p=7FtxL3PGAW&t=crFCP6D0&s=4_6088b58e37009&url=https%3A%2F%2Fwww.gonser.ch&r=https%3A%2F%2Fwww.searchfor.org HTTP 302
https://cct.connects.ch/tc.php?t=116625C1843151959BT&subid=at106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009 HTTP 302
https://cct.gonser.ch/tc.php?sdtr=1&t=116625C1843151959BT&subid=at106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009 HTTP 302
https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.capitalonebankcard.com/ HTTP 302
https://r.lnk8j7.com/link/br/fJoGTf5ZnnYKYeKGfzUgo?u=http%3A%2F%2Fcapitalonebankcard.com&campaign_id=fxQJojW2AQU7XrX3b49nMB

Request Chain 1

https://kamala-cha.com/zcvisitor/02ff3ff0-ac6c-11eb-8444-0ad7d29af651/1fe9cab0-90fa-11e9-a574-0a15cb739170?campaignid=656a8050-9dfc-11eb-a408-125350acfc3d HTTP 302
https://clever-redirect.com/s/ra?s=r6a

Request Chain 3

https://www.searchfor.org/in?p=4&d=gonser.ch&s=728a50172be8d45fa67a970acfcb6378 HTTP 302
https://www.searchfor.org/

Request Chain 124

https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent= HTTP 302
https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1

Request Chain 125

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 126

https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent= HTTP 302
https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1

Request Chain 141

https://secure.adnxs.com/seg?add=24823586&t=2&gdpr=0&gdpr_consent= HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24823586%26t%3D2%26gdpr%3D0%26gdpr_consent%3D

Request Chain 144

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 145

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817

Request Chain 172

https://track.adform.net/Serving/TrackPoint/?pm=1966228&ADFPageName=Home&ADFdivider=%7C&ord=15437715780&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.searchfor.org%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.gonser.ch%2F%3Flea_source%3D202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009%26utm_source%3DAdgoal.net%26utm_medium%3Daffiliate HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1966228&ADFPageName=Home&ADFdivider=%7C&ord=15437715780&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.searchfor.org%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.gonser.ch%2F%3Flea_source%3D202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009%26utm_source%3DAdgoal.net%26utm_medium%3Daffiliate

Request Chain 177

https://ad.doubleclick.net/ddm/activity/src=9949552;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=3149783219420.61 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9949552;dc_pre=CJy2md3crvACFQ_7sgodz0YP-A;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=3149783219420.61 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9949552;dc_pre=CJy2md3crvACFQ_7sgodz0YP-A;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=3149783219420.61

Request Chain 178

https://4780959.fls.doubleclick.net/activityi;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1627907087134.6968 HTTP 302
https://4780959.fls.doubleclick.net/activityi;dc_pre=CKb3mN3crvACFU2i3godx30HIw;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1627907087134.6968

Request Chain 180

https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CIq2n93crvACFaBGkQUdfYUAIw;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CIq2n93crvACFaBGkQUdfYUAIw;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1

Request Chain 181

https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CL28n93crvACFZXhsgoduLsGfA;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CL28n93crvACFZXhsgoduLsGfA;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 183

https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CNrQn93crvACFZWBsgodWRUPIg;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CNrQn93crvACFZWBsgodWRUPIg;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 188

https://r.adserver01.de/rt/perf_ch.php?gdpr=0&gdpr_consent= HTTP 302
https://ads.creative-serving.com/pixel?id=3158229 HTTP 302
https://ads.creative-serving.com/ul_cb/pixel?id=3158229 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=b74c6d08-c915-42dd-991d-83d73e2b5215&ssp=&expires=30&user_group=2&cb=209 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=b74c6d08-c915-42dd-991d-83d73e2b5215&ssp=&expires=30&user_group=2&cb=209 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=oMPmwAHlQFO1kANt9CNA5A== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEHoi_kNjHfU0ZcUDP3BkcXA&google_cver=1

Request Chain 189

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_RetargetingPixel]=ASRET2 HTTP 302
https://imagesrv.adition.com/1x1.gif

Request Chain 190

https://secure.converto.com/img/bh.gif?n=3365&g=20&a=443&s=1&l=1&t=i&f=1 HTTP 302
https://saxp.zedo.com/img/bh.gif?n=3365&g=20&a=443&s=1&l=1&t=i&f=1

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm&google_sc&a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&c=1 HTTP 302
https://dmp.ad4mat.net/pixel?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&c=1&google_gid=CAESEBWuw2Ji-9AIldvaQjekx2c&google_cver=1 HTTP 302
https://ad4m.at/ad/dpe?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&b=CAESEBWuw2Ji-9AIldvaQjekx2c&c=1

Request Chain 193

https://ih.adscale.de/tpui?tpid=25&tpuid=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DAHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH%26b%3D__ADSCALE_USER_ID__%26c%3D6 HTTP 302
https://ih.adscale.de/tpui?tpid=25&tpuid=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DAHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH%26b%3D__ADSCALE_USER_ID__%26c%3D6&nut&uu=29d4f5d35fce41d28af29944d3cd2329 HTTP 307
https://as.ad4m.at/ad/dpe?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&b=609bea3f23e1641c74cacb48a81317da9f8e38ab52019a3bab425ab0f8452e41&c=6

Request Chain 194

https://rtb-csync.smartadserver.com/redir/?partnerid=132&partneruserid=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DAHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH%26c%3D9%26b%3DSMART_USER_ID HTTP 302
https://as.ad4m.at/ad/dpe?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&c=9&b=5683570591374680750

Request Chain 195

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&C=1

Request Chain 196

https://a.twiago.com/rtb/usermatch.php?umid=11&userid=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&call_type=redirect&rtbprovider=openrtb&redirecturl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DAHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH%26b%3D%25userid%25%26c%3D7 HTTP 302
https://as.ad4m.at/ad/dpe?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&b=ad2802bd69279dbe32471312ef2a620c5b27e706ee9d1d77a71ae0ae8998d&c=7

209 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

fJoGTf5ZnnYKYeKGfzUgo Show response
r.lnk8j7.com/link/br/
Redirect Chain

http://www.capitalonebankcard.com/
https://r.lnk8j7.com/link/br/fJoGTf5ZnnYKYeKGfzUgo?u=http%3A%2F%2Fcapitalonebankcard.com&campaign_id=fxQJojW2AQU7XrX3b49nMB

995 B
1023 B

415ms
343ms

Document
text/html

54.192.210.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.lnk8j7.com/link/br/fJoGTf5ZnnYKYeKGfzUgo?u=http%3A%2F%2Fcapitalonebankcard.com&campaign_id=fxQJojW2AQU7XrX3b49nMB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.210.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-210-60.ham50.r.cloudfront.net
Software: / Express
Resource Hash: 9d3e183f345640bea2f2fe0ae6688a4696e24a7ba06bb762aa8325d94233cc43

Request headers

:method: GET
:authority: r.lnk8j7.com
:scheme: https
:path: /link/br/fJoGTf5ZnnYKYeKGfzUgo?u=http%3A%2F%2Fcapitalonebankcard.com&campaign_id=fxQJojW2AQU7XrX3b49nMB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
content-length: 413
date: Tue, 04 May 2021 00:02:28 GMT
x-amzn-requestid: 5f8fb335-42b1-4021-96dc-b3edaf4fff33
referrer-policy: none no-referrer none, no-referrer
content-encoding: gzip
surrogate-control: no-store
x-amzn-remapped-content-length: 995
x-amz-apigw-id: extLQFciIAMFl9A=
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
expires: 0
etag: W/"3e3-/ZRaxp2GAVbHW15teezpaQNi8/g"
x-powered-by: Express
x-amzn-trace-id: Root=1-60908f14-00b6a29a29febaf920f5fcb2;Sampled=0
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 f2bfcb0e5eaa96cb4b9aaa38ccd55547.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: jVFwxDIU6BIJ9FgOi1aw1jNIe0HVSYGLPimSjPCXFvkVLF2OnjLBGg==

Redirect headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Tue, 04 May 2021 00:02:28 GMT
location: https://r.lnk8j7.com/link/br/fJoGTf5ZnnYKYeKGfzUgo?u=http%3A%2F%2Fcapitalonebankcard.com&campaign_id=fxQJojW2AQU7XrX3b49nMB
server: nginx
set-cookie: sid=02a5f200-ac6c-11eb-b69a-14e566fb33c9; path=/; domain=.capitalonebankcard.com; expires=Sun, 22 May 2089 03:16:35 GMT; max-age=2147483647; HttpOnly

GET
H2

200

ra
clever-redirect.com/s/
Redirect Chain

https://kamala-cha.com/zcvisitor/02ff3ff0-ac6c-11eb-8444-0ad7d29af651/1fe9cab0-90fa-11e9-a574-0a15cb739170?campaignid=656a8050-9dfc-11eb-a408-125350acfc3d
https://clever-redirect.com/s/ra?s=r6a

382 B
534 B

128ms
39ms

Document
text/html

78.46.197.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clever-redirect.com/s/ra?s=r6a
Requested by: Host: r.lnk8j7.com
URL: https://r.lnk8j7.com/link/br/fJoGTf5ZnnYKYeKGfzUgo?u=http%3A%2F%2Fcapitalonebankcard.com&campaign_id=fxQJojW2AQU7XrX3b49nMB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.197.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.197.46.78.clients.your-server.de
Software: Apache/2.4.46 (codeit) OpenSSL/1.1.1i PHP/7.4.15 / PHP/7.4.15
Resource Hash

Request headers

:method: GET
:authority: clever-redirect.com
:scheme: https
:path: /s/ra?s=r6a
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://r.lnk8j7.com/link/br/fJoGTf5ZnnYKYeKGfzUgo?u=http%3A%2F%2Fcapitalonebankcard.com&campaign_id=fxQJojW2AQU7XrX3b49nMB

Response headers

date: Tue, 04 May 2021 00:02:29 GMT
server: Apache/2.4.46 (codeit) OpenSSL/1.1.1i PHP/7.4.15
referrer-policy: no-referrer
x-powered-by: PHP/7.4.15
content-length: 382
content-type: text/html; charset=UTF-8

Redirect headers

date: Tue, 04 May 2021 00:02:29 GMT
content-length: 0
location: https://clever-redirect.com/s/ra?s=r6a
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: ZeroPark-Traffic

GET
H2 200 / Show response
tracker.clever-redirect.com/ 200 B
229 B 47ms
32ms Document
text/html 78.46.197.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.clever-redirect.com/?u=https%3A%2F%2Fwww.searchfor.org%2Fin%3Fp%3D4%26d%3Dgonser.ch%26s%3D728a50172be8d45fa67a970acfcb6378&h=4fbddfff1dd6830d501de7db8a674b70
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.197.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.197.46.78.clients.your-server.de
Software: Apache/2.4.46 (codeit) OpenSSL/1.1.1i PHP/7.4.15 / PHP/7.4.15
Resource Hash: 170c9486f56ff28c3fb7c31c307ab8c7f73b00cf8dc462e0c7c4d9f97f5dd7a7

Request headers

:method: GET
:authority: tracker.clever-redirect.com
:scheme: https
:path: /?u=https%3A%2F%2Fwww.searchfor.org%2Fin%3Fp%3D4%26d%3Dgonser.ch%26s%3D728a50172be8d45fa67a970acfcb6378&h=4fbddfff1dd6830d501de7db8a674b70
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:29 GMT
server: Apache/2.4.46 (codeit) OpenSSL/1.1.1i PHP/7.4.15
referrer-policy: no-referrer
x-powered-by: PHP/7.4.15
content-length: 200
content-type: text/html; charset=UTF-8

GET
H2

200

/
www.searchfor.org/
Redirect Chain

https://www.searchfor.org/in?p=4&d=gonser.ch&s=728a50172be8d45fa67a970acfcb6378
https://www.searchfor.org/

1 KB
2 KB

99ms
98ms

Document
text/html

2606:4700:20::681a:728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.searchfor.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: www.searchfor.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dc55cc783e87782309da7dbcb887e84771620086549; XSRF-TOKEN=eyJpdiI6ImNKY1pDaHlnOFErS0lOU2JnNzFzYXc9PSIsInZhbHVlIjoiemZSdDhVNEJEUEMydERkcThWbGdZMU1sWXYzK2dtY255UDBOMXp0NHhUNkVKZlVWclZvTFViemxFL0NuYk1OcTEzSXR0NWFUdDc1WVh5QXBoaUZJcVp2T09oOXprSStKVXkwbk9SekEzdDdVM2FwUk51WGU1bzlCSXFMSlI0eUQiLCJtYWMiOiJiZDhmNjUxOTM4ZTE5OTU4MDk2Y2RlNmVjNDQ1MWVmMDZjOTQyYzFiOGEzNzkwOGM3OWE0NmFjOTRiMjEwYTJiIn0%3D; searchfor_session=eyJpdiI6InpuZFNkVFp3djAvOUlldmZrc2tTVHc9PSIsInZhbHVlIjoiOWpEd2wyMGp6bzBQbXB5NUNjTkpMbHBhdUlvQW1MQUhtdEZOcnJGSm9BeGZlOGcwSUU1TFRFcUI0RkwrTXQ4MVpzK1V3Z1gyLzZTcmlIQThSOURId3RlbitBRXpBYlNoUVlBRTFaQ0tuSlZrdFA1d3JJMGh3SEhoNDhqa3lqSVkiLCJtYWMiOiI0NjE4OTNkMjVkM2FiNjZmNjg0NGFjMTk1ZWM2MGY1Y2ViZTAxZTE0NWE2MjRhOGEwNWE3MjFmNjQyODdhZWRjIn0%3D; lang=en; charity=charity-pool; pid=eyJpdiI6Ilpya0xsTXJ3azNna21JUlhldmVMdXc9PSIsInZhbHVlIjoiVVVDTm5HZ1NxNEp0bUhybjdPYjNHOExkb28yZ25FUktzbUJJaDV6NUY4WUROeDhTZnBiUTJFcjMxOE11aHgxRCIsIm1hYyI6IjU2OGEyNmY0NTA5MThjZWIwZWUwZjAzMzQ0MzIzYWQxYmQ0OWQ3MWYxNjFiN2VlN2M3YTRlYTFiNmY4NzA3M2EifQ%3D%3D; d=eyJpdiI6Imh4WFl6K2hrbWJsR3Jlak9Ld3BuNlE9PSIsInZhbHVlIjoib3dnQVc4Yk5QQ0lMUEJGMWxITzkyLzlpZzdmRlNIb0VORGxqSXd2b0d4Z1lBOVR6cXpBcW5YTVVJOFBVaE9RNUw3SFhFZVR0OVA5T2JmZXU2eEZudXc9PSIsIm1hYyI6IjM5ZGEyYTE0NTRmYjBkNmIwYmQzYzFmYzhmODVkOTA5ZDFjZGFhMWU5NDkyNjdkYTA5MTU5MDQyMjNjNTEwMzQifQ%3D%3D; sid=eyJpdiI6Ikd2REpONnRpUVZONnQzZkNXK0hPc0E9PSIsInZhbHVlIjoiYlR1elBTc3FkUGYrUWgxRFkrWHphb3BMQXgwR2tJczZqSTFKTWw4N1JhakRwejZmd0J5OG9jRm1XMzJCKzAveVQrYkxnOXJFMVBaTHdPUm13OUlMOHc9PSIsIm1hYyI6ImFiMDRlMzE1YTY3NjFhNWQyMGYwNWY2NTlkNmExMWI1ZGYxZjZmMmE3NzViMDY3NDg4MjIxMzY0ZjA2ZDAwODYifQ%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://tracker.clever-redirect.com/?u=https%3A%2F%2Fwww.searchfor.org%2Fin%3Fp%3D4%26d%3Dgonser.ch%26s%3D728a50172be8d45fa67a970acfcb6378&h=4fbddfff1dd6830d501de7db8a674b70

Response headers

date: Tue, 04 May 2021 00:02:29 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImZOemR4alZQRGphU1VURG0xY2N6dmc9PSIsInZhbHVlIjoiYWUvOW9sYjNGMnRiTzNISnhsUFpTTDF5NVlqSXJvL2ZVSmhhZUtzb0pycFVKTnhnS0pNazRicTFER3lpL2M2NlF0U014WEVsM0k2TDNDREJ3NXB1MlRxQ3ZmMkwrOFFNZkxyYU5DOEYweHE5aW5kdjd0VEhLY3crdGVaWjBOdmgiLCJtYWMiOiJmNjA1NmY5ZmQ1MWIxNTAxMWJhMmU2ZTAwYTI5YTEwMWIzZWY2OWEwMjVmYTU5ODg2NjExMDdlZTQyMjczMzMxIn0%3D; expires=Tue, 04-May-2021 02:02:29 GMT; Max-Age=7200; path=/; domain=.searchfor.org; secure; samesite=none searchfor_session=eyJpdiI6IlZ1YnZJWE1XblV1R2ZFR01NUEw0OVE9PSIsInZhbHVlIjoiZ01CcCtIKzZPamVuUHhwamR1bXlNY2srTC9wdXR4ZGpJcFBrWTlhZHNobE5xVFAzREMwbXdPblVLTHlFQlNYUE1pWGNhNEdCYkNLb1E0NzVnSVFVcUVBZGN5QWNUR0JNNzdzWmFtak54UVFoYkJuVjVaYnkyQkFIaGZ4bFZDRjciLCJtYWMiOiI5NDE0NmUzNGMzZDliYTQ1ODlhMGYzNjc5MTk5ZTY0YjRkMGJkM2UxMDRmOGI1ZTdkMDQ0ZDJhZTFhOWZmNGUzIn0%3D; expires=Tue, 04-May-2021 02:02:29 GMT; Max-Age=7200; path=/; domain=.searchfor.org; secure; httponly; samesite=none language=en; path=/; domain=.searchfor.org; secure; httponly; samesite=none country=de; path=/; domain=.searchfor.org; secure; httponly; samesite=none charity=charity-pool; path=/; domain=.searchfor.org; secure; httponly; samesite=none
cf-cache-status: DYNAMIC
cf-request-id: 09d648042600002bb96e228000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FqLTatQPD773AhB4OkY2ph1CsXAq3FUbBAcXbIUhF12vVidItjffx2i7ZRbjgjr1%2FfkK7AV8JIPWSV631NM7haI6rCFru7u3luXWKwwAyEymg2w%2B09du9Wr2YHKRyA%3D%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 649d75e6ae362bb9-FRA
content-encoding: br

Redirect headers

date: Tue, 04 May 2021 00:02:29 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dc55cc783e87782309da7dbcb887e84771620086549; expires=Thu, 03-Jun-21 00:02:29 GMT; path=/; domain=.searchfor.org; HttpOnly; SameSite=Lax; Secure XSRF-TOKEN=eyJpdiI6ImNKY1pDaHlnOFErS0lOU2JnNzFzYXc9PSIsInZhbHVlIjoiemZSdDhVNEJEUEMydERkcThWbGdZMU1sWXYzK2dtY255UDBOMXp0NHhUNkVKZlVWclZvTFViemxFL0NuYk1OcTEzSXR0NWFUdDc1WVh5QXBoaUZJcVp2T09oOXprSStKVXkwbk9SekEzdDdVM2FwUk51WGU1bzlCSXFMSlI0eUQiLCJtYWMiOiJiZDhmNjUxOTM4ZTE5OTU4MDk2Y2RlNmVjNDQ1MWVmMDZjOTQyYzFiOGEzNzkwOGM3OWE0NmFjOTRiMjEwYTJiIn0%3D; expires=Tue, 04-May-2021 02:02:29 GMT; Max-Age=7200; path=/; domain=.searchfor.org; secure; samesite=none searchfor_session=eyJpdiI6InpuZFNkVFp3djAvOUlldmZrc2tTVHc9PSIsInZhbHVlIjoiOWpEd2wyMGp6bzBQbXB5NUNjTkpMbHBhdUlvQW1MQUhtdEZOcnJGSm9BeGZlOGcwSUU1TFRFcUI0RkwrTXQ4MVpzK1V3Z1gyLzZTcmlIQThSOURId3RlbitBRXpBYlNoUVlBRTFaQ0tuSlZrdFA1d3JJMGh3SEhoNDhqa3lqSVkiLCJtYWMiOiI0NjE4OTNkMjVkM2FiNjZmNjg0NGFjMTk1ZWM2MGY1Y2ViZTAxZTE0NWE2MjRhOGEwNWE3MjFmNjQyODdhZWRjIn0%3D; expires=Tue, 04-May-2021 02:02:29 GMT; Max-Age=7200; path=/; domain=.searchfor.org; secure; httponly; samesite=none lang=en; expires=Wed, 04-May-2022 00:02:29 GMT; Max-Age=31536000; path=/; domain=.searchfor.org; secure; httponly; samesite=none charity=charity-pool; expires=Sat, 03-May-5102 02:31:29 GMT; Max-Age=97226792940; path=/; domain=.searchfor.org; secure; httponly; samesite=none pid=eyJpdiI6Ilpya0xsTXJ3azNna21JUlhldmVMdXc9PSIsInZhbHVlIjoiVVVDTm5HZ1NxNEp0bUhybjdPYjNHOExkb28yZ25FUktzbUJJaDV6NUY4WUROeDhTZnBiUTJFcjMxOE11aHgxRCIsIm1hYyI6IjU2OGEyNmY0NTA5MThjZWIwZWUwZjAzMzQ0MzIzYWQxYmQ0OWQ3MWYxNjFiN2VlN2M3YTRlYTFiNmY4NzA3M2EifQ%3D%3D; expires=Sat, 03-May-5102 02:31:29 GMT; Max-Age=97226792940; path=/; domain=.searchfor.org; secure; httponly; samesite=none d=eyJpdiI6Imh4WFl6K2hrbWJsR3Jlak9Ld3BuNlE9PSIsInZhbHVlIjoib3dnQVc4Yk5QQ0lMUEJGMWxITzkyLzlpZzdmRlNIb0VORGxqSXd2b0d4Z1lBOVR6cXpBcW5YTVVJOFBVaE9RNUw3SFhFZVR0OVA5T2JmZXU2eEZudXc9PSIsIm1hYyI6IjM5ZGEyYTE0NTRmYjBkNmIwYmQzYzFmYzhmODVkOTA5ZDFjZGFhMWU5NDkyNjdkYTA5MTU5MDQyMjNjNTEwMzQifQ%3D%3D; expires=Sat, 03-May-5102 02:31:29 GMT; Max-Age=97226792940; path=/; domain=.searchfor.org; secure; httponly; samesite=none sid=eyJpdiI6Ikd2REpONnRpUVZONnQzZkNXK0hPc0E9PSIsInZhbHVlIjoiYlR1elBTc3FkUGYrUWgxRFkrWHphb3BMQXgwR2tJczZqSTFKTWw4N1JhakRwejZmd0J5OG9jRm1XMzJCKzAveVQrYkxnOXJFMVBaTHdPUm13OUlMOHc9PSIsIm1hYyI6ImFiMDRlMzE1YTY3NjFhNWQyMGYwNWY2NTlkNmExMWI1ZGYxZjZmMmE3NzViMDY3NDg4MjIxMzY0ZjA2ZDAwODYifQ%3D%3D; expires=Sat, 03-May-5102 02:31:29 GMT; Max-Age=97226792940; path=/; domain=.searchfor.org; secure; httponly; samesite=none
cache-control: no-cache, private
location: https://www.searchfor.org
cf-cache-status: DYNAMIC
cf-request-id: 09d64803c400002bb906bec000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qUaAVGRBIN4y17ZR15ltycbYTsS6I3cMkYD5snJFKsDyPQjVqn5M4KpPgIr5iMMZXDjlXheHqDNZx%2FzF%2BY%2FCgjsNZJGqr5ggp4cAJQj1zE%2FWLoJF2iIV9flSez%2FEuw%3D%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 649d75e60d652bb9-FRA

GET
H2

200

Primary Request / Show response
www.gonser.ch/
Redirect Chain

https://www.smartredirect.de/redir/clickGate.php?u=i4Stw485&m=1&p=7FtxL3PGAW&t=crFCP6D0&s=4_6088b58e37009&url=https%3A%2F%2Fwww.gonser.ch&r=https%3A%2F%2Fwww.searchfor.org
https://cct.connects.ch/tc.php?t=116625C1843151959BT&subid=at106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009
https://cct.gonser.ch/tc.php?sdtr=1&t=116625C1843151959BT&subid=at106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009
https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate

564 KB
76 KB

694ms
626ms

Document
text/html

18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate

Requested by

Host: www.searchfor.org
URL: https://www.searchfor.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-98-4.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cf078d9faa64842b4228004af8bac9181baa732fd0645206c94fa68ecdcb0fc7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *.plentymarkets-cloud-10.com

Request headers

:method: GET
:authority: www.gonser.ch
:scheme: https
:path: /?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://www.searchfor.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.searchfor.org/

Response headers

server: nginx
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private,no-store,must-revalidate
date: Tue, 04 May 2021 00:02:30 GMT
x-plenty-shop: Ceres
x-plenty-shop-version: eyJpdiI6ImZ5SGFPSDROa1I4elZcL1c0M0lMYm9RPT0iLCJ2YWx1ZSI6IjVjZ3IrQ0xCbGZsOFBLQW5wajF0S0E9PSIsIm1hYyI6Ijc3MzFmNGZlODYzZDI1MmE1NTY3NjZmM2YwNjEzNGVkOTBmMTM4MmY3NWIxNzJjNmRmYzI5MGJlZDA2NjY5MTkifQ==
x-plenty-shop-stage: production
content-security-policy: frame-ancestors 'self' *.plentymarkets-cloud-10.com
set-cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D; expires=Thu, 12-Aug-2021 00:02:30 GMT; Max-Age=8640000; path=/; domain=.gonser.ch; secure; httponly
pragma: no-cache
content-encoding: gzip

Redirect headers

server: nginx
date: Tue, 04 May 2021 00:02:30 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=3r92plrv1a21201jibrr8iltfd; path=/; secure pp1843=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009; expires=Tue, 18-May-2021 00:02:30 GMT; Max-Age=1209600; path=/; domain=cct.gonser.ch; SameSite=None; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ceres-icons.css
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/css/ 65 KB
66 KB 101ms
29ms Stylesheet
text/css 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/css/ceres-icons.css
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7416d49df67c5369a0eea9639bfe455a4233a81964fde164c04d25271d3aabc7

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 06:22:05 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:19 GMT
server: AmazonS3
age: 63626
etag: "18a926a93e30e11746d84ba4c7fe8e8b"
x-cache: Hit from cloudfront
x-amz-version-id: V9dbpcSTtbsnLXW74l7H1sy9Bn6nE1km
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/css
content-length: 67058
x-amz-cf-id: hiGNEfNt5-uHXg1c2VpHzUYL26fNwopy8ZJlMg1jxLVNeYe65dCpGQ==
expires: Tue, 27 Apr 2021 00:11:18 GMT

GET
H2 200 main-base.min.css
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/gonserdt/css/ 504 KB
505 KB 99ms
28ms Stylesheet
text/css 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/gonserdt/css/main-base.min.css
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf691a4716b5aee523570a1e7b654d52b5a6a4cb8a9fb1c2011b429a0dea7ff2

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:21:26 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:33 GMT
server: AmazonS3
age: 56465
etag: "80b8415332b7a4ede61d7c2984ceee64"
x-cache: Hit from cloudfront
x-amz-version-id: vo9UqSwYY1bTWeY8fElZYqUUjHkB0gbK
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/css
content-length: 516428
x-amz-cf-id: ngasMTdeCTAfATv_GC3afCdAGhieyzMMyz3WE9sdcPbRCgfdiSWP8Q==
expires: Tue, 27 Apr 2021 00:11:32 GMT

GET
H2 200 main.css
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/cfourarticlenotifications/css/ 97 B
512 B 100ms
29ms Stylesheet
text/css 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/cfourarticlenotifications/css/main.css
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bbb9aec1d8e82301b7ad4ebc4ffce0b3a638d73f0f612383713b24e15bdc10df

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:21:26 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:32 GMT
server: AmazonS3
age: 56465
etag: "f1e990495842b2c233a4453e28e3a151"
x-cache: Hit from cloudfront
x-amz-version-id: wWRYDsc_KxEz3rQVJMpuJtkhDmjvcocV
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/css
content-length: 97
x-amz-cf-id: 0r2zP1xGW6a280FLBj4D2Jqf-tqUNmTi5g0Z-tXqf4otxgetqPlX5w==
expires: Tue, 27 Apr 2021 00:11:31 GMT

GET
H2 200 findologic.min.css
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/findologic/css/ 7 KB
7 KB 99ms
28ms Stylesheet
text/css 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/findologic/css/findologic.min.css
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a5cb6f839139172961a3d35b3203f85f6ce4d1e4b96c95825fc1cd870430880

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 06:22:05 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:32 GMT
server: AmazonS3
age: 63626
etag: "7e2339379e0750b1398c3dfda0afded9"
x-cache: Hit from cloudfront
x-amz-version-id: RzDb4ISeSQy5WEnZrJrTmm23soEkGMir
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/css
content-length: 7144
x-amz-cf-id: UeDU1-3GS27XDbDDSW7u-lR56cI8KAnIyHu7J5hFokWFRBLY_50heQ==
expires: Tue, 27 Apr 2021 00:11:31 GMT

GET
H2 200 logo.svg
cdn02.plentymarkets.com/mrt54q44tptl/frontend/ 3 KB
2 KB 100ms
33ms Image
image/svg+xml 65.9.84.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn02.plentymarkets.com/mrt54q44tptl/frontend/logo.svg
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ee5517ab0e70d747f3cf7de5ce07bab4e9553eac8b8b51a1315c743791af92d

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: tJuzNDFQgsecnPl77RFKwKBJEuw8g8h_
content-encoding: gzip
last-modified: Fri, 08 Mar 2019 15:27:11 GMT
server: AmazonS3
age: 59097
etag: W/"b671cd5b08711865c8e600cdbc514587"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 9385401cebb473e4ed1da6c81b927c52.cloudfront.net (CloudFront)
date: Mon, 03 May 2021 07:37:35 GMT
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: MdfKByIvLPAu6raDBG1anKH8slOqDCuj8QvIemPnloXyXzx939P27g==

GET
H2 200 shopping-cart.png
cdn02.plentymarkets.com/mrt54q44tptl/frontend/ 417 B
869 B 101ms
34ms Image
image/png 65.9.84.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn02.plentymarkets.com/mrt54q44tptl/frontend/shopping-cart.png
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d3322d34e84d3827dc942b20698f825e460f2cb09a03f2b9e4c3f26342240ad1

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 08:47:43 GMT
via: 1.1 9385401cebb473e4ed1da6c81b927c52.cloudfront.net (CloudFront)
age: 141289
x-amz-meta-width: 20
x-cache: Hit from cloudfront
x-amz-meta-height: 16
content-length: 417
last-modified: Mon, 07 Jan 2019 11:22:01 GMT
server: AmazonS3
etag: "99da1241726135979217c06609326dc0"
x-amz-version-id: NJIP47K1teolJk11YcyWRyF8wEu4K.dS
cache-control: max-age=172800
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: kvhRNDdM00ajVfoFDJ5Bbujq5hEhe2YbyAaGsdAudLOF6IMsw813Jg==
expires: Wed, 09 Jan 2019 11:22:00 GMT

GET
H2 200 Startseite_Grill_und_Zubehoer_04-21_DE_Web.jpg
cdn10.plentymarkets.com/mrt54q44tptl/frontend/startseite/slideshow_2020/ 435 KB
437 KB 37ms
30ms Image
image/jpeg 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/frontend/startseite/slideshow_2020/Startseite_Grill_und_Zubehoer_04-21_DE_Web.jpg
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f968e31e5ff530e8e45203809c0150f78f669305a5edd40bb509cf7df15387d

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:26:39 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
age: 52553
x-amz-meta-width: 1170
x-cache: Hit from cloudfront
x-amz-meta-height: 454
content-length: 445798
last-modified: Fri, 23 Apr 2021 13:50:03 GMT
server: AmazonS3
etag: "9938b3e36093b19be7c6332afc466ec1"
x-amz-version-id: 9_3r3U8QegWEOBRt_.3i_N5KTd8X26I5
cache-control: max-age=172800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: Xwo2Tl2N_f_xVKr09WA7KG9v5NyOlMWZ_25Uag629Rhwp92EOqRzjQ==
expires: Sun, 25 Apr 2021 13:50:02 GMT

GET
H2 200 zahlart-bankzahlung.png
www.gonser.ch/images/gallery/gonser-2015/zahlarten/ 7 KB
7 KB 28ms
22ms Image
image/png 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/images/gallery/gonser-2015/zahlarten/zahlart-bankzahlung.png
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 263d71d257e8ffa6aeed6dcc1a9b6fe88b61d38c13181eb00115ced54d4a918a

Request headers

:path: /images/gallery/gonser-2015/zahlarten/zahlart-bankzahlung.png
pragma: no-cache
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
last-modified: Tue, 20 Jan 2015 10:13:57 GMT
server: nginx
etag: "54be2a65-1b20"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 6944
expires: Tue, 18 May 2021 00:02:31 GMT

GET
H2 200 zahlart-kreditkarte.png
www.gonser.ch/images/gallery/gonser-2015/zahlarten/ 3 KB
4 KB 29ms
23ms Image
image/png 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/images/gallery/gonser-2015/zahlarten/zahlart-kreditkarte.png
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 483f498432e2432f9878924f6103c26d3ecf1a71a973ced38d9bec843cfe0297

Request headers

:path: /images/gallery/gonser-2015/zahlarten/zahlart-kreditkarte.png
pragma: no-cache
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
last-modified: Thu, 21 Mar 2019 07:48:21 GMT
server: nginx
etag: "5c9341c5-d91"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 3473
expires: Tue, 18 May 2021 00:02:31 GMT

GET
H2 200 zahlart-paypal.png
www.gonser.ch/images/gallery/gonser-2015/zahlarten/ 2 KB
2 KB 29ms
24ms Image
image/png 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/images/gallery/gonser-2015/zahlarten/zahlart-paypal.png
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 63238449f8169563732e486bbd85aa432a13e68d06be671475d9c33b83f0dd79

Request headers

:path: /images/gallery/gonser-2015/zahlarten/zahlart-paypal.png
pragma: no-cache
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
last-modified: Mon, 20 Jun 2016 09:55:41 GMT
server: nginx
etag: "5767bd9d-862"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 2146
expires: Tue, 18 May 2021 00:02:31 GMT

GET
H2 200 zahlart-sofortueberweisung.png
www.gonser.ch/images/gallery/gonser-2015/zahlarten/ 3 KB
3 KB 29ms
24ms Image
image/png 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/images/gallery/gonser-2015/zahlarten/zahlart-sofortueberweisung.png
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6bad27d578e5780e745238f567a9e6722581165379fe9247ac1c72dfa5f6fd38

Request headers

:path: /images/gallery/gonser-2015/zahlarten/zahlart-sofortueberweisung.png
pragma: no-cache
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
last-modified: Tue, 19 Feb 2019 10:17:19 GMT
server: nginx
etag: "5c6bd7af-b5c"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 2908
expires: Tue, 18 May 2021 00:02:31 GMT

GET
H2 200 sicher-einkaufen-footer.png
www.gonser.ch/layout/gonser_2015_20150915/img/ 10 KB
11 KB 29ms
25ms Image
image/png 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/layout/gonser_2015_20150915/img/sicher-einkaufen-footer.png
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1309ba224b27bc03db61a1f96b80571423a4241e03a98502d0f67d05ab440845

Request headers

:path: /layout/gonser_2015_20150915/img/sicher-einkaufen-footer.png
pragma: no-cache
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
last-modified: Thu, 26 Feb 2015 13:19:31 GMT
server: nginx
etag: "54ef1d63-2940"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 10560
expires: Tue, 18 May 2021 00:02:31 GMT

GET
H2 200 footer_facebook.png
www.gonser.ch/layout/gonser_2015_20150915/img/ 1 KB
1 KB 30ms
26ms Image
image/png 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/layout/gonser_2015_20150915/img/footer_facebook.png
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 71d2875f860e7f7cff2d62b30a7a85bb3c7f84e68cff66399c0e27c182c78454

Request headers

:path: /layout/gonser_2015_20150915/img/footer_facebook.png
pragma: no-cache
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
last-modified: Thu, 26 Feb 2015 13:35:01 GMT
server: nginx
etag: "54ef2105-48c"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1164
expires: Tue, 18 May 2021 00:02:31 GMT

GET
H2 200 footer_blog.png
www.gonser.ch/layout/gonser_2015_20150915/img/ 968 B
1 KB 30ms
27ms Image
image/png 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/layout/gonser_2015_20150915/img/footer_blog.png
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fe2187ef1cea930c08986c2ceab529b1601cd9345a2dc346c3e55cfb1b483e29

Request headers

:path: /layout/gonser_2015_20150915/img/footer_blog.png
pragma: no-cache
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
last-modified: Thu, 26 Feb 2015 13:35:08 GMT
server: nginx
etag: "54ef210c-3c8"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 968
expires: Tue, 18 May 2021 00:02:31 GMT

GET
H2 200 ceres-base.min.js Show response
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ 568 KB
569 KB 28ms
27ms Script
text/javascript 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ceres-base.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d6178ebd3651ac0fbafce375ebf1b7c46e54508c8d0e6c4ff1ffeac73484b4f

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:51:29 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:28 GMT
server: AmazonS3
age: 112262
etag: "c83f21cd2d9e7d419a32d53043724ad6"
x-cache: Hit from cloudfront
x-amz-version-id: RdhVkqiJBWmT.kIGmu0Srtd2of7ApYYf
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 581266
x-amz-cf-id: PqYAiNboZ2TTxaCgAeFqC2St4SQQTgZ0BRZ9S19pFzWzG3RTcgLsPg==
expires: Tue, 27 Apr 2021 00:11:27 GMT

GET
H2 200 svg-injector.min.js Show response
cdnjs.cloudflare.com/ajax/libs/svg-injector/1.1.3/ 4 KB
3 KB 57ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/svg-injector/1.1.3/svg-injector.min.js

Requested by

Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a306526fc6a2c25361cccc5ba74de9592c51c225daa00e81e2fea18959d4499

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3636596
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1865
cf-request-id: 09d6480a1e00001f2d1423f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff3-11e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=448tc4KyOOgBdvO9lfV4Gd0FTc763yKj2W4MdHs8JdGWB4WthisXsn7ZpBuVUEcXInZMeEWuvumWtW6cbJ%2FIIaOguwSifSGuru%2BzGUhHJXHLc8Iie%2BLiyKaoHC1Cyye94Q%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 649d75f02e661f2d-FRA
expires: Sun, 24 Apr 2022 00:02:31 GMT

GET
H2 200 filters-component-min.js Show response
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/findologic/js/dist/ 15 KB
15 KB 31ms
28ms Script
text/javascript 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/findologic/js/dist/filters-component-min.js
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5812928833975e41704a340bb60dcd4b3aef43bf9da8b1c758e9b0ff4a7a582d

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 01:15:38 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:32 GMT
server: AmazonS3
age: 82014
etag: "fd434a63e4405ea5b5df3eaf8686f7e2"
x-cache: Hit from cloudfront
x-amz-version-id: gdO8lXwtWtUMr8Y.CCMqDR7H_4QUz91i
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 15163
x-amz-cf-id: 6gZFrYL4Oc7UdZOtJnfXTwOg8qRWNbzP3YSy1iFNIx3Xc7ROsJpdbg==
expires: Tue, 27 Apr 2021 00:11:31 GMT

GET
H2 200 jquery.fancybox.min.js Show response
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.1/dist/ 51 KB
17 KB 143ms
143ms Script
application/javascript 151.101.114.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.1/dist/jquery.fancybox.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3f27849fbcb7ec27f0e71094e146f71be03c431f73a8c9c021a4462a39df5a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 16654
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 16772
etag: W/"cdb1-/n8FFMBOB+Zo3nkJfnEje9rQoiQ"
x-served-by: cache-fra19165-FRA, cache-hhn4032-HHN
date: Tue, 04 May 2021 00:02:31 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css
fonts.googleapis.com/ 9 KB
831 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap

Requested by

Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/gonserdt/css/main-base.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc9a4312d75cfdd9988ce23c743e83536e40c23f09f8e3ed3311093e95409943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn10.plentymarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 23:26:45 GMT
server: ESF
date: Tue, 04 May 2021 00:02:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 00:02:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 170 KB
57 KB 30ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TP425ZH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a07686bad99f9f1570118de341caf346848b3bba2c5f49703c59583f039f181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58108
x-xss-protection: 0
expires: Tue, 04 May 2021 00:02:31 GMT

GET
H2 200 main.css
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/feedback/css/ 10 KB
10 KB 31ms
29ms Stylesheet
text/css 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/feedback/css/main.css
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f446df74eaa83a2c4f4c62fbd027e36c01661f96822f053f26db7beb429cd3e8

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 08:21:27 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:31 GMT
server: AmazonS3
age: 56465
etag: "5c9406cc989c4eac2e2980e54b9c3feb"
x-cache: Hit from cloudfront
x-amz-version-id: uYjQuiAOdHI7UsGvA9yq84Jvp4CO7ZJt
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/css
content-length: 9862
x-amz-cf-id: QPuRruLg8iU2T4rHek7zUa81saNX5HMujWneJtmhhbn5oeQtf5XZmQ==
expires: Tue, 27 Apr 2021 00:11:30 GMT

GET
H2 200 hintergrund.png
www.gonser.ch/layout/gonser_2015_20171113/img/ 7 KB
8 KB 36ms
20ms Image
image/png 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/layout/gonser_2015_20171113/img/hintergrund.png
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/gonserdt/css/main-base.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2a5715197eb96bb39f8f4efe44343adb47b1fdaab45e7da970d1afa38448ea50

Request headers

:path: /layout/gonser_2015_20171113/img/hintergrund.png
pragma: no-cache
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://cdn10.plentymarkets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cdn10.plentymarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
last-modified: Mon, 20 Jun 2016 07:51:12 GMT
server: nginx
etag: "5767a070-1dce"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 7630
expires: Tue, 18 May 2021 00:02:31 GMT

GET
H2 200 menuebild-24.jpg
www.gonser.ch/images/gallery/gonser-2015/menuebilder/ 26 KB
26 KB 34ms
22ms Image
image/jpeg 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/images/gallery/gonser-2015/menuebilder/menuebild-24.jpg
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/gonserdt/css/main-base.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 85baa67b6e630a446f4bd1fcd8db03e23268c2f7af7171b3c011a0107b4e5765

Request headers

:path: /images/gallery/gonser-2015/menuebilder/menuebild-24.jpg
pragma: no-cache
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://cdn10.plentymarkets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cdn10.plentymarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
last-modified: Thu, 17 Sep 2015 09:23:05 GMT
server: nginx
x-nginx-image: Resized
etag: "55fa8679-686f"
content-type: image/jpeg
cache-control: max-age=1209600
content-length: 26735
expires: Tue, 18 May 2021 00:02:31 GMT

GET
H2 200 menuebild-193-2.jpg
www.gonser.ch/images/gallery/gonser-2015/menuebilder/ 22 KB
22 KB 35ms
24ms Image
image/jpeg 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/images/gallery/gonser-2015/menuebilder/menuebild-193-2.jpg
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/gonserdt/css/main-base.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9c17f7641c292d904bc694ca5582287de651a98b873434862099959d0d912ef5

Request headers

:path: /images/gallery/gonser-2015/menuebilder/menuebild-193-2.jpg
pragma: no-cache
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://cdn10.plentymarkets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cdn10.plentymarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
last-modified: Thu, 24 May 2018 12:36:47 GMT
server: nginx
x-nginx-image: Resized
etag: "5b06b1df-58ff"
content-type: image/jpeg
cache-control: max-age=1209600
content-length: 22783
expires: Tue, 18 May 2021 00:02:31 GMT

GET
H2 200 menuebild-167.jpg
www.gonser.ch/images/gallery/gonser-2015/menuebilder/ 31 KB
32 KB 34ms
25ms Image
image/jpeg 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/images/gallery/gonser-2015/menuebilder/menuebild-167.jpg
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/gonserdt/css/main-base.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bafa38e691539928bf93936e48240e22e36c288496ec7bcda16a8b090095bb57

Request headers

:path: /images/gallery/gonser-2015/menuebilder/menuebild-167.jpg
pragma: no-cache
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://cdn10.plentymarkets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cdn10.plentymarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
last-modified: Tue, 20 Jan 2015 09:20:08 GMT
server: nginx
x-nginx-image: Resized
etag: "54be1dc8-7d4f"
content-type: image/jpeg
cache-control: max-age=1209600
content-length: 32079
expires: Tue, 18 May 2021 00:02:31 GMT

GET
H2 200 menuebild-223.jpg
www.gonser.ch/images/gallery/gonser-2015/menuebilder/ 24 KB
25 KB 37ms
28ms Image
image/jpeg 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/images/gallery/gonser-2015/menuebilder/menuebild-223.jpg
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/gonserdt/css/main-base.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 57809464d54046b0288d0dd158529b275867d4bb425cf385696241bc955bff0b

Request headers

:path: /images/gallery/gonser-2015/menuebilder/menuebild-223.jpg
pragma: no-cache
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://cdn10.plentymarkets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cdn10.plentymarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
last-modified: Thu, 13 Oct 2016 09:56:06 GMT
server: nginx
x-nginx-image: Resized
etag: "57ff5a36-6159"
content-type: image/jpeg
cache-control: max-age=1209600
content-length: 24921
expires: Tue, 18 May 2021 00:02:31 GMT

GET
H2 200 menuebild-99-2.jpg
www.gonser.ch/images/gallery/gonser-2015/menuebilder/ 25 KB
25 KB 42ms
34ms Image
image/jpeg 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/images/gallery/gonser-2015/menuebilder/menuebild-99-2.jpg
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/gonserdt/css/main-base.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 028ebb9e7486ff4dfe159a084de6239ad17b4e9a21ed2816a4a84b73a84d5794

Request headers

:path: /images/gallery/gonser-2015/menuebilder/menuebild-99-2.jpg
pragma: no-cache
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://cdn10.plentymarkets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cdn10.plentymarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
last-modified: Thu, 24 May 2018 12:48:58 GMT
server: nginx
x-nginx-image: Resized
etag: "5b06b4ba-6329"
content-type: image/jpeg
cache-control: max-age=1209600
content-length: 25385
expires: Tue, 18 May 2021 00:02:31 GMT

GET
H2 200 menuebild-82.jpg
www.gonser.ch/images/gallery/gonser-2015/menuebilder/ 10 KB
10 KB 43ms
35ms Image
image/jpeg 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/images/gallery/gonser-2015/menuebilder/menuebild-82.jpg
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/gonserdt/css/main-base.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0ca889ef77939a842e23efde134019e4bc994afe490d495e3ae775acb8dd41e4

Request headers

:path: /images/gallery/gonser-2015/menuebilder/menuebild-82.jpg
pragma: no-cache
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://cdn10.plentymarkets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cdn10.plentymarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
last-modified: Tue, 20 Jan 2015 10:56:19 GMT
server: nginx
x-nginx-image: Resized
etag: W/"54be3453-487b"
content-type: image/jpeg
cache-control: max-age=1209600
content-length: 9932
expires: Tue, 18 May 2021 00:02:31 GMT

GET
H2 200 menuebild-91.jpg
www.gonser.ch/images/gallery/gonser-2015/menuebilder/ 8 KB
8 KB 42ms
36ms Image
image/jpeg 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/images/gallery/gonser-2015/menuebilder/menuebild-91.jpg
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/gonserdt/css/main-base.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 010cef1e54b072ce90408423f0994e332cccdfbdeb2422e363587896fdda487c

Request headers

:path: /images/gallery/gonser-2015/menuebilder/menuebild-91.jpg
pragma: no-cache
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://cdn10.plentymarkets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cdn10.plentymarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
last-modified: Tue, 20 Jan 2015 11:23:08 GMT
server: nginx
x-nginx-image: Resized
etag: W/"54be3a9c-38e3"
content-type: image/jpeg
cache-control: max-age=1209600
content-length: 7905
expires: Tue, 18 May 2021 00:02:31 GMT

GET
H2 200 menuebild-403.jpg
www.gonser.ch/images/gallery/gonser-2015/menuebilder/ 28 KB
29 KB 45ms
38ms Image
image/jpeg 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/images/gallery/gonser-2015/menuebilder/menuebild-403.jpg
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/gonserdt/css/main-base.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2194a482d5318ea04b18c274ec9bfe99a8c71bb9897e802063e7e849557e8d23

Request headers

:path: /images/gallery/gonser-2015/menuebilder/menuebild-403.jpg
pragma: no-cache
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://cdn10.plentymarkets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://cdn10.plentymarkets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
last-modified: Wed, 16 Sep 2015 13:06:20 GMT
server: nginx
x-nginx-image: Resized
etag: "55f9694c-7194"
content-type: image/jpeg
cache-control: max-age=1209600
content-length: 29076
expires: Tue, 18 May 2021 00:02:31 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gonser.ch
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 598314
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 27 Apr 2022 01:50:37 GMT

GET
H2 200 fontawesome-webfont.woff2
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/gonserdt/documents/fonts/ 70 KB
71 KB 126ms
46ms Font
application/octet-stream 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/gonserdt/documents/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/gonserdt/css/main-base.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin: https://www.gonser.ch
Referer: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/gonserdt/css/main-base.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 11:06:36 GMT
via: 1.1 dbf5a139061b80ff53ac8f18a1e0b49f.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 46556
x-cache: Hit from cloudfront
content-length: 71896
last-modified: Tue, 20 Apr 2021 00:11:40 GMT
server: AmazonS3
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: FFQCh1g6HSFKhkwYooGxib0N51pTksCu
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: pkFSmWAkPQwy9MlZtNEdUuDOH7c-cxfcdZ6JpKPON4UvjtBu9ibLnQ==
expires: Tue, 27 Apr 2021 00:11:39 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gonser.ch
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 20:40:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 530513
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Wed, 27 Apr 2022 20:40:38 GMT

GET
H2 200 / Show response
www.gonser.ch/rest/io/basket/ 753 B
825 B 137ms
135ms XHR
text/html 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gonser.ch/rest/io/basket/?templateType=home&_=1620086551314
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ceres-base.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5d510ae375fa0e1b84c32d26bb09026a48adc492fe41a0392ecc1cdad751d3d7

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
:path: /rest/io/basket/?templateType=home&_=1620086551314
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.gonser.ch
referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
X-Requested-With: XMLHttpRequest
Accept-Language: de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
cache-control: no-cache, private
server: nginx
set-cookie: plentyID=eyJpdiI6IlV6UnF1XC9CcXF4blVrOWt1VDNnYUhRPT0iLCJ2YWx1ZSI6Im5ya3pDK3pVb3Azc0dJWHpDZ29wclpDdzVyWWhKNHFxVkFEMmVXOEM5N0s1V0RNbDhOTXZZUVZOS1AyeUxmQWciLCJtYWMiOiIxODFhMTFkMTYzYzA0ZDViYjg1MGM0YWJjZGI0NGY5ZmI4NmI3YWNmYWZjZWJmZmE0YjRmZTQwNzhiMTY3N2FiIn0%3D; expires=Thu, 12-Aug-2021 00:02:31 GMT; Max-Age=8640000; path=/; domain=.gonser.ch; secure; httponly
content-encoding: gzip
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
www.gonser.ch/rest/io/basket/items/ 23 B
460 B 167ms
165ms XHR
text/html 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gonser.ch/rest/io/basket/items/?template=Ceres%3A%3ABasket.Basket&templateType=home&_=1620086551315
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ceres-base.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 87a2f8365c65b08bc824cecca8cefe071bbb0312957d3842b0557b3dbaed3fff

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
:path: /rest/io/basket/items/?template=Ceres%3A%3ABasket.Basket&templateType=home&_=1620086551315
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.gonser.ch
referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
X-Requested-With: XMLHttpRequest
Accept-Language: de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
cache-control: no-cache, private
server: nginx
set-cookie: plentyID=eyJpdiI6IlhCNlJ2bjU2c2Y1TGhOc0ZKQk9oSUE9PSIsInZhbHVlIjoiaFR3UEJwU25YSEZsVEc4NUtUaHZOV214VWwyM1wvc0ZNMUJhNDdxcGhmXC92YSszUkhwT1ZWaDFhKzgwdjJHckRkIiwibWFjIjoiYjYwZjgyZjU3ZWY3MWU0M2IwODgwMGFiNjljNzQ1YTE4NDgzYTA5YjkyOTUzNWU3ZDUwMTlmZmZkYzEwODA2MiJ9; expires=Thu, 12-Aug-2021 00:02:31 GMT; Max-Age=8640000; path=/; domain=.gonser.ch; secure; httponly
content-encoding: gzip
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
www.gonser.ch/rest/io/customer/ 25 B
468 B 126ms
125ms XHR
text/html 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gonser.ch/rest/io/customer/?templateType=home
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ceres-base.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f58ace84e88735de6302205e795e8e425f9ba4ced96a12a5867148a5c964acfb

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: plentyID=eyJpdiI6ImNWZjlITkFFcFhzdEkyTld2MjlEckE9PSIsInZhbHVlIjoiaE9Xc3lEZzZ5R1JKaDJjN3pqdWs3U0FORHVudVFwa3FsSTRYNStcL0JWSEQya2dldkdGM2J3dlordFpFcDBLYnMiLCJtYWMiOiI5MGU5NTA0NDA2OTdhM2YzYzQ1YjM5YjAzOTg4OTJhZDRlNWEyZTk2ZDgwZjRhNjQ5NmIzODkyZWZhZjRkMTA0In0%3D
:path: /rest/io/customer/?templateType=home
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.gonser.ch
referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
X-Requested-With: XMLHttpRequest
Accept-Language: de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
cache-control: no-cache, private
server: nginx
set-cookie: plentyID=eyJpdiI6Ilp2TDZocUhrSUIxRVl4T0I5Kzkyc0E9PSIsInZhbHVlIjoiN1hKVmExMXRmTWRDNDQ0Mll6ejlkY3JcLzNhRSsyWHAzcWxudldLYjI2ejNFa3UwelYzK2IxK1BCWFNNSzVYTXgiLCJtYWMiOiIwMjY4NDJhNDc5NTM4YjYwNTRkNDNmMzI4NzAwNWZhNjIxZjFiZjgxMTQwNTNjNWY1YTI2NjZkNjI5NjJmZTk5In0%3D; expires=Thu, 12-Aug-2021 00:02:31 GMT; Max-Age=8640000; path=/; domain=.gonser.ch; secure; httponly
content-encoding: gzip
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 ceres-48.min.js Show response
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ 3 KB
3 KB 24ms
24ms Script
text/javascript 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ceres-48.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ceres-base.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5141d75e689daebfcb48d486032ea2797c1f16f4b2a27f3d3b1cd891c53818c1

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 15:03:13 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:28 GMT
server: AmazonS3
age: 118758
etag: "0475196b2a95a3a7569f2253ac4e5389"
x-cache: Hit from cloudfront
x-amz-version-id: 2KuDdagN3FoOJKL2xzQSj9M7Km2bqJCO
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 3057
x-amz-cf-id: m1wY37wwDCQ-vv8vhatD-irqtyc5-jxyXbBoVEXmlbH_OfJ3Bnilhw==
expires: Tue, 27 Apr 2021 00:11:27 GMT

GET
H2 200 ceres-19.min.js Show response
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ 5 KB
6 KB 24ms
24ms Script
text/javascript 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ceres-19.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ceres-base.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed1b3d93b1d4d4e593d7b07fe0e1d8cfd0cdd9410596547c06b1bb5ef9fd628b

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 15:03:13 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:28 GMT
server: AmazonS3
age: 118758
etag: "65cc611f19b132aa4aa89cf14e01d845"
x-cache: Hit from cloudfront
x-amz-version-id: kIn1mUfXgGS2PjiSrzbHukTbB6.jrRue
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 5358
x-amz-cf-id: DQo1uANzBK9VS5SS1-2gEqDq_YSUsrn2V3bD4OvILg3-LzQI8ZMlpA==
expires: Tue, 27 Apr 2021 00:11:27 GMT

GET
H2 200 ceres-17.min.js Show response
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ 13 KB
13 KB 24ms
24ms Script
text/javascript 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ceres-17.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ceres-base.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37f5811ee6b17fb6568094cf17ad70e8847616ce0c42da9709df94e06595f603

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:51:30 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:28 GMT
server: AmazonS3
age: 112262
etag: "0af08eab77583e3c99518d7152604a6b"
x-cache: Hit from cloudfront
x-amz-version-id: eJO0nQaltLqNtq2.pQaMq29YWzf2Avzd
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 13030
x-amz-cf-id: zwLiHDmv37u0mhouC2KqKlyeig0CM4bShRY1QNVGaF6Vn3ysqja0cQ==
expires: Tue, 27 Apr 2021 00:11:27 GMT

GET
H2 200 ceres-11.min.js Show response
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ 6 KB
6 KB 26ms
25ms Script
text/javascript 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ceres-11.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ceres-base.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df355dc7d56ee94befe907edb2da5f9f680704139d1e0ffbe0c4c19a57166263

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 15:03:13 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:27 GMT
server: AmazonS3
age: 118759
etag: "d617a7f6ec615b6b7e73051fe82301a0"
x-cache: Hit from cloudfront
x-amz-version-id: 5iaG.tTDwAmlNdIh7PfwD31zVqCIDjgB
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 6043
x-amz-cf-id: q40FN6acFJcZatDQEFESsGBMKjoep2sQ0eWMaR8tE_g1T1qfCZweVQ==
expires: Tue, 27 Apr 2021 00:11:26 GMT

GET
H2 200 ceres-46.min.js Show response
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ 3 KB
3 KB 26ms
26ms Script
text/javascript 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ceres-46.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ceres-base.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff5f297251fd007ada40124892ba3fceb370a857e61c2a6a66f2132955ba01b3

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 15:03:13 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:27 GMT
server: AmazonS3
age: 118758
etag: "1a002c2289e59b908e396ea8343757ee"
x-cache: Hit from cloudfront
x-amz-version-id: h_YJ0dqRC1BRn35rVfes.ypqKxa8s8Pd
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 2764
x-amz-cf-id: l40KE1-hXlH1ooP6l86JUsbvjHXKdtqSCXVxdscRvM_CRrCFRG-YmA==
expires: Tue, 27 Apr 2021 00:11:26 GMT

GET
H2 200 ceres-5.min.js Show response
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ 78 KB
78 KB 25ms
25ms Script
text/javascript 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ceres-5.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ceres-base.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b9fa6b47fe8ff761081243300f6365067cb56367c0ec4ad74314a729d4e1d16

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:51:30 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:27 GMT
server: AmazonS3
age: 112262
etag: "88f927d6358cbd4a31e3e681ccabed9e"
x-cache: Hit from cloudfront
x-amz-version-id: h.cN8sQZrr0a8RtRUjm6V2e529N0k2y8
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 79467
x-amz-cf-id: ARVACsX5KR3ol-JxlaRqmYYrGdQ4wnsrsykwyD34boSDaR9qePL61A==
expires: Tue, 27 Apr 2021 00:11:26 GMT

GET
H2 200 ceres-18.min.js Show response
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ 6 KB
7 KB 27ms
26ms Script
text/javascript 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ceres-18.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ceres-base.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23549c754483396f757217e23f5735d613b4a5b9371c06c7a073e086ff146aa7

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:51:30 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:27 GMT
server: AmazonS3
age: 112262
etag: "8a92b2cbbbf18592f517f9bccf24b971"
x-cache: Hit from cloudfront
x-amz-version-id: WZgbVwl5ycppT_.E7Z2vx.LgQtSOefVd
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 6338
x-amz-cf-id: SsvthEuJ4DYLZiyNzimM7Ru8kDQG1aOzzREWGDbwPA_q2MZXyYbCmw==
expires: Tue, 27 Apr 2021 00:11:26 GMT

GET
H2 200 ceres-26.min.js Show response
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ 4 KB
5 KB 28ms
28ms Script
text/javascript 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ceres-26.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ceres-base.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 814c2610b8322a5e04506726f035caa9ed74eec834af27c2dfc60c94919b28a6

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:51:30 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:27 GMT
server: AmazonS3
age: 112262
etag: "25cc64cc6056f2ca13eaab12d7107de5"
x-cache: Hit from cloudfront
x-amz-version-id: O4Qxi3iBesxJPp0i_z9pgtxGfoEdFzWu
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 4418
x-amz-cf-id: B2GnSA7TX4Id9RQvAUWBQDog3WpSHXf58ncNY8MGjZlXNvrEKCdh7w==
expires: Tue, 27 Apr 2021 00:11:26 GMT

GET
H2 200 ceres-45.min.js Show response
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ 906 B
1 KB 26ms
24ms Script
text/javascript 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ceres-45.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ceres-base.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e8cc5e854a8efec968751ed0cc28419077cdb259cdee4bc2c7c343be561da77

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:51:30 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:27 GMT
server: AmazonS3
age: 112262
etag: "66db95f2d59110fc88deef91371d21ed"
x-cache: Hit from cloudfront
x-amz-version-id: h5Cwh1aGDxywQx3QEejeQBo07YALjFtc
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 906
x-amz-cf-id: 34TaItADrOCns_wsTaUgTk903VcIutFgKDR9MDsAJj-WtqdacHzDMQ==
expires: Tue, 27 Apr 2021 00:11:26 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 loader.min.js Show response
cdn.findologic.com/static/ 17 KB
7 KB 42ms
8ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.findologic.com/static/loader.min.js
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 3a831b2949d080b9ab402c2c968b99590a24b0bc2177c3de548bb318bd96689d

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1rzVhFzvvPlcAAA==
date: Tue, 04 May 2021 00:02:31 GMT
content-encoding: br
etag: W/"5f69a32b-45fe"
last-modified: Tue, 22 Sep 2020 07:09:31 GMT
server: CDN77-Turbo
x-77-nzt-ray: uPza/Vf6Fww=
x-77-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-cache: HIT
x-age: 22334
x-77-pop: frankfurtDE
expires: Thu, 24 Dec 2020 17:47:59 GMT

GET
H2 200 formload.php Show response
gonser-services.ch/toner/ 623 B
843 B 72ms
21ms Script
text/plain 2a01:ab20:0:203::52
CYON

General

Check archive.org

Show headers Download Go to

Full URL: https://gonser-services.ch/toner/formload.php?callback=jQuery35105308469610053599_1620086551316&fn_load=start&lang=de&_=1620086551317
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ceres-base.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:ab20:0:203::52 , Switzerland, ASN47302 (CYON, CH),
Reverse DNS
Software: /
Resource Hash: bca70781003218de9b40526bf839743abb108642b539b63958e2aea7f3cae0c2

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-type: access-control-allow-methods: get

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP425ZH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1316
date: Mon, 03 May 2021 23:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 04 May 2021 01:40:35 GMT

GET
H2 200 14619.js Show response
www.dwin1.com/ 24 KB
7 KB 79ms
37ms Script
application/javascript 2600:9000:2104:2600:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/14619.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP425ZH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:2600:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a20d7d126f2764f575487ba49d6a3446cafb5225520bb36cd8d463dd33fdf3a

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: NNR3mlrU2jWo6fZMcv._jH1XHvE3_uyR
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 10:47:41 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-C1
etag: W/"b6368d67e8fa56982563ab3babb86c44"
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, s-maxage=600
date: Tue, 04 May 2021 00:02:31 GMT
x-amz-replication-status: COMPLETED
x-cache: Hit from cloudfront
x-amz-cf-id: hbZbc7F8zBluh7r5k3iD_NK1uHVv1dxWmj7owba7_YUcKsbRVTkcIQ==
via: 1.1 d3d7cb5a7de36091f7284546b4190a33.cloudfront.net (CloudFront)

GET
H2 200 lila.js Show response
tc.connects.ch/ 16 KB
5 KB 103ms
25ms Script
application/javascript 84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://tc.connects.ch/lila.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP425ZH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),

Reverse DNS

Software

nginx /

Resource Hash

2bbd412bfc6e2aefaee5cf0648ad34e5ae55f21b7baec795169ad9d1a5361883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Oct 2020 13:24:42 GMT
server: nginx
etag: W/"5f7c701a-3f97"
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 52ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP425ZH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:31 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 17:21:02 GMT
x-msedge-ref: Ref A: A9922F9575EC4A70A2D6435311853F5D Ref B: FRAEDGE1506 Ref C: 2021-05-04T00:02:31Z
etag: "0d398608930d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8910

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 308ms
284ms Script
application/javascript 2a04:4e42:1b::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP425ZH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 337c5824e8502220398b84ba82ac409c2139beba4083b7f9d430911f6038b69f

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:32 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "bd6bc0ee8c67107934ef9487b4afc41d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: r.lnk8j7.com
URL: https://r.lnk8j7.com/link/br/fJoGTf5ZnnYKYeKGfzUgo?u=http%3A%2F%2Fcapitalonebankcard.com&campaign_id=fxQJojW2AQU7XrX3b49nMB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: GpsVTM97Sw/Rs6V4sOP0ydTlSeSyoqLPfib+rmaqB3d3wbWffWjUESqaFrYItOIWwUMrGhR6ZoUacM87bF1eeg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 04 May 2021 00:02:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 58w5cewy4kt2.js Show response
js.driftt.com/include/1620086700000/ 214 KB
61 KB 372ms
317ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1620086700000/58w5cewy4kt2.js

Requested by

Host: r.lnk8j7.com
URL: https://r.lnk8j7.com/link/br/fJoGTf5ZnnYKYeKGfzUgo?u=http%3A%2F%2Fcapitalonebankcard.com&campaign_id=fxQJojW2AQU7XrX3b49nMB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

78fbb3a5eec2541f75ac4d79c190197f4e337da8777f95e17a4a0ed82ea58629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: KVrHIz.usRV4csMzXeNAiGdPnCViQH16
content-encoding: gzip
etag: W/"f6ad1f12126f1152b37605ef789f61b1"
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 17:13:20 GMT
server: nginx
date: Tue, 04 May 2021 00:02:32 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7AYywYMxAAYtB83eDNc5xxOVEaUnbzzHcY4spEkUyYoV-F-2qrdR1w==

GET
H2 200 ceres-15.min.js Show response
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ 17 KB
18 KB 25ms
24ms Script
text/javascript 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ceres-15.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ceres-base.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d52d642dbd9ecfbefd4da4ec8d937484ec2e655923912909d872c51ed7cadd2

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 16:51:30 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:26 GMT
server: AmazonS3
age: 112263
etag: "b8126b42db26afe969eae8992ce4b74d"
x-cache: Hit from cloudfront
x-amz-version-id: JkeOVbjr3TMMCItQORoTxw9aShBg2Fp.
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 17776
x-amz-cf-id: 9plwr_JKkKYg7EupFvBs99i_FVmGckXIvpd1UsZInC74vS0WomwrOA==
expires: Tue, 27 Apr 2021 00:11:25 GMT

GET
H2 200 ceres-20.min.js Show response
cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ 8 KB
9 KB 26ms
25ms Script
text/javascript 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/chunks/ceres-20.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Requested by: Host: cdn10.plentymarkets.com
URL: https://cdn10.plentymarkets.com/mrt54q44tptl/plugin/44/ceres/js/dist/ceres-base.min.js?v=d92d76596f1ed0780ba5469c9d1bfee6849db850
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b89d3e0e1d4a7def18a1802b6425d95a670f6854d6b1a67fcf220004b8fdd071

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 15:03:14 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 00:11:28 GMT
server: AmazonS3
age: 118759
etag: "4bdea4fb48876af056360d8a4792aca0"
x-cache: Hit from cloudfront
x-amz-version-id: nCcQThBSuh175sV4qZbFosw0kFXjW3on
cache-control: max-age=604800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: text/javascript
content-length: 8647
x-amz-cf-id: BzhEthdEbiQoc8sOKBHD_OLJze9EXWxZDILR6imrsIL_awMfZYGRTA==
expires: Tue, 27 Apr 2021 00:11:27 GMT

GET
H2 200 gonserbox-klein.png
www.gonser.ch/layout/gonser_2015_20190704/img/ 6 KB
6 KB 21ms
20ms Image
image/png 18.193.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gonser.ch/layout/gonser_2015_20190704/img/gonserbox-klein.png
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.193.98.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-4.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6824695692a6ccb50cd16bfce8cbcc2a1c6e6e1adf3578ce9e6b423106414157

Request headers

:path: /layout/gonser_2015_20190704/img/gonserbox-klein.png
pragma: no-cache
cookie: plentyID=eyJpdiI6IlhCNlJ2bjU2c2Y1TGhOc0ZKQk9oSUE9PSIsInZhbHVlIjoiaFR3UEJwU25YSEZsVEc4NUtUaHZOV214VWwyM1wvc0ZNMUJhNDdxcGhmXC92YSszUkhwT1ZWaDFhKzgwdjJHckRkIiwibWFjIjoiYjYwZjgyZjU3ZWY3MWU0M2IwODgwMGFiNjljNzQ1YTE4NDgzYTA5YjkyOTUzNWU3ZDUwMTlmZmZkYzEwODA2MiJ9; showChat=true; _gcl_au=1.1.1160200422.1620086552
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.gonser.ch
referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:32 GMT
last-modified: Fri, 08 Mar 2019 13:10:39 GMT
server: nginx
etag: "5c8269cf-16d4"
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 5844
expires: Tue, 18 May 2021 00:02:32 GMT

GET
H2 200 Teaserbox_Aktenschrank_04-21.jpg
cdn10.plentymarkets.com/mrt54q44tptl/frontend/startseite/teaser/ 74 KB
75 KB 31ms
31ms Image
image/jpeg 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/frontend/startseite/teaser/Teaserbox_Aktenschrank_04-21.jpg
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9cc016821d012dfa8d0addafb149af61c8d0772c1546ab27241fa8bdcb95a279

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 07:42:56 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
age: 145177
x-amz-meta-width: 600
x-cache: Hit from cloudfront
x-amz-meta-height: 430
content-length: 75920
last-modified: Thu, 22 Apr 2021 10:34:54 GMT
server: AmazonS3
etag: "c2742c5a19d79deca893a876a97bcaae"
x-amz-version-id: AaZQpapk367UFdkJQFE03GRb_2sdXi7o
cache-control: max-age=172800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: 2mUHcbQFzmY0lz5A55fscjqjK2kneBWAZ_Bwji04YxSxFaR5KVaGkQ==
expires: Sat, 24 Apr 2021 10:34:53 GMT

GET
H2 200 Teaserbox_Sitzhocker_04-21.jpg
cdn10.plentymarkets.com/mrt54q44tptl/frontend/startseite/teaser/ 143 KB
144 KB 33ms
29ms Image
image/jpeg 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/frontend/startseite/teaser/Teaserbox_Sitzhocker_04-21.jpg
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18fd1575b10125807103f4c1a232cfeaaeedf7baf74a86598ede6bae6d23b828

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:11:21 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
age: 53472
x-amz-meta-width: 600
x-cache: Hit from cloudfront
x-amz-meta-height: 430
content-length: 146408
last-modified: Fri, 30 Apr 2021 09:33:28 GMT
server: AmazonS3
etag: "eacd80fba036f0533cc5274bc2c27514"
x-amz-version-id: ZdmzqbX9Gz0HtXGFfY0bpP0WfuP.WtWF
cache-control: max-age=172800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: c-2adtod15dpgfBTxQuGrRhRn-4dskgShtJ55Lkub4I03vaaUhzjZw==
expires: Sun, 02 May 2021 09:33:27 GMT

GET
H2 200 Teaserbox_Strandkoerbe_neu.jpg
cdn10.plentymarkets.com/mrt54q44tptl/frontend/startseite/teaser/ 357 KB
358 KB 32ms
30ms Image
image/jpeg 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/frontend/startseite/teaser/Teaserbox_Strandkoerbe_neu.jpg
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f994806adf9626a0928ae332215d4ecd0a6cc4c3675482764c90ffffb68df78

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 12:08:37 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
age: 42836
x-amz-meta-width: 600
x-cache: Hit from cloudfront
x-amz-meta-height: 430
content-length: 365254
last-modified: Fri, 23 Apr 2021 14:00:40 GMT
server: AmazonS3
etag: "9a1a0ea396dd59f6014293a7248ef351"
x-amz-version-id: 5S.ddzQwEXHyum_1HFY6Tq4CzUOrpadW
cache-control: max-age=172800
x-amz-cf-pop: HAM50-C1
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: onasfPMdM7IEY0Vz-_8p3bl_Otgu1JcjrZ4dqaljexYKuB9xlsDzeA==
expires: Sun, 25 Apr 2021 14:00:39 GMT

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 87 KB
34 KB 32ms
26ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-WJQNM97&t=gtm12&cid=1433292483.1620086552&aip=true

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a1db3cde7ae485c2ba1b417afd72d8d10610ffc7783f19abaaf74db42227dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:32 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34937
x-xss-protection: 0
expires: Tue, 04 May 2021 00:02:32 GMT

GET
H3-29 200 1844237665864323 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 241ms
240ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1844237665864323?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

289f3870dae134cb32ffcdc517a271b108c955ede6ade89835f4e6fb5aaf93d0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: QmycnwcHAWmg0DJkJ/VLamffUiVsCH9Wc03bfuyuWdYqsuYxW0W6aZgvBrsgDYEc+jCdGu30fYs6HO52BzonrQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Tue, 04 May 2021 00:02:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 5475401 Show response
bat.bing.com/p/action/ 0
126 B 47ms
47ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5475401
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 04 May 2021 00:02:31 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 78BA023E9B844E9C8A6170E4F52AEA30 Ref B: FRAEDGE1506 Ref C: 2021-05-04T00:02:32Z
x-powered-by: ARR/3.0

GET
H2 204 0
bat.bing.com/action/ 0
149 B 41ms
40ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5475401&tm=gtm001&Ver=2&mid=90b918f4-330f-468c-b230-c911ae10fcad&sid=062a8e10ac6c11eba8637196112c2ac0&vid=062b20a0ac6c11eb9ad2373aa48775c0&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Online%20Shop%20Gonser%20-%20Sicher%20%26%20G%C3%BCnstig%20einkaufen&p=https%3A%2F%2Fwww.gonser.ch%2F%3Flea_source%3D202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009%26utm_source%3DAdgoal.net%26utm_medium%3Daffiliate&r=https%3A%2F%2Fwww.searchfor.org%2F&lt=2035&evt=pageLoad&msclkid=N&sv=1&rn=140874
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 04 May 2021 00:02:31 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 539CBAD4B6C54E49B5E328B4E8D990FA Ref B: FRAEDGE1506 Ref C: 2021-05-04T00:02:32Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.js Show response
cdn.findologic.com/static/7E9A9379AE7E32EF16125378F75D8CFF/ 15 KB
5 KB 1870ms
1790ms Script
application/javascript 2a02:6ea0:c700::4
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.findologic.com/static/7E9A9379AE7E32EF16125378F75D8CFF/main.js?usergrouphash=
Requested by: Host: cdn.findologic.com
URL: https://cdn.findologic.com/static/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2296b231b2626e942d6fed4272180dda619828a26eb0de538df08c0598102575

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1rzW1hM3OEQAAAA==
date: Tue, 04 May 2021 00:02:34 GMT
content-encoding: br
etag: W/"608ae95e-3b14"
last-modified: Thu, 29 Apr 2021 17:14:06 GMT
server: CDN77-Turbo
x-77-nzt-ray: KnRoHrKCvkw=
x-77-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1
x-cache: REVALIDATED
x-age: 17
x-77-pop: frankfurtDE
expires: Thu, 29 Apr 2021 17:16:26 GMT

GET
H2 200 main.174fc5ea.js Show response
s.pinimg.com/ct/lib/ 48 KB
17 KB 317ms
268ms Script
application/javascript 2a04:4e42:1b::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.174fc5ea.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1a6d2c0675a46c16261ab620e5eda102fdfb5d085391347db3306bf872a90664

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:32 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "b34201d87a68e217179821df4a24c060"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 17102
access-control-expose-headers: X-CDN

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 23:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3504
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Tue, 04 May 2021 00:04:08 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 18ms
17ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-39673853-1&cid=1433292483.1620086552&jid=109023784&gjid=825695300&_gid=2082335348.1620086552&_u=aGDAgEALQAAAAE~&z=1282503414

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 04 May 2021 00:02:32 GMT
content-type: text/plain
access-control-allow-origin: https://www.gonser.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 25ms
24ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&aip=1&a=323841652&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gonser.ch%2F%3Flea_source%3D202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009%26utm_source%3DAdgoal.net%26utm_medium%3Daffiliate&dr=https%3A%2F%2Fwww.searchfor.org%2F&ul=en-us&de=UTF-8&dt=Online%20Shop%20Gonser%20-%20Sicher%20%26%20G%C3%BCnstig%20einkaufen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEALQ~&jid=109023784&gjid=825695300&cid=1433292483.1620086552&tid=UA-39673853-1&_gid=2082335348.1620086552&gtm=2wg4l3TP425ZH&z=1738299389

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 22:16:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6352
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
15ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-39673853-1&cid=1433292483.1620086552&jid=109023784&_u=aGDAgEALQAAAAE~&z=505455815

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
16ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-39673853-1&cid=1433292483.1620086552&jid=109023784&_u=aGDAgEALQAAAAE~&z=505455815

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1844237665864323&ev=PageView&dl=https%3A%2F%2Fwww.gonser.ch%2F%3Flea_source%3D202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009%26utm_source%3DAdgoal.net%26utm_medium%3Daffiliate&rl=https%3A%2F%2Fwww.searchfor.org%2F&if=false&ts=1620086552825&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620086552805.778456775&it=1620086552476&coo=false&exp=l1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 04 May 2021 00:02:32 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 38 B
510 B 151ms
104ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614380707681&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1620086552858

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.174fc5ea.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:33 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
access-control-allow-origin: https://www.gonser.ch
x-envoy-upstream-service-time: 1
x-pinterest-rid: 8223403249374034
pin-unauth: dWlkPU16Um1Oemt4T1RrdFl6WmhaQzAwWVRka0xXRmpORFF0TlRCbU5qSXdPR0U1WXpBeg
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 64
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
301 B 161ms
117ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614380707681&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.gonser.ch%2F%3Flea_source%3D202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009%26utm_source%3DAdgoal.net%26utm_medium%3Daffiliate%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.searchfor.org%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22174fc5ea%22%7D&cb=1620086552859

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:33 GMT
referrer-policy: origin
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
content-length: 35
x-pinterest-rid: 1523494389376798
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
547 B 161ms
119ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%2C%22line_items%22%3A%5B%7B%22product_category%22%3A%22%22%7D%5D%7D&tid=2614380707681&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.gonser.ch%2F%3Flea_source%3D202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009%26utm_source%3DAdgoal.net%26utm_medium%3Daffiliate%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.searchfor.org%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22174fc5ea%22%7D&cb=1620086552860

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:33 GMT
referrer-policy: origin
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 5
content-length: 35
x-pinterest-rid: 9130509046779785
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
242 B 154ms
119ms XHR
text/plain 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.174fc5ea.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:33 GMT
referrer-policy: origin
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1712382385123687
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1844237665864323&ev=Microdata&dl=https%3A%2F%2Fwww.gonser.ch%2F%3Flea_source%3D202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009%26utm_source%3DAdgoal.net%26utm_medium%3Daffiliate&rl=https%3A%2F%2Fwww.searchfor.org%2F&if=false&ts=1620086553329&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Online%20Shop%20Gonser%20-%20Sicher%20%26%20G%C3%BCnstig%20einkaufen%22%2C%22meta%3Adescription%22%3A%22Grosse%20Auswahl%20an%20Velos%2C%20Haushaltsbedarf%20%26amp%3B%20vieles%20mehr.%20%C3%9Cber%20500%26%23039%3B000%20zufriedene%20Kunden.%20Gratis%20Versand%20%26amp%3B%20Tiefstpreisgarantie.%20Jetzt%20vorbeischauen!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Online%20Shop%20Gonser%20-%20Sicher%20%26%20G%C3%BCnstig%20einkaufen%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.gonser.ch%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn10.plentymarkets.com%2Fmrt54q44tptl%2Fplugin%2F44%2Fceres%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwww.gonser.ch%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.gonser.ch%2Fsearch%2F%3Fquery%3D%7Bsearch_term%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620086552805.778456775&it=1620086552476&coo=false&es=automatic&tm=3&exp=l1&rqm=GET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 04 May 2021 00:02:33 GMT

GET
H2 200 core Show response
js.driftt.com/ Frame 6E5F 3 KB
1 KB 320ms
301ms Document
text/html 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1620086700000/58w5cewy4kt2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4d63447718d9709833a01ac215139cf374cee06d8fb4c56c4e2432148bd526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gonser.ch/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gonser.ch/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 30 Apr 2021 17:13:10 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: .FruPus.j6Mb8BtwWkn5EpyPCwkpR9Qb
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 04 May 2021 00:02:34 GMT
cache-control: no-cache
etag: W/"10f01789bab6a8b90df5804c7d1ac44b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: fsXpwdh7TeUNfDPnP5Xb6XL5Xb2Gq7Ziv6_w4su-tvGTF8AkZEUdUQ==

GET
H2 200 chat Show response
js.driftt.com/core/ Frame EAAB 3 KB
1 KB 137ms
126ms Document
text/html 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1620086700000/58w5cewy4kt2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4d63447718d9709833a01ac215139cf374cee06d8fb4c56c4e2432148bd526

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /core/chat
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gonser.ch/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gonser.ch/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 30 Apr 2021 17:13:10 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: .FruPus.j6Mb8BtwWkn5EpyPCwkpR9Qb
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Tue, 04 May 2021 00:02:34 GMT
cache-control: no-cache
etag: W/"10f01789bab6a8b90df5804c7d1ac44b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: xCrwx4HMb3QdK1C29zwgEZCZ50MOLm9GqnQbzgbydrPhAAGILyKM1A==

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.gonser.ch
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 136736
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Mon, 02 May 2022 10:03:38 GMT

GET
H/1.1 200
OK utils.js Show response
static.newsletter2go.com/ 24 KB
7 KB 106ms
27ms Script
application/javascript 195.201.108.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static.newsletter2go.com/utils.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.108.174 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.174.108.201.195.clients.your-server.de

Software

nginx /

Resource Hash

f6bc8489b1db408b87e08d302f51c012dc6dca9e28b8fc7cb3403409eb446baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 00:12:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding, Accept-Encoding
X-Fpm: default
Content-Type: application/javascript
X-Upstream: 138.201.29.81:8207
Cache-Control: no-cache
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1

GET
H2 200 lila.php Show response
www.lacmp.net/ 16 KB
5 KB 157ms
31ms XHR
text/html 84.200.5.215
ACCELERATED-IT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lacmp.net/lila.php?id=86MBShZOurqCGUFLLv5I&url=https%3A%2F%2Fwww.gonser.ch%2F%3Flea_source%3D202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009%26utm_source%3DAdgoal.net%26utm_medium%3Daffiliate&frameit=1&module=Profiling&event=PageView

Requested by

Host: tc.connects.ch
URL: https://tc.connects.ch/lila.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

84.200.5.215 , Germany, ASN31400 (ACCELERATED-IT, DE),

Reverse DNS

Software

nginx /

Resource Hash

ed433190c4325c7a7c86a1ba7a74ef568e98b1fc962392a11dda88df9be15d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 04 May 2021 00:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 Kinderspielhaus-DREAM-VILLA-blau--2-.jpg
cdn10.plentymarkets.com/mrt54q44tptl/item/images/13695/middle/ 36 KB
36 KB 48ms
27ms Image
image/jpeg 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/item/images/13695/middle/Kinderspielhaus-DREAM-VILLA-blau--2-.jpg
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5dd1a8e941b7a5151b30e3dd535abc7ab4c9e25ca0d15e419dd2ada5a81d2bcf

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 02:14:06 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
age: 1201709
x-amz-meta-width: 370
x-cache: Hit from cloudfront
x-amz-meta-height: 370
x-amz-meta-size: 36757
content-length: 36757
last-modified: Tue, 20 Apr 2021 01:18:48 GMT
server: AmazonS3
x-amz-meta-dirversion: 4e8cfbb32f5e1eaea369902661c1ca1d1f0d3601
etag: "3cca18a4f48055a3dc4a7bb905799482"
x-amz-version-id: CC.Vj3GZ3dD4yiHyMzXrsIOVTCT91TU.
cache-control: max-age=10368000
x-amz-cf-pop: HAM50-C1
content-type: image/jpeg
x-amz-meta-md5hash: 3cca18a4f48055a3dc4a7bb905799482
x-amz-cf-id: _aDxFrkDCuSAZTOosvSNu9k9lokWD2vf72V_Q3DpQxCF0Qk3q6eKlg==

GET
H2 200 E-Scooter-Elektroroller-Z6-CLASSIC-schwarz--3-.jpg
cdn10.plentymarkets.com/mrt54q44tptl/item/images/11579/middle/ 8 KB
8 KB 46ms
25ms Image
image/jpeg 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/item/images/11579/middle/E-Scooter-Elektroroller-Z6-CLASSIC-schwarz--3-.jpg
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9be5d4713a5fd39ef85c55dc9adfdc2faf65081b4a7af2cd7778b9d209029a26

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 01:09:40 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
age: 600775
x-amz-meta-width: 193
x-cache: Hit from cloudfront
x-amz-meta-height: 370
x-amz-meta-size: 7681
content-length: 7681
last-modified: Tue, 20 Apr 2021 00:12:35 GMT
server: AmazonS3
x-amz-meta-dirversion: 4e8cfbb32f5e1eaea369902661c1ca1d1f0d3601
etag: "884ef4be03ed70160c644aaeddc1ff1c"
x-amz-version-id: ZuOgZXo_sXXCQ8C.TC4JNPy4.1SSRy0I
cache-control: max-age=10368000
x-amz-cf-pop: HAM50-C1
content-type: image/jpeg
x-amz-meta-md5hash: 884ef4be03ed70160c644aaeddc1ff1c
x-amz-cf-id: YQSkBut59CUSt3BM7VUupAVJCgc06fbtre76QNekdmsj26L4E689rw==

GET
H2 200 HTE-0232-1.jpg
cdn10.plentymarkets.com/mrt54q44tptl/item/images/9648/middle/ 24 KB
24 KB 50ms
29ms Image
image/jpeg 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/item/images/9648/middle/HTE-0232-1.jpg
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0fb09ced4ee40ce2d345b5e6b2255ad71f2ee44bb8998598fd94c137e813afec

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 00:19:23 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
age: 1208592
x-amz-meta-width: 450
x-cache: Hit from cloudfront
x-amz-meta-height: 300
x-amz-meta-size: 24278
content-length: 24278
last-modified: Tue, 20 Apr 2021 00:15:25 GMT
server: AmazonS3
x-amz-meta-dirversion: 4e8cfbb32f5e1eaea369902661c1ca1d1f0d3601
etag: "99209fa9a2b510d900b084a378891e79"
x-amz-version-id: HedJAuHObqqOEZrHBhgpML32bT2wUbld
cache-control: max-age=10368000
x-amz-cf-pop: HAM50-C1
content-type: image/jpeg
x-amz-meta-md5hash: 99209fa9a2b510d900b084a378891e79
x-amz-cf-id: Teu0WtgaNsfjl5I2naG6X0bojg-CVCRwYSfBlK_7YSIFCp07H1jFJg==

GET
H2 200 Werkstattwagen-Rollwagen-schwarz-opt-8-.jpg
cdn10.plentymarkets.com/mrt54q44tptl/item/images/9226/middle/ 34 KB
34 KB 55ms
34ms Image
image/jpeg 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/item/images/9226/middle/Werkstattwagen-Rollwagen-schwarz-opt-8-.jpg
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f88a93ff20a8309a18049051f502f298ca7241b433a22b6f86eb67a343bfc0c

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 18:30:40 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
age: 451915
x-amz-meta-width: 370
x-cache: Hit from cloudfront
x-amz-meta-height: 370
x-amz-meta-size: 34726
content-length: 34726
last-modified: Tue, 20 Apr 2021 01:35:58 GMT
server: AmazonS3
x-amz-meta-dirversion: 4e8cfbb32f5e1eaea369902661c1ca1d1f0d3601
etag: "8e32ae8831bd7456e3c104d9669897df"
x-amz-version-id: .bV.HT6y_fRdyNC1mtHUQ5N57QxHaM_5
cache-control: max-age=10368000
x-amz-cf-pop: HAM50-C1
content-type: image/jpeg
x-amz-meta-md5hash: 8e32ae8831bd7456e3c104d9669897df
x-amz-cf-id: rDbHR4qnS9-83zuYJ8KKzN7TPIZOBrGL0tzmiV-_y7wpJuYLuO8ECw==

GET
H2 200 2269-2269-2269-IMG-8905-1.jpg
cdn10.plentymarkets.com/mrt54q44tptl/item/images/2269/middle/ 14 KB
14 KB 62ms
15ms Image
image/jpeg 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/item/images/2269/middle/2269-2269-2269-IMG-8905-1.jpg
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3910eae42f5a2e3145fe4d8fefe19303938774c6d5113be75f4f1410bde0b60b

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 05:34:09 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
age: 1189706
x-amz-meta-width: 369
x-cache: Hit from cloudfront
x-amz-meta-height: 370
x-amz-meta-size: 13966
content-length: 13966
last-modified: Tue, 20 Apr 2021 00:29:01 GMT
server: AmazonS3
x-amz-meta-dirversion: 4e8cfbb32f5e1eaea369902661c1ca1d1f0d3601
etag: "865a9fe098d15d8f2989e87bf12c27fe"
x-amz-version-id: LZnbBErbVgvTajQe2LDL9IK_9W0QYHzB
cache-control: max-age=10368000
x-amz-cf-pop: HAM50-C1
content-type: image/jpeg
x-amz-meta-md5hash: 865a9fe098d15d8f2989e87bf12c27fe
x-amz-cf-id: 5zsFfBfZOuyqjVNEqUHBP9kjZOdbnqqFAPWSs1P_VrpYGyu6QojEJQ==

GET
H2 200 1069FF-1069-updated.jpg
cdn10.plentymarkets.com/mrt54q44tptl/item/images/1069/middle/ 12 KB
13 KB 63ms
15ms Image
image/jpeg 52.222.183.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn10.plentymarkets.com/mrt54q44tptl/item/images/1069/middle/1069FF-1069-updated.jpg
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.183.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-183-22.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 222e0f6d902baccd9480e2ca7de53f44ce0f3ab3496b751af15acdf162e55f2a

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 00:54:56 GMT
via: 1.1 b098e9d1411007a68134dc4335cbb36e.cloudfront.net (CloudFront)
age: 1206459
x-amz-meta-width: 450
x-cache: Hit from cloudfront
x-amz-meta-height: 360
x-amz-meta-size: 12348
content-length: 12348
last-modified: Tue, 20 Apr 2021 00:20:36 GMT
server: AmazonS3
x-amz-meta-dirversion: 4e8cfbb32f5e1eaea369902661c1ca1d1f0d3601
etag: "9bf05b6f644cc103186237dd3597e5b2"
x-amz-version-id: _fspeptQtAJgYZN2KU2LcBnTqJ.MN3wk
cache-control: max-age=10368000
x-amz-cf-pop: HAM50-C1
content-type: image/jpeg
x-amz-meta-md5hash: 9bf05b6f644cc103186237dd3597e5b2
x-amz-cf-id: QSt9Adp29_lTRCyOdT7I-itFNBAEIwuK7FO6xBP_qPJFvW45wrcIWQ==

GET
H2 200 runtime~main.a5da2889.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 5 KB
3 KB 52ms
13ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2ff0301ee0a7740af6130069310f3dadd270e5f6a16acb16ca207ceb01fd6bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:09 GMT
content-encoding: gzip
age: 283765
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 15:32:29 GMT
server: nginx
etag: W/"4460461f7d668443bb75b9e21eccbb20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AzElQChK.C9ueABB8DVcDrSQEOa78vQK
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _4vOr3crF1sCgN1Z4Z5teMJCcDKe1EOzeMsBgsgUy-yxDlvd1pUSDg==

GET
H2 200 39.00daf76c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 40 KB
12 KB 70ms
26ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d3528e4a656c1898832bd0aadf4b7493a6dab833bcf77de82220134cff487105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 19:12:07 GMT
content-encoding: gzip
age: 622227
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:43 GMT
server: nginx
etag: W/"6899bddb0243691ddc6399866847b6f4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pQPjI5lQAXUmoIh3KnIJ_HEoAO12ALHT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3deBXUoa-1M4-HBMTUBwX_7t_zL5LMfSd0AzCB0DlimRjS-I6ktw_w==

GET
H2 200 24.51b9fb55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 42 KB
12 KB 72ms
28ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.51b9fb55.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d411775260d8563a58272ca5581260d0594ff8377e4820e885eac1ffcba4d858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:02 GMT
content-encoding: gzip
age: 3380852
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:10 GMT
server: nginx
etag: W/"cef2e36f386b30af63a3565f56cb570c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2YkFlG1sZ1uGuw9fRJhr_rduXEPaItbU
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1rxsG9i8oG5li20EuMK1V3wDikbApTlDKXvVorWyViwNbFs1pRQBJQ==

GET
H2 200 19.afca98a9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 70 KB
21 KB 66ms
29ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.afca98a9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9aff01bc783d8594a56120806445b231bf83e9cabd5b293a7ccfa61826a1edd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"de8e76f9e682100165e9ef4b0640a064"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y3HP_ATSoqjmnuaTWV_4JHbjLc6op0_8
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: I3LLcD36a_H3emP9UK8VEiluNgonqxSx-EgMp_Qc9NOV1J8rj4odhQ==

GET
H2 200 31.66558c5d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 48 KB
15 KB 72ms
35ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/31.66558c5d.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ecaef097a49429f00f55336367b45e898f27c6e85801c55cebb6e2f25ad8742e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"93e71078f48622110fd00fcfb723530b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cH5FvrQDgYk7DLHbCMiEeTj0prpfEvxI
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: sD16x4m2Dtz_2Q6p822cXHUn7hw9Gz3fNE_xMJRk7389EpkYvnysYw==

GET
H2 200 18.afae54c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 29 KB
8 KB 80ms
44ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.afae54c8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e7657b3001a9523fb81152df7eb790ac0e7c7a163d06c31c5052b6e1b25ca77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"aa46b8d2411ca710860501cb70b87aa6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RsEAITRzirmwXWJLuxexiqSCME3tTtns
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ww_pUbtnXCG1Uthq6Q1pG77rwWApcMuqYaaOOLhXfQjOK6Sl3O84Tw==

GET
H2 200 20.b1014b02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 39 KB
10 KB 80ms
45ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.b1014b02.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4f4ab87946162884af2a2fc74e126b9ac2f3e6553212104d1938528bd3dc1d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"c8172651926eb7a7f4a4f3cb5e513f9c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: N9S.PkVsS9nYjNVu8bkXjETwWPfdkyvR
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1vqXu7l7eOCrMXMuvA10pq9A46vO6976znM-aZt5NjscPXTZ9iIqzw==

GET
H2 200 36.9240267e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 52 KB
18 KB 81ms
45ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.9240267e.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e01a31d1eb9be759017e7eb1cca7a856cdb6c73fd2495a3cae6fe24e15f3fef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:37:21 GMT
content-encoding: gzip
age: 1315512
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:43 GMT
server: nginx
etag: W/"c0367e53a004313148d8c4e96e76faaf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: i6FrqbOMhZ5a.NcIaHdSzvAtDGM.FWJ6
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _BjAFzwxEzjXht2xqAWJkiw6NQvESc6IzLgTTyxGTNjcWsk5-QK7Hw==

GET
H2 200 34.e9aa1a63.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 24 KB
10 KB 82ms
47ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.e9aa1a63.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4b96fcdb0d9e90f7527b30c33c4259e8a83595f0cf73d7224df7b6e362c82af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 08:18:48 GMT
content-encoding: gzip
age: 661426
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:42 GMT
server: nginx
etag: W/"a0fa2d7dab28f390fc90a7d949fd9d59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3CkjyVu7dK8vCrDzm2Z_AQEoaWDrYFtT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: zlbZVurztjWRjPAz4nuP4pANzwVSr1oWxOfMl6LBGL5uggI5IOO7sA==

GET
H2 200 14.b0278960.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 60 KB
21 KB 83ms
47ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.b0278960.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d75c1823f06b25faffc4d8177e4fbad465186322ee07a862adabf1de9f6606ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:10 GMT
server: nginx
etag: W/"f0ce14b295202c78f02177e314fdf340"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XvmmE.MlaEpf2uz.SJHuSFnPeHj97JvY
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GPLTtSu78zGo5MIZy-FIFrZkQFLm4bQ_-S3bSVit0w9dL112I8tQeg==

GET
H2 200 main~493df0b3.887432a6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 21 KB
7 KB 83ms
48ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.887432a6.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6147eb27f1262940ab9b1b603aa7b36d1987a76bc949de41d39226c9da67cede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 291524
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:08 GMT
server: nginx
etag: W/"7e5a855c4e633ca310134957c2d02a1a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sDQn.miQCFaK3JUeLZDso.H5Da1oIeD2
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: U93jHPNDR7Jy6tTHT_A8VomOfsv_pj0aRtbYgbHwDYds4_opNRi1GQ==

GET
H2 200 main~970f9218.11beae17.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 64 KB
17 KB 93ms
63ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~970f9218.11beae17.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b824d2ca37d0850382ef9fc499ef7ddae7cb9ff5e0f4c0a5b0588e8bd1dfe4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 291524
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:08 GMT
server: nginx
etag: W/"9d3ffe68f9bb92919f832f08879e24bd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gE5VNl04OYo23MrDOJviZGhGRbQ38e9o
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HKECNVQXg5l9xMrG_OUnFFyHVScDDUuvGozhq2kuuRlraXVLNDmT2A==

GET
H2 200 main~89e24786.26b7771a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 65 KB
18 KB 94ms
64ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.26b7771a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bf0b536a769d3b2f41deba6a8f8f9886418682e9f05e5a9a6d4e8663a10355c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 291524
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:08 GMT
server: nginx
etag: W/"fbcdcc7c1ab4f8778f28dedb2cc9444b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iNP_9UqPJakP38Q5kk71tY0yWlyddINE
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: GfjqHgR0fH7-B3G5mP74tutq374n8TvSYjYWelLgSeIldD_FqjFZ6Q==

GET
H2 200 main~53ca99a6.d7b36ecc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 30 KB
10 KB 94ms
64ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.d7b36ecc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/chat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f72460c23395dda305f27ef54e3980e8bc69c000f0ff87097492aab1d26e839a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:09 GMT
content-encoding: gzip
age: 283765
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 15:32:29 GMT
server: nginx
etag: W/"aa035304d4605df4fc1fe27e7fd67c51"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hUw4Gsjqk73_Ayw2J0AINGm5cxY1LOBn
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5EO_A1yrX1KCIq3ie53afS4yKFe1049_aP50RomeuFS1x7Qoz5Bmug==

GET
H2 200 runtime~main.a5da2889.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 5 KB
3 KB 84ms
24ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2ff0301ee0a7740af6130069310f3dadd270e5f6a16acb16ca207ceb01fd6bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:09 GMT
content-encoding: gzip
age: 283765
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 15:32:29 GMT
server: nginx
etag: W/"4460461f7d668443bb75b9e21eccbb20"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: AzElQChK.C9ueABB8DVcDrSQEOa78vQK
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iDcerNX__48k5Oayk3YCM9L5uAtEK339hB-AY0c3wymUjOUYsEtpzA==

GET
H2 200 39.00daf76c.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 40 KB
12 KB 86ms
29ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d3528e4a656c1898832bd0aadf4b7493a6dab833bcf77de82220134cff487105

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 19:12:07 GMT
content-encoding: gzip
age: 622227
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:43 GMT
server: nginx
etag: W/"6899bddb0243691ddc6399866847b6f4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: pQPjI5lQAXUmoIh3KnIJ_HEoAO12ALHT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: MkmFHqIubzK1srbDbY_SrjczDS6NWOM68u4cHQCZJA0ktI1c4vl8mA==

GET
H2 200 24.51b9fb55.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 42 KB
12 KB 86ms
29ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/24.51b9fb55.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d411775260d8563a58272ca5581260d0594ff8377e4820e885eac1ffcba4d858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 20:55:02 GMT
content-encoding: gzip
age: 3380852
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 20:27:10 GMT
server: nginx
etag: W/"cef2e36f386b30af63a3565f56cb570c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 2YkFlG1sZ1uGuw9fRJhr_rduXEPaItbU
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Fc6WzXVIZ2BFaL695_xjv-JR0thVyJN3iBWt67DmtH7DKUD-8LJtKw==

GET
H2 200 19.afca98a9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 70 KB
21 KB 70ms
14ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/19.afca98a9.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9aff01bc783d8594a56120806445b231bf83e9cabd5b293a7ccfa61826a1edd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"de8e76f9e682100165e9ef4b0640a064"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: y3HP_ATSoqjmnuaTWV_4JHbjLc6op0_8
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: epSsZFj62cXL7HPowfPqiVgHGwa3u3xBtVyxLs2delL20htQeOm5WA==

GET
H2 200 31.66558c5d.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 48 KB
15 KB 86ms
29ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/31.66558c5d.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ecaef097a49429f00f55336367b45e898f27c6e85801c55cebb6e2f25ad8742e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"93e71078f48622110fd00fcfb723530b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cH5FvrQDgYk7DLHbCMiEeTj0prpfEvxI
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: G1J9ztQ0SJMNHgiRyFHdreQ8H7ZUAnbxYEAMTeDDO7pkhyjPi5EYGw==

GET
H2 200 18.afae54c8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 29 KB
8 KB 88ms
32ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/18.afae54c8.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e7657b3001a9523fb81152df7eb790ac0e7c7a163d06c31c5052b6e1b25ca77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"aa46b8d2411ca710860501cb70b87aa6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RsEAITRzirmwXWJLuxexiqSCME3tTtns
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Ym5qiisx6CFfIKCf1-1XjEhMixOpa5LmEFLgkoVnUtyigtE0CZkYhg==

GET
H2 200 20.b1014b02.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 39 KB
10 KB 88ms
55ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/20.b1014b02.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4f4ab87946162884af2a2fc74e126b9ac2f3e6553212104d1938528bd3dc1d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"c8172651926eb7a7f4a4f3cb5e513f9c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: N9S.PkVsS9nYjNVu8bkXjETwWPfdkyvR
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: f2Zo6tg4fYblClBWFkk-6t0A1rCTUKNt7WF90vIFXjFVsWvwB8VHMQ==

GET
H2 200 36.9240267e.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 52 KB
18 KB 77ms
56ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/36.9240267e.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e01a31d1eb9be759017e7eb1cca7a856cdb6c73fd2495a3cae6fe24e15f3fef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Apr 2021 18:37:21 GMT
content-encoding: gzip
age: 1315512
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:43 GMT
server: nginx
etag: W/"c0367e53a004313148d8c4e96e76faaf"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: i6FrqbOMhZ5a.NcIaHdSzvAtDGM.FWJ6
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: vn2F4TZUk5bWcq5xyzYBGSx_dA95wN67kX8aQgTAv1GNvN1wyRiWtg==

GET
H2 200 34.e9aa1a63.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 24 KB
10 KB 77ms
56ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/34.e9aa1a63.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4b96fcdb0d9e90f7527b30c33c4259e8a83595f0cf73d7224df7b6e362c82af6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 08:18:48 GMT
content-encoding: gzip
age: 661426
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:42 GMT
server: nginx
etag: W/"a0fa2d7dab28f390fc90a7d949fd9d59"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 3CkjyVu7dK8vCrDzm2Z_AQEoaWDrYFtT
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 23PsaeBv5Md6fDmhTfy5oZ5x49Ec17tWvrU7h6Fihh1JNSKdbQ0kUA==

GET
H2 200 14.b0278960.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 60 KB
21 KB 78ms
58ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/14.b0278960.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d75c1823f06b25faffc4d8177e4fbad465186322ee07a862adabf1de9f6606ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:10 GMT
server: nginx
etag: W/"f0ce14b295202c78f02177e314fdf340"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: XvmmE.MlaEpf2uz.SJHuSFnPeHj97JvY
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TeyzVdtsrizpQx1finLq47Hemv06SK9uqNCwtGJ8jJJ4yiZ5jhJslA==

GET
H2 200 main~493df0b3.887432a6.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 21 KB
7 KB 78ms
58ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~493df0b3.887432a6.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6147eb27f1262940ab9b1b603aa7b36d1987a76bc949de41d39226c9da67cede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 291524
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:08 GMT
server: nginx
etag: W/"7e5a855c4e633ca310134957c2d02a1a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: sDQn.miQCFaK3JUeLZDso.H5Da1oIeD2
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 93z5J4zve2Qrp77Is1ZxBVDcy4GYarVwBx9DAPrqJHrOoRMSF_VmzQ==

GET
H2 200 main~970f9218.11beae17.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 64 KB
17 KB 43ms
25ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~970f9218.11beae17.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b824d2ca37d0850382ef9fc499ef7ddae7cb9ff5e0f4c0a5b0588e8bd1dfe4a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 291524
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:08 GMT
server: nginx
etag: W/"9d3ffe68f9bb92919f832f08879e24bd"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: gE5VNl04OYo23MrDOJviZGhGRbQ38e9o
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 8gSEeR7N4iNwuuCg0fEK1fsRr7ddmGTpF8nKHqiw16SjaVdczq_OIg==

GET
H2 200 main~89e24786.26b7771a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 65 KB
18 KB 46ms
28ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~89e24786.26b7771a.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bf0b536a769d3b2f41deba6a8f8f9886418682e9f05e5a9a6d4e8663a10355c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 291524
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:08 GMT
server: nginx
etag: W/"fbcdcc7c1ab4f8778f28dedb2cc9444b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iNP_9UqPJakP38Q5kk71tY0yWlyddINE
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nrwJ7MX57Zh0V0uHaenTd0tZuFpHF-l6bOPwVBgeXcSwvBiAfGh8-w==

GET
H2 200 main~53ca99a6.d7b36ecc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 30 KB
10 KB 46ms
28ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/main~53ca99a6.d7b36ecc.chunk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f72460c23395dda305f27ef54e3980e8bc69c000f0ff87097492aab1d26e839a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://js.driftt.com
Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:09 GMT
content-encoding: gzip
age: 283765
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 15:32:29 GMT
server: nginx
etag: W/"aa035304d4605df4fc1fe27e7fd67c51"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hUw4Gsjqk73_Ayw2J0AINGm5cxY1LOBn
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: syYi6H-4xdiGy8X8eSP6n8k91Wj1k_Rj53G4xCxp9tBTpCCJXO-_Bw==

GET
H/1.1

200
OK

Cookie set retarget Show response
ad.ad-srv.net/ Frame 9D8B
Redirect Chain

https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=
https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1

2 KB
1 KB

88ms
41ms

Document
text/html

94.130.102.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1
Requested by: Host: r.lnk8j7.com
URL: https://r.lnk8j7.com/link/br/fJoGTf5ZnnYKYeKGfzUgo?u=http%3A%2F%2Fcapitalonebankcard.com&campaign_id=fxQJojW2AQU7XrX3b49nMB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.102.130.94.clients.your-server.de
Software: Apache /
Resource Hash: 5400169421a0312cc19dc21b4731bed89851dcbeb98c73e92cabb3af4c3dfbf5

Request headers

Host: ad.ad-srv.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.gonser.ch/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: kdb0xdq3ls8m_uid=95e0560a6fcc500f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gonser.ch/

Response headers

Date: Tue, 04 May 2021 00:02:35 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: kdb0xdq3ls8m_uid=95e0560a6fcc500f; expires=Mon, 02-Aug-2021 00:02:35 GMT; Max-Age=7776000; path=/; domain=.ad-srv.net; secure; SameSite=None
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 553
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 04 May 2021 00:02:34 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: kdb0xdq3ls8m_uid=95e0560a6fcc500f; expires=Mon, 02-Aug-2021 00:02:34 GMT; Max-Age=7776000; path=/; domain=.ad-srv.net; secure; SameSite=None
Location: ?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 4350
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
29 KB

198ms
50ms

Script
application/x-javascript

37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e900793533d5a24861457658acd88eefaf284309e5e5f8a049b9468af341abf2

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:35 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 08:03:06 GMT
server: nginx
etag: W/"6076a1ba-13f40"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Tue, 04 May 2021 00:02:34 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H/1.1

200
OK

Cookie set retarget Show response
hal9000.redintelligence.net/ Frame 7634
Redirect Chain

https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=
https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1

2 KB
1 KB

85ms
41ms

Document
text/html

138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1
Requested by: Host: r.lnk8j7.com
URL: https://r.lnk8j7.com/link/br/fJoGTf5ZnnYKYeKGfzUgo?u=http%3A%2F%2Fcapitalonebankcard.com&campaign_id=fxQJojW2AQU7XrX3b49nMB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 48a9635c90c2e857397074cc488f2ed173ea7b0084a32f827c3cabee958b8e88

Request headers

Host: hal9000.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.gonser.ch/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: 8lcfmzhxc8d6_uid=f9d410948afa72df
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gonser.ch/

Response headers

Date: Tue, 04 May 2021 00:02:35 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=f9d410948afa72df; expires=Mon, 02-Aug-2021 00:02:35 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 761
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 04 May 2021 00:02:34 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=f9d410948afa72df; expires=Mon, 02-Aug-2021 00:02:35 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: ?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H2 200 xuxyim2w.js Show response
ad4m.at/ Frame 4350 37 KB
13 KB 81ms
22ms Script
application/javascript 2606:4700:3039::6815:c056
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/xuxyim2w.js
Requested by: Host: r.lnk8j7.com
URL: https://r.lnk8j7.com/link/br/fJoGTf5ZnnYKYeKGfzUgo?u=http%3A%2F%2Fcapitalonebankcard.com&campaign_id=fxQJojW2AQU7XrX3b49nMB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c056 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23aba1847b53c07cb128214d9f1dc8f477b4f9d46cee8654e82db819c6849692

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=asOO0A==, md5=MavCd+TAh36IP2a5gsLiyQ==
date: Tue, 04 May 2021 00:02:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 39670
x-guploader-uploadid: ABg5-UxlC2zgmKmXB2DGl4TM7GwL7hQtmlmwPRI9gqMSBlpSoLDmJOckXJPjGYYDJWEJRnflpQ3ItOYTlhi3deLA-HU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d648194c00002bf267b57000000001
last-modified: Thu, 29 Apr 2021 12:59:16 GMT
server: cloudflare
etag: W/"31abc277e4c0877e883f66b982c2e2c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0SqS7TkQ%2BUj4NvuaJ4c7YtjlyqzXzaHwC3EMqCjQs3T0xRO%2BGDBc0wpODuaHRnvot5%2FziA1TU3RYMjMN5FoBlDtfsj2ART5PX72dLazARV8QSRBp"}],"max_age":604800}
x-goog-generation: 1619701156740842
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 12594
cf-ray: 649d7608797d2bf2-FRA
expires: Mon, 03 May 2021 13:01:24 GMT

GET
H2 200 37.1524c45f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 6 KB
3 KB 23ms
22ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.1524c45f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

09698cbca28bc2f3d73d1f57ac823d2c707082442b068badf5fdd774f3d9b1b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 16:09:54 GMT
content-encoding: gzip
age: 3484361
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 24 Mar 2021 15:54:59 GMT
server: nginx
etag: W/"7f201e07ac5ddc749c01b70d37a9493d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 51PVSJmk69CTLsdohL8915wFPt3ROPsP
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: TzGtg0WsBBrWLLhLMKBpHMLt9mZ6ltKl9SXWHTfp-BsvZC34r3MYIg==

GET
H2 200 35.cfdb5c47.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 107 KB
34 KB 23ms
22ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.cfdb5c47.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

84481c66973dbcfaad9597e7109d4f2039bcddd5c734429bff4174fdcde5a0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:19:07 GMT
content-encoding: gzip
age: 297808
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:43 GMT
server: nginx
etag: W/"c32754b3254617ea5f88500d61f4bbe8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fc_g.7YiGZPDN9.T0qtjUXORfLw1QpXW
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: _kOrLQrRJ66rbElAZ_ke_EYW0h2YVGWTeJcEp0R2YmlwDaCAONx5QA==

GET
H2 200 28.e0c4d629.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 27 KB
9 KB 23ms
23ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.e0c4d629.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

972c94e24cd810cd05f2a2b3510f400edeb373d5a8355089d43ef3e4f650886e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295713
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"3802732ea37a219e3ac3b567476c8533"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iU8UwuO7fkHHrR294dEV_E0hCv_RzwjJ
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: wyNqjdCJkbgQMW15TRBVkzSFOLDK1MmTseDzQWmgrDGfigRczQ9WLQ==

GET
H2 200 32.71167ac0.chunk.css
js.driftt.com/core/assets/css/ Frame EAAB 1 KB
1 KB 29ms
23ms Stylesheet
text/css 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.71167ac0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ed56292da2883fe23fa81f64fcedb3c6dff5f09b4f2aed777be50699e7f04ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295713
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:08 GMT
server: nginx
etag: W/"7362dc7cbde5becc44253ec6d0061465"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DZvba4KR5xrPx4nMdtAa3vElmrzSYCNc
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uOStm3MgRtLH4dP8gFEvEVtSNfc4p8b8Nl9P1cOXR319OuyP-hhhbw==

GET
H2 200 32.1443b30a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 5 KB
2 KB 32ms
27ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.1443b30a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

da5be0996d98c4143d3ff55682a814a3fd0addefb010e90b9018533307569d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295713
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"8c489b40cbb0789d4be7c4a2d19e7ed7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9szKmtmHj777DJWtoyr9sC1oTQvGWDAo
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: yMliUFDgNSv3_Kx5-Y-ducrOvQVjGRQmJiQHrkzOxe5zHo0Ke1k98A==

GET
H2 200 37.1524c45f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 6 KB
3 KB 25ms
24ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/37.1524c45f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

09698cbca28bc2f3d73d1f57ac823d2c707082442b068badf5fdd774f3d9b1b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 16:09:54 GMT
content-encoding: gzip
age: 3484361
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Wed, 24 Mar 2021 15:54:59 GMT
server: nginx
etag: W/"7f201e07ac5ddc749c01b70d37a9493d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 51PVSJmk69CTLsdohL8915wFPt3ROPsP
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Fy-TYo0iLHadWBWQrV9LgNvKGXygzLd79EEf7VqqNaeFoslXTI7s5w==

GET
H2 200 35.cfdb5c47.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 107 KB
34 KB 29ms
27ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/35.cfdb5c47.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

84481c66973dbcfaad9597e7109d4f2039bcddd5c734429bff4174fdcde5a0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:19:07 GMT
content-encoding: gzip
age: 297808
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:43 GMT
server: nginx
etag: W/"c32754b3254617ea5f88500d61f4bbe8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: fc_g.7YiGZPDN9.T0qtjUXORfLw1QpXW
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 1ZBhyRV28YTk3owLtzjJ_zY8MZrsTAFcyEjxumU8GRqfKOTmvz2NJw==

GET
H2 200 28.e0c4d629.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 27 KB
9 KB 29ms
27ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/28.e0c4d629.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

972c94e24cd810cd05f2a2b3510f400edeb373d5a8355089d43ef3e4f650886e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295713
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"3802732ea37a219e3ac3b567476c8533"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: iU8UwuO7fkHHrR294dEV_E0hCv_RzwjJ
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: B1OoI2RKMUjgpeS6b1TpB8U2IH6xG6BUXuLbP_LFSBRnAeo8UrdCbw==

GET
H2 200 32.71167ac0.chunk.css
js.driftt.com/core/assets/css/ Frame 6E5F 1 KB
1 KB 24ms
23ms Stylesheet
text/css 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/32.71167ac0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ed56292da2883fe23fa81f64fcedb3c6dff5f09b4f2aed777be50699e7f04ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295713
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:08 GMT
server: nginx
etag: W/"7362dc7cbde5becc44253ec6d0061465"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DZvba4KR5xrPx4nMdtAa3vElmrzSYCNc
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: U3ozTrDiNjMK3kN9fR68ikyE0MaJ9vLxq1pIX8eKr-W6RQJPEC36gw==

GET
H2 200 32.1443b30a.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 5 KB
2 KB 29ms
28ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/32.1443b30a.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

da5be0996d98c4143d3ff55682a814a3fd0addefb010e90b9018533307569d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295713
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"8c489b40cbb0789d4be7c4a2d19e7ed7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 9szKmtmHj777DJWtoyr9sC1oTQvGWDAo
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 14-9rsUmcLM2pLH-rbCtXEeHK2XCOa40mQPmkziudqAqF8LimzN0Nw==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame 4350 7 KB
3 KB 88ms
38ms Script
application/javascript 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 00:02:35 GMT
Content-Encoding: gzip
Age: 15758
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 2601
X-Served-By: cache-lga21965-LGA, cache-hhn4047-HHN
Access-Control-Allow-Origin: *
Last-Modified: Thu, 14 May 2020 21:04:36 GMT
Server: nginx/1.13.10
X-Timer: S1620086555.272809,VS0,VE0
ETag: W/"5ebdb264-1cfb"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 10 Dec 2020 19:35:03 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 4626

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 0F0D 2 KB
2 KB 72ms
15ms Document
text/html 2606:4700:3039::6815:c056
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/xuxyim2w.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c056 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gonser.ch/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gonser.ch/

Response headers

date: Tue, 04 May 2021 00:02:35 GMT
content-type: text/html
set-cookie: __cfduid=d070a1fc4f17681edb912ad309bbde6bc1620086555; expires=Thu, 03-Jun-21 00:02:35 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Tue, 04 May 2021 01:02:35 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 961600
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 09d6481aad000031403a0cb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PWvpon%2Fk4Sv4wSrGNE1hC9nhMEljgo5wVq%2Ffd17AMSSbcPwNV7lW1DCyHDDvHd1trWZNCKpTrVwsKigXzCDdB8qRnQ9GIcitUlxnAJEGDoU1DfkZ"}]}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 649d760aace03140-FRA
content-encoding: br

GET
H/1.1 200
OK rt.php Show response
www.usemax.de/ Frame 9D8B 232 B
812 B 163ms
45ms Script
application/javascript 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemax.de/rt.php?campaign_id=49594&place=&product_id=&category_id=&tp=1&gdpr=0&gdpr_consent=
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.48.120.130 Hamburg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4.25 (Debian) / PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Resource Hash: 1c5e0d6a65087044ff1aeed54e598fc04d3f725265b89e84798e9ef1db98171c

Request headers

Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 00:02:35 GMT
Content-Encoding: gzip
Server: Apache/2.4.25 (Debian)
X-Powered-By: PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Vary: Accept-Encoding
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Connection: Keep-Alive
Content-Type: application/javascript
Keep-Alive: timeout=3, max=70
Content-Length: 198

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 9D8B
Redirect Chain

https://secure.adnxs.com/seg?add=24823586&t=2&gdpr=0&gdpr_consent=
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24823586%26t%3D2%26gdpr%3D0%26gdpr_consent%3D

43 B
1 KB

29ms
26ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24823586%26t%3D2%26gdpr%3D0%26gdpr_consent%3D

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 00:02:35 GMT
X-Proxy-Origin: 37.120.137.4; 37.120.137.4; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.75:80
AN-X-Request-Uuid: 23a4a51e-c879-49f6-854b-5eb24efadef6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 00:02:35 GMT
X-Proxy-Origin: 37.120.137.4; 37.120.137.4; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.110:80
AN-X-Request-Uuid: 308fe85b-b0f6-4da0-a88d-b4029db48491
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D24823586%26t%3D2%26gdpr%3D0%26gdpr_consent%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 9D8B 70 B
261 B 153ms
39ms Image
image/gif 34.255.138.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=4m1sxse&ct=0:neqwpmy&fmt=4&gdpr=0&gdpr_consent=
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.138.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-138-57.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ Frame 7634 597 B
1 KB 119ms
39ms Script
text/javascript 104.79.88.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=1472281&mt_adid=236480&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=&mt_nsync=1
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-164.deploy.static.akamaitechnologies.com
Software: MT3 3709 11aaa92 master zrh-pixel-x2 /
Resource Hash: a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 00:02:35 GMT
Server: MT3 3709 11aaa92 master zrh-pixel-x2
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Tue, 04 May 2021 00:02:34 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ Frame 7634
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
29 KB

56ms
50ms

Script
application/x-javascript

37.157.6.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e900793533d5a24861457658acd88eefaf284309e5e5f8a049b9468af341abf2

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:35 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 08:03:06 GMT
server: nginx
etag: W/"6076a1ba-13f40"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Tue, 04 May 2021 00:02:35 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H3-29

200

activityi;dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817 Show response
5994599.fls.doubleclick.net/ Frame A599
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817?

503 B
415 B

82ms
41ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817?

Requested by

Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

884d21267e4501ada62d76baf8e95e05e2ce84de495ced536ce46eb7044b68fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5994599.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hal9000.redintelligence.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hal9000.redintelligence.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 May 2021 00:02:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 390
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-May-2021 00:17:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 May 2021 00:02:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 0.45eb4005.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 17 KB
6 KB 21ms
19ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.45eb4005.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 02:34:41 GMT
content-encoding: gzip
age: 6989274
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 11 Feb 2021 15:02:23 GMT
server: nginx
etag: W/"7e689afacd5eb298702f393c9c2f70f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: meASu2JEFoyVpwOxkLJiMpQwEpCiiXJl
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: mnhZt7xBeHZs51bI0sLPqvic4_GsRrYMI1xWIrEuewTMAD6vJHTRzQ==

GET
H2 200 33.e776e5b0.chunk.css
js.driftt.com/core/assets/css/ Frame EAAB 6 KB
1 KB 20ms
20ms Stylesheet
text/css 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/33.e776e5b0.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295713
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:08 GMT
server: nginx
etag: W/"9f36443a9402e1e03bf8070ddc88b8db"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: KGLpEbzDUJECLa.dPnGsWLXLQnFKU.qP
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: uBPt0ZhPu27I5BNWAtUm-HnCJ4NUuCnO5U-A4MZ_W-1qmb9AffgVoA==

GET
H2 200 33.94f6fafc.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 2 KB
2 KB 20ms
20ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/33.94f6fafc.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a530f18a3872bed929f7723682c3b1a67d302308741586dea8e73d756d85fb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295713
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"674f6cfb7acbf1f937711877f406db2a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: hrxaGGmeYSGn4fq7yLkHzgC8VF8A.WkN
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: pLoiT2afIerNN5kJ3XoasQxVEoXLtmpeIH6ZuKzv9nhiKprEDtocmA==

GET
H2 200 0.45eb4005.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 17 KB
6 KB 27ms
27ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/0.45eb4005.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 02:34:41 GMT
content-encoding: gzip
age: 6989274
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 11 Feb 2021 15:02:23 GMT
server: nginx
etag: W/"7e689afacd5eb298702f393c9c2f70f8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: meASu2JEFoyVpwOxkLJiMpQwEpCiiXJl
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: u2k9wMeDg6DRXDNgO_6R9GdHiiVUIGh5CkqV2KhYhSL-Nrjd4cXotA==

GET
H2 200 1.0af467a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 68 KB
20 KB 27ms
22ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.0af467a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 01:42:28 GMT
content-encoding: gzip
age: 7510807
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:44 GMT
server: nginx
etag: W/"aedd244e100709f43b70a84bb3945ca6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kErXw93froxamEp2BnqkXpG57uNk3Qr1
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: fNlsA8R6WNOYZC0oqAHXAFmz_vEVGMPnC8AJwXkyk_kFhlfARxqhew==

GET
H2 200 29.b06f0d40.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 41 KB
12 KB 28ms
23ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/29.b06f0d40.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ab80dc8754fc12f26b3cc534416c13d7b67f5d4f04920a51751cff3ea93337b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 06:56:50 GMT
content-encoding: gzip
age: 752745
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:42 GMT
server: nginx
etag: W/"48c3cbd35a44b12a55e9ba457118d915"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: DZ9x93HC6K73r49dCbbZpbg7aKAynIIk
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Xk069SKoflXLma_TumK3ncHL0bG_sjySxjXeP5E5UhUbMGRk_Mfr3Q==

GET
H2 200 2.939f0edf.chunk.css
js.driftt.com/core/assets/css/ Frame 6E5F 2 KB
1 KB 24ms
22ms Stylesheet
text/css 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.939f0edf.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

62b33c7813e7ad094f92e3917fa81aff0546a584602763b43ce4bcd4ea7b46c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 20:57:30 GMT
content-encoding: gzip
age: 1825505
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 12 Apr 2021 20:26:11 GMT
server: nginx
etag: W/"49bde0a5fadb142d912e44161f3d4f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p2qzrGMMOVmOLdOpPjnIg0_GlZv9CXZr
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: lEvrZujsUH5KmnvmMHhY0sZK3C3I9RJzZ3knVcE8pqryZY8W9s4LkA==

GET
H2 200 2.4cd53141.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 33 KB
11 KB 28ms
26ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.4cd53141.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7b9be083609cdb03285eae8d967c4b7f0c91f9056049335e5fd5aa26b6afa0a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:09 GMT
content-encoding: gzip
age: 283766
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 15:32:27 GMT
server: nginx
etag: W/"ac28ebd37a2821d11d55291ec77f7893"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Nq.bZfZwqxc3pr2BF44uerpZjwt2F_Ei
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: nge-nlPhKQlUkP-bA7qgm-YwLtqgdxnU4gcD_-b83MAaKiSpiqfx3g==

GET
H2 200 27.02e62d23.chunk.css
js.driftt.com/core/assets/css/ Frame 6E5F 8 KB
2 KB 24ms
23ms Stylesheet
text/css 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/27.02e62d23.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

475dbccf84ca50f8d13df95ef5a85c58198fd65fefa481850453de7feb2d4bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:02 GMT
content-encoding: gzip
age: 295713
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:08 GMT
server: nginx
etag: W/"4a7ea3158114815c3ce4a439e64bb20f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: mQrumdy7biVwQR1YnMnJxX26TKzC8eK0
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: eWFFuw8fqHZ7UHzMw1em30pNqkeqif1y5SyEo5bHTMyTRxBBrGjj3w==

GET
H2 200 27.b97642a7.chunk.js Show response
js.driftt.com/core/assets/js/ Frame 6E5F 64 KB
18 KB 38ms
23ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/27.b97642a7.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9062e8f330834ebd0beec454ca50a7256f2438b8d9480aaa3a586f591a61fac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core?embedId=58w5cewy4kt2&forceShow=false&skipCampaigns=false&sessionId=081687fa-03b2-4c86-b3a1-e1d5b2a6beae&sessionStarted=1620086554&campaignRefreshToken=a6c1b15c-f907-4e25-ada8-1e2c547d4d4e&hideController=false&pageLoadStartTime=1620086550828&mode=CHAT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 291525
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:06 GMT
server: nginx
etag: W/"5dd8c58fe0a1dfe65411d76dce2adf06"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: 6msneJ_UwCCT_TUaFRU0D2QbeH_POHar
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ED1-f7jT2WNvrv-Ztee4RI4zzfzJSE7W_lsLPDcPHFzVqifu6Ka3zA==

GET
H/1.1 200
OK pixie
ib.adnxs.com/ Frame 4350 42 B
349 B 88ms
25ms Image
image/gif 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=LandingPage&pi=723d7929-7096-474f-8687-5dbfeca03f13&it=1620086555363&v=0.0.15&u=https%3A%2F%2Fwww.gonser.ch%2F%3Flea_source%3D202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009%26utm_source%3DAdgoal.net%26utm_medium%3Daffiliate&st=1620086555362&et=1620086555363&if=1
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 00:02:35 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 37.120.137.4; 37.120.137.4; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 10.13.70.77:80
Content-Length: 42
Content-Type: image/gif

GET
H2 200 1.0af467a5.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 68 KB
20 KB 39ms
25ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/1.0af467a5.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Feb 2021 01:42:28 GMT
content-encoding: gzip
age: 7510807
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 05 Feb 2021 20:58:44 GMT
server: nginx
etag: W/"aedd244e100709f43b70a84bb3945ca6"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: kErXw93froxamEp2BnqkXpG57uNk3Qr1
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: VirTqr5F5atAuVZqvOL6lSajrW_GoC0jB3g6ozE5f5UzV1Walr4zWw==

GET
H2 200 7.07aa08a5.chunk.css
js.driftt.com/core/assets/css/ Frame EAAB 7 KB
2 KB 35ms
23ms Stylesheet
text/css 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/7.07aa08a5.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:09 GMT
server: nginx
etag: W/"189aeffd571884559dababa22c66d75a"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: qRE432HVQ7Y1w.s9lcCBDT5jZX9YXsTD
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: F-8yMl5FUW-L_j2TGOp90wicoFQkZx2rzAW3zC8NlR1ZQeAC6EJv0A==

GET
H2 200 7.d2b06f0f.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 38 KB
13 KB 35ms
25ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/7.d2b06f0f.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a700f71fb1bb8fbba02eb3a6e70c73441e24337c4521bacc1c4e2b97d7b191a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:12 GMT
server: nginx
etag: W/"d22fa8dd9fdbdcdde74443bcd7a64fa3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: xnIs15mgedQOb8VhFDNVv2E4rRhqKdBF
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: HiaODMnzs0IuXXykx3vCckDiuME0gSzMm_tCzfWvb7CWHOXzh3Erjg==

GET
H2 200 4.83e6fbb0.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 50 KB
14 KB 45ms
35ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/4.83e6fbb0.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

773e03ac001d0d50aa313e801d59d2acb8e8740d969a218e004effc8f1334ef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 20:57:30 GMT
content-encoding: gzip
age: 1825505
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 12 Apr 2021 20:26:14 GMT
server: nginx
etag: W/"1055d5233f397035f9106d9c6067332c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: VEA2c_RsciIuDC7GppXra6t044BndYBr
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: P4wAl2fApGPUMFH6-adnx12JTfID8cZZ8UeY7X-4jcP_DPUU3nVFfg==

GET
H2 200 2.939f0edf.chunk.css
js.driftt.com/core/assets/css/ Frame EAAB 2 KB
1 KB 32ms
24ms Stylesheet
text/css 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/2.939f0edf.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

62b33c7813e7ad094f92e3917fa81aff0546a584602763b43ce4bcd4ea7b46c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 20:57:30 GMT
content-encoding: gzip
age: 1825505
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 12 Apr 2021 20:26:11 GMT
server: nginx
etag: W/"49bde0a5fadb142d912e44161f3d4f36"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: p2qzrGMMOVmOLdOpPjnIg0_GlZv9CXZr
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: EgImwNwum0G0cBEKQ_uS5v2ouZ1Jm-eBwEimPb_RdYGZUypP5IZldA==

GET
H2 200 2.4cd53141.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 33 KB
11 KB 45ms
36ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/2.4cd53141.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7b9be083609cdb03285eae8d967c4b7f0c91f9056049335e5fd5aa26b6afa0a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 17:13:09 GMT
content-encoding: gzip
age: 283766
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 15:32:27 GMT
server: nginx
etag: W/"ac28ebd37a2821d11d55291ec77f7893"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Nq.bZfZwqxc3pr2BF44uerpZjwt2F_Ei
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: D0leEPYyGtVdyTO8yi-d3Sua5sZ1nyHqsVsgnZSBCGLg_RR4-OYGyw==

GET
H2 200 8.be5de6bd.chunk.css
js.driftt.com/core/assets/css/ Frame EAAB 11 KB
3 KB 32ms
24ms Stylesheet
text/css 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/8.be5de6bd.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c8adaf3188585a5b34f8888433375deca3246c299c1c10b46bc804641bd55ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:09 GMT
server: nginx
etag: W/"9dfbe8830427f45dc3297497130b7b2c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: RfAWXJwSBOjm4EZfS4bYmkx2z25QfMeE
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: cj-fmBvCZIoByWHXXzZPnbzQZjIC5xagqzGQehu4zb6cCkeufRXkNQ==

GET
H2 200 8.738583b1.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 16 KB
6 KB 28ms
19ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/8.738583b1.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8fa7e02441ac12b38e71dbcd72a60015e83a4b650962350fdce37bab18cf454f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 291525
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:07 GMT
server: nginx
etag: W/"62635289f26869c6f433cf9c33b54daa"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: UZwpbspXWATVXRo4WR0hQ_JLQq68Izby
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 7HlG9m8V3RhNYWsWqrfVEeyS9xAoPXrqUYnSj_4zlhOl9rKOPgx2NA==

GET
H2 200 6.f255bf33.chunk.css
js.driftt.com/core/assets/css/ Frame EAAB 6 KB
2 KB 31ms
24ms Stylesheet
text/css 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/6.f255bf33.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

067a3f3a6d50349a650f9df58b4c118f0ca0a2136ee24163742dea4625b85cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:09 GMT
server: nginx
etag: W/"8c7c720f617083d90026fa60c98b5a13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: .0qSGYhTLsrPAYlXNyZpWRV8EvNOCuB_
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Du8laaT5b3u0zX6xCoDpOaT_IgJDVqDAI4RhUJ_cSRPtpPkaE5ijVw==

GET
H2 200 6.d3be9570.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 14 KB
6 KB 30ms
21ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/6.d3be9570.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

69b51ce5274738bb3e7a3462b821870ff6fdab7ed0181213356b7a789f3483ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:12 GMT
server: nginx
etag: W/"328a6e8dee518c8853e3eaecedf73870"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: Ojdv32iQx.BHoP1Fx6z2J_UkuDpcU40s
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: rv0EMjqCKDWPA70uhHoyXTV8yf3hmaFa6K8yLb1mSp3pu1suCZtzdQ==

GET
H2 200 3.0ea1fc6e.chunk.css
js.driftt.com/core/assets/css/ Frame EAAB 34 KB
6 KB 31ms
24ms Stylesheet
text/css 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/3.0ea1fc6e.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

82a557180fc468bdfc051140172475ed640c424fd73a78f27211c8ce949b5134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:08 GMT
server: nginx
etag: W/"7c265a43e77a50dc1332a0ea224ce907"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: a5_O7eOu8Ol.QJzqIQ_iJcSYdMoZvBIz
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 0bQM8E7jxkk2j3qTqZD_xQtvWUfNF5_S9OtsrAoGc2xADuEi93obSw==

GET
H2 200 3.33a568c9.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 65 KB
20 KB 29ms
25ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/3.33a568c9.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

270212e65cb4c2ddde71885f54f0d8d1ef1e5812335c26d2f1fcf27effe61242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 291525
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:06 GMT
server: nginx
etag: W/"1ab0515b02e3b79fe13ba04ed2ac5f9b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: D16jNdLsGrs9qi2_ALYJr.xBULX1QCmp
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4CxkDU8FmQvSGJD59tFGW5lQEH85KxRtLOI9qM674ZKPqMd-AL93VQ==

GET
H2 200 5.f24fcd30.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 17 KB
7 KB 30ms
25ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/5.f24fcd30.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ef403c6c759d482925f23c6f42e164d0d615d0b0f6fde37d8aeaf92c63833e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 291525
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:07 GMT
server: nginx
etag: W/"15ad3f8329820418cf516a77de765986"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: cJhsqkwB0JAPsqWBG3GbHsQdiK_9lG8.
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: gsAaue5rJKEjvmFxfEeHOvk9NLf9Oa5mGE-TCuXCTni2roAXR4wbOA==

GET
H2 200 25.0f3076d4.chunk.css
js.driftt.com/core/assets/css/ Frame EAAB 16 KB
3 KB 31ms
25ms Stylesheet
text/css 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/css/25.0f3076d4.chunk.css

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6a937cac6c1f73afedba2ff302d69c69560b9413ab327158718fd76bdc66a669

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:03 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:08 GMT
server: nginx
etag: W/"d668c40d88e269f4226308e1d0dac5b2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: NdcDF_vbGtotEEQVPrIyw1H7r8._J1KG
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: text/css
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: Xn1_3xGbjBk0GAjeArpFSSX4aw-0jv5_5M8hakEinS8BLIqlFrKSNw==

GET
H2 200 25.1eac91ab.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 21 KB
7 KB 31ms
26ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/25.1eac91ab.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

302e1a06cf45cb9dc221eee6eb8a619a6af3820e7918f1e4bf50f091954526f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 15:03:50 GMT
content-encoding: gzip
age: 291525
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 14:00:06 GMT
server: nginx
etag: W/"c32d5afe0a9036a95fb759026e8c7dbc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: K9Kdej32FiwvEQIDR4Oa4gZqmCF5CwtR
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: y8My4pjEqUqExQxaWBVhWFHrFt_Om8x8IvSD-oM3qI0dqSLVENCtVw==

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/ Frame 4350
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=1966228&ADFPageName=Home&ADFdivider=%7C&ord=15437715780&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.searchfor.org%2F&ADFtpmode=2&loc=...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1966228&ADFPageName=Home&ADFdivider=%7C&ord=15437715780&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.searchfor.org%2F&ADFtpmode=2...

104 B
586 B

38ms
37ms

Script
text/javascript

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1966228&ADFPageName=Home&ADFdivider=%7C&ord=15437715780&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.searchfor.org%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.gonser.ch%2F%3Flea_source%3D202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009%26utm_source%3DAdgoal.net%26utm_medium%3Daffiliate

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fc1228b3caba9cc6d5a2169399a3d14838abc607f24b3d07f5ed080b60a62ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:35 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 179
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:35 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=1966228&ADFPageName=Home&ADFdivider=%7C&ord=15437715780&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.searchfor.org%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.gonser.ch%2F%3Flea_source%3D202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009%26utm_source%3DAdgoal.net%26utm_medium%3Daffiliate
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 frame.html Show response
ad4mat.net/ Frame 1B94 1 KB
1 KB 69ms
16ms Document
text/html 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4mat.net/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/xuxyim2w.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gonser.ch/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gonser.ch/

Response headers

date: Tue, 04 May 2021 00:02:35 GMT
content-type: text/html
set-cookie: __cfduid=d553169da68e2f52a24fe68b04e7a0aa51620086555; expires=Thu, 03-Jun-21 00:02:35 GMT; path=/; domain=.ad4mat.net; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 12 Apr 2018 07:50:15 GMT
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
age: 3455
cf-request-id: 09d6481b9200004a73d204d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MeIoLrUYPouTK7wP6A0cOspG%2FAG1qqyW1jnz%2FpnHlS7xEd6j82xwQ%2F%2F3o0XRyXo%2B0AoJsu3V5dJ5vT5dMXy%2FZRnUkyNOgX5ItgC%2FMQxGuJmtdamxn8cW"}],"max_age":604800,"group":"cf-nel"}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 649d760c183d4a73-FRA
content-encoding: br

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 7634 43 B
479 B 80ms
44ms Image
image/gif 104.79.88.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/retarget?a=11571&version=1&gdpr=0&gdpr_consent=&redirected=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.88.164 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-88-164.deploy.static.akamaitechnologies.com
Software: MT3 3709 11aaa92 master zrh-pixel-x4 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 00:02:35 GMT
Server: MT3 3709 11aaa92 master zrh-pixel-x4
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 00:02:34 GMT

GET
H2 200 / Show response
track.adform.net/Serving/TrackPoint/ Frame 7634 111 B
592 B 61ms
42ms Script
text/javascript 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?pm=668760&ADFPageName=ADF%20I%20Japix&ADFdivider=%7C&ord=208582067539&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fwww.gonser.ch%2F&ADFtpmode=2&loc=https%3A%2F%2Fhal9000.redintelligence.net%2Fretarget%3Fa%3D11571%26version%3D1%26gdpr%3D0%26gdpr_consent%3D%26redirected%3D1

Requested by

Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hal9000.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:35 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 186
expires: -1

GET
H/1.1 200
OK Cookie set rt.php Show response
www.usemaxserver.de/ Frame 69F3 0
564 B 116ms
29ms Document
text/html 212.48.120.130
ARTFILES-AS Artfi...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.usemaxserver.de/rt.php?ext_i=4866577946&ext_domain=1
Requested by: Host: www.usemax.de
URL: https://www.usemax.de/rt.php?campaign_id=49594&place=&product_id=&category_id=&tp=1&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.48.120.130 Hamburg, Germany, ASN8893 (ARTFILES-AS Artfiles New Media GmbH, DE),
Reverse DNS: lb.usemaxserver.de
Software: Apache/2.4.25 (Debian) / PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: www.usemaxserver.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ad.ad-srv.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad.ad-srv.net/

Response headers

Date: Tue, 04 May 2021 00:02:35 GMT
Server: Apache/2.4.25 (Debian)
X-Powered-By: PHP/5.6.40-47+0~20210227.51+debian9~1.gbpd522a2
P3P: CP="NOI DEVa TAIa OUR BUS UNI"
Set-Cookie: um_rt=4866577946; expires=Wed, 04-May-2022 00:02:35 GMT; Max-Age=31536000; path=/; SameSite=None; domain=usemaxserver.de; secure ident_v=1; expires=Wed, 04-May-2022 00:02:35 GMT; Max-Age=31536000; path=/; SameSite=None; domain=usemaxserver.de; secure
Content-Length: 0
Keep-Alive: timeout=3, max=70
Connection: Keep-Alive
Content-Type: text/html

GET
H3-29

200

src=9949552;dc_pre=CJy2md3crvACFQ_7sgodz0YP-A;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=3149783219420.61
adservice.google.com/ddm/fls/z/ Frame 9D8B
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9949552;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=3149783219420.61?
https://ad.doubleclick.net/ddm/activity/src=9949552;dc_pre=CJy2md3crvACFQ_7sgodz0YP-A;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord...
https://adservice.google.com/ddm/fls/z/src=9949552;dc_pre=CJy2md3crvACFQ_7sgodz0YP-A;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=...

42 B
63 B

34ms
20ms

Image
image/gif

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9949552;dc_pre=CJy2md3crvACFQ_7sgodz0YP-A;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=3149783219420.61

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=9949552;dc_pre=CJy2md3crvACFQ_7sgodz0YP-A;type=invmedia;cat=tp3600;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=3149783219420.61
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

activityi;dc_pre=CKb3mN3crvACFU2i3godx30HIw;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1627907087134.6968 Show response
4780959.fls.doubleclick.net/ Frame 1180
Redirect Chain

https://4780959.fls.doubleclick.net/activityi;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1627907087134.6968?
https://4780959.fls.doubleclick.net/activityi;dc_pre=CKb3mN3crvACFU2i3godx30HIw;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_cons...

424 B
366 B

40ms
39ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4780959.fls.doubleclick.net/activityi;dc_pre=CKb3mN3crvACFU2i3godx30HIw;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1627907087134.6968?

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/retarget?a=43480&version=1&gdpr=0&gdpr_consent=&redirected=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

fa4c038d956360db4c2d8d590bd504b82dedcfd48f481c484acb83b5508dca0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4780959.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKb3mN3crvACFU2i3godx30HIw;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1627907087134.6968?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.ad-srv.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad.ad-srv.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 May 2021 00:02:35 GMT
expires: Tue, 04 May 2021 00:02:35 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 341
x-xss-protection: 0
set-cookie: IDE=AHWqTUliMQ-fQF8gywhWKz2v8ko_9nSP0qDQfyMH0xUcmi84SdeY2X2RgjErnEomi6I; expires=Thu, 04-May-2023 00:02:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 May 2021 00:02:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://4780959.fls.doubleclick.net/activityi;dc_pre=CKb3mN3crvACFU2i3godx30HIw;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1627907087134.6968?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817;~oref=https://hal900... Frame A738 502 B
483 B 44ms
17ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817;~oref=https://hal9000.redintelligence.net/

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca1fc239abec2c26ba5f92b6232dc811f60ad7ddf64a9afcfb5acdc07fee7f2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817;~oref=https://hal9000.redintelligence.net/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5994599.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5994599.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 May 2021 00:02:35 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 390
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

gdpr=0;dc_pre=CIq2n93crvACFaBGkQUdfYUAIw;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1
adservice.google.com/ddm/fls/z/ Frame 4350
Redirect Chain

https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1?
https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CIq2n93crvACFaBGkQUdfYUAIw;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1?
https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CIq2n93crvACFaBGkQUdfYUAIw;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1

42 B
63 B

16ms
16ms

Image
image/gif

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CIq2n93crvACFaBGkQUdfYUAIw;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CIq2n93crvACFaBGkQUdfYUAIw;gdpr_consent=;src=4755627;type=invmedia;cat=35is1ob8;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

gdpr=0;dc_pre=CL28n93crvACFZXhsgoduLsGfA;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/ Frame 4350
Redirect Chain

https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CL28n93crvACFZXhsgoduLsGfA;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CL28n93crvACFZXhsgoduLsGfA;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
63 B

22ms
21ms

Image
image/gif

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CL28n93crvACFZXhsgoduLsGfA;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CL28n93crvACFZXhsgoduLsGfA;gdpr_consent=;src=4755627;type=invmedia;cat=ch-rt0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 dst
as.ad4m.at/ad/ Frame 4350 0
581 B 28ms
24ms Image
text/plain 2606:4700:3039::6815:c056
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dst?a=2434&b=2&c=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&e=27091&f=&g=&h=&i=&z=0&y=1&d=https%3A%2F%2Fwww.gonser.ch%2F%3Flea_source%3D202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009%26utm_source%3DAdgoal.net%26utm_medium%3Daffiliate

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c056 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-request-id: 09d6481bfd00002bf21610c000000001
cf-ray: 649d760ccf182bf2-FRA
expires: 0

GET
H3-29

200

gdpr=0;dc_pre=CNrQn93crvACFZWBsgodWRUPIg;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/ Frame 4350
Redirect Chain

https://ad.doubleclick.net/ddm/activity/gdpr=0;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/gdpr=0;dc_pre=CNrQn93crvACFZWBsgodWRUPIg;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CNrQn93crvACFZWBsgodWRUPIg;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
63 B

22ms
21ms

Image
image/gif

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CNrQn93crvACFZWBsgodWRUPIg;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:35 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/gdpr=0;dc_pre=CNrQn93crvACFZWBsgodWRUPIg;gdpr_consent=;src=4362962;type=invmedia;cat=ch-re0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CKb3mN3crvACFU2i3godx30HIw;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1627907087134.6968
adservice.google.com/ddm/fls/z/ Frame 1180 42 B
498 B 24ms
16ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKb3mN3crvACFU2i3godx30HIw;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1627907087134.6968

Requested by

Host: 4780959.fls.doubleclick.net
URL: https://4780959.fls.doubleclick.net/activityi;dc_pre=CKb3mN3crvACFU2i3godx30HIw;src=4780959;type=invmedia;cat=ws9plkjz;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=0;gdpr_consent=;ord=1627907087134.6968?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4780959.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK v2
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 0
0 456ms
113ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Protocol

HTTP/1.1

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 May 2021 00:02:36 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift6885d4a430981d7ef57c9af33e1
content-length: 13
x-envoy-upstream-service-time: 0
server: istio-envoy

GET
H2 200 css
fonts.googleapis.com/ Frame 6E5F 4 KB
739 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/2.4cd53141.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 23:36:14 GMT
server: ESF
date: Tue, 04 May 2021 00:02:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 00:02:35 GMT

POST
H/1.1 200
OK v2 Show response
metrics.api.drift.com/monitoring/metrics/widget/init/ Frame 6E5F 25 B
697 B 123ms
122ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/widget/init/v2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 May 2021 00:02:36 GMT
server: istio-envoy
requestid: 186addcda4cf0b1f
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 11
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

GET
H2

200

google_sync_status
x.bidswitch.net/ Frame 4350
Redirect Chain

https://r.adserver01.de/rt/perf_ch.php?gdpr=0&gdpr_consent=
https://ads.creative-serving.com/pixel?id=3158229
https://ads.creative-serving.com/ul_cb/pixel?id=3158229
https://x.bidswitch.net/sync?dsp_id=4&user_id=b74c6d08-c915-42dd-991d-83d73e2b5215&ssp=&expires=30&user_group=2&cb=209
https://x.bidswitch.net/ul_cb/sync?dsp_id=4&user_id=b74c6d08-c915-42dd-991d-83d73e2b5215&ssp=&expires=30&user_group=2&cb=209
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=oMPmwAHlQFO1kANt9CNA5A==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEHoi_kNjHfU0ZcUDP3BkcXA&google_cver=1

43 B
145 B

21ms
20ms

Image
image/gif

18.195.54.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEHoi_kNjHfU0ZcUDP3BkcXA&google_cver=1
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.54.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 04 May 2021 00:02:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEHoi_kNjHfU0ZcUDP3BkcXA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

1x1.gif
imagesrv.adition.com/ Frame 4350
Redirect Chain

https://ad11.adfarm1.adition.com/tagging?type=image&network=42&tag[Markierung_T2.AdvancedStore_RetargetingPixel]=ASRET2
https://imagesrv.adition.com/1x1.gif

68 B
289 B

91ms
21ms

Image
image/gif

217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 04 May 2021 00:02:35 GMT
Last-Modified: Fri, 24 Jul 2009 13:46:10 GMT
Accept-Ranges: bytes
ETag: "4251594642"
Content-Length: 68
Content-Type: image/gif

Redirect headers

Date: Tue, 04 May 2021 02:02:35 +0200
Server: ADITIONSERVER v1.0
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
P3P: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://imagesrv.adition.com/1x1.gif
Connection: keep-alive
Content-Type: text/plain

GET
H/1.1

200
OK

bh.gif
saxp.zedo.com/img/ Frame 4350
Redirect Chain

https://secure.converto.com/img/bh.gif?n=3365&g=20&a=443&s=1&l=1&t=i&f=1
https://saxp.zedo.com/img/bh.gif?n=3365&g=20&a=443&s=1&l=1&t=i&f=1

43 B
983 B

780ms
176ms

Image
image/gif

54.153.123.185
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saxp.zedo.com/img/bh.gif?n=3365&g=20&a=443&s=1&l=1&t=i&f=1
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.153.123.185 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Zedo4G /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 00:02:36 GMT
Server: Zedo4G
Vary: Accept-Encoding
P3P: CP="NOI DSP COR CURa ADMa DEVa PSDa OUR BUS UNI COM NAV OTC", policyref="/w3c/p3p.xml"
transfer-encoding: chunked
Connection: keep-alive
Content-Type: image/gif
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://saxp.zedo.com/img/bh.gif?n=3365&g=20&a=443&s=1&l=1&t=i&f=1
Date: Mon, 03 May 2021 23:21:42 GMT
Server: Apache
Connection: keep-alive
Content-Length: 274
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 58w5cewy4kt2.json Show response
embeds.driftcdn.com/embeds/ Frame 6E5F 6 KB
3 KB 79ms
20ms XHR
application/json 99.86.2.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://embeds.driftcdn.com/embeds/58w5cewy4kt2.json
Requested by: Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-80.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb6fbd8251b10829e05c4f00f9bce990379c87093be9bab7ce76eb67bb0ca79f

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:35 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 10:33:15 GMT
server: AmazonS3
etag: W/"af76626ab14c2bc9f7a5e140ba5e277f"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control: public, max-age=30
x-amz-cf-id: 1mDKoOLOYBsSHDnmM7XizezRwTmXcwBRqLSGlZZgXL45j5w7kH1abg==

GET
H3-29

200

dpe
ad4m.at/ad/ Frame 4350
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=advs&google_cm&google_sc&a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&c=1
https://dmp.ad4mat.net/pixel?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&c=1&google_gid=CAESEBWuw2Ji-9AIldvaQjekx2c&google_cver=1
https://ad4m.at/ad/dpe?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&b=CAESEBWuw2Ji-9AIldvaQjekx2c&c=1

42 B
1 KB

19ms
19ms

Image
image/gif

2606:4700:3039::6815:c056
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad4m.at/ad/dpe?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&b=CAESEBWuw2Ji-9AIldvaQjekx2c&c=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c056 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:36 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
surrogate-control: no-store
x-backend-server: adsrv-7d3s
content-length: 42
cf-request-id: 09d6481d730000314021a3a000000001
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: image/gif
x-fastcgi-cache: BYPASS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
cf-ray: 649d760f1bbf3140-FRA
expires: 0

Redirect headers

Location: https://ad4m.at/ad/dpe?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&b=CAESEBWuw2Ji-9AIldvaQjekx2c&c=1
Date: Tue, 04 May 2021 00:02:35 GMT
Server: nginx
Connection: keep-alive
Content-Length: 154
Content-Type: text/html

GET
H3-29

200

dpe
as.ad4m.at/ad/ Frame 4350
Redirect Chain

https://ih.adscale.de/tpui?tpid=25&tpuid=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DAHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH%26b%3D__ADSCALE_USER_ID__%26c%3D6
https://ih.adscale.de/tpui?tpid=25&tpuid=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&cburl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DAHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH%26b%3D__ADSCALE_USER_ID__%26c%3D6&nut&...
https://as.ad4m.at/ad/dpe?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&b=609bea3f23e1641c74cacb48a81317da9f8e38ab52019a3bab425ab0f8452e41&c=6

0
705 B

16ms
15ms

Image
text/plain

2606:4700:3039::6815:c056
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&b=609bea3f23e1641c74cacb48a81317da9f8e38ab52019a3bab425ab0f8452e41&c=6

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c056 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-request-id: 09d6481d0800003140e1054000000001
cf-ray: 649d760e7aca3140-FRA
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&b=609bea3f23e1641c74cacb48a81317da9f8e38ab52019a3bab425ab0f8452e41&c=6
date: Tue, 04 May 2021 00:02:35 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H3-29

200

dpe
as.ad4m.at/ad/ Frame 4350
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?partnerid=132&partneruserid=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DAHecOvb_8Q0ZgfupG...
https://as.ad4m.at/ad/dpe?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&c=9&b=5683570591374680750

0
705 B

15ms
15ms

Image
text/plain

2606:4700:3039::6815:c056
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&c=9&b=5683570591374680750

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c056 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-request-id: 09d6481cdf00003140d2a27000000001
cf-ray: 649d760e3a633140-FRA
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&c=9&b=5683570591374680750
pragma: no-cache
date: Tue, 04 May 2021 00:02:34 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4350
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&C=1

43 B
1019 B

45ms
29ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&C=1
Requested by: Host: www.gonser.ch
URL: https://www.gonser.ch/?lea_source=202105040202302030267091X116625C1843151959BTSat106772_a125186_m1_p25416_t10276_cDE_s4_6088b58e37009&utm_source=Adgoal.net&utm_medium=affiliate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 00:02:35 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 04 May 2021 00:02:35 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 04 May 2021 00:02:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=5&external_user_id=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 294
Expires: Tue, 04 May 2021 00:02:35 GMT

GET
H3-29

200

dpe
as.ad4m.at/ad/ Frame 4350
Redirect Chain

https://a.twiago.com/rtb/usermatch.php?umid=11&userid=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&call_type=redirect&rtbprovider=openrtb&redirecturl=https%3A%2F%2Fas%2Ead4m%2Eat%2Fad%2Fdpe%3Fa%3DAHecOvb_8Q0Zg...
https://as.ad4m.at/ad/dpe?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&b=ad2802bd69279dbe32471312ef2a620c5b27e706ee9d1d77a71ae0ae8998d&c=7

0
705 B

23ms
23ms

Image
text/plain

2606:4700:3039::6815:c056
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://as.ad4m.at/ad/dpe?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&b=ad2802bd69279dbe32471312ef2a620c5b27e706ee9d1d77a71ae0ae8998d&c=7

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c056 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gonser.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:02:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-request-id: 09d6481d0700003140bc377000000001
cf-ray: 649d760e7ac73140-FRA
expires: 0

Redirect headers

location: https://as.ad4m.at/ad/dpe?a=AHecOvb_8Q0ZgfupGJXBsn6O12m7f6FH&b=ad2802bd69279dbe32471312ef2a620c5b27e706ee9d1d77a71ae0ae8998d&c=7
date: Tue, 04 May 2021 00:02:35 GMT
server: Apache
connection: close
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817;~oref=https://hal9000... Frame D6B3 194 B
877 B 104ms
79ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817;~oref=https://hal9000.redintelligence.net/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817;~oref=https://hal9000.redintelligence.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CNqKj93crvACFVZp4AodOJ0PBA;src=5994599;type=invmedia;cat=ieqqbrka;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6095591555077.817;~oref=https://hal9000.redintelligence.net/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 04 May 2021 00:02:35 GMT
expires: Tue, 04 May 2021 00:02:35 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H2 200 widget_bootstrap Show response
bootstrap.api.drift.com/ Frame 6E5F 3 KB
2 KB 478ms
251ms XHR
application/json 18.215.11.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bootstrap.api.drift.com/widget_bootstrap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.215.11.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

5dc7a0d79aa42ca2a29dba91d753a581d87ca73d42770091d5d88fd56e808bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 04 May 2021 00:02:36 GMT
content-encoding: gzip
requestid: 57d5bbeba7f5dc21
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 1401
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H2 200 58w5cewy4kt2
targeting.api.drift.com/hours/availability/combined/ Frame 0
0 341ms
112ms Preflight
text/plain 34.204.215.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/58w5cewy4kt2

Protocol

Server

34.204.215.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-215-213.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 May 2021 00:02:36 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: HEAD,GET,OPTIONS
requestid: drift220faaa4642be53cab92a0389c8

GET
H2 200 58w5cewy4kt2 Show response
targeting.api.drift.com/hours/availability/combined/ Frame 6E5F 41 B
484 B 138ms
138ms XHR
application/json 34.204.215.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://targeting.api.drift.com/hours/availability/combined/58w5cewy4kt2

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.215.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-215-213.compute-1.amazonaws.com

Software

Resource Hash

a9885038c50d2ae4af29f5089c02051b3c87caccc4d8e42b4fe56208c16478ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5NTI4NTAyMDEwIiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTUxNjEwMiIsImV4cCI6MTY1MTYyMjU1NiwiaWF0IjoxNjIwMDg2NTU2fQ.cD4DDSdUwlG3E8JUwxJGzfftnD_kpp7ItR2Aq1s0-OBsfUC4ZA34a55O72fkInehMmNMylxv6Mbd31fKNH0Fvg

Response headers

date: Tue, 04 May 2021 00:02:36 GMT
requestid: 31f46ff51ffa3ff
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 41
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

POST
H2 200 track Show response
event.api.drift.com/ Frame 6E5F 750 B
1 KB 117ms
117ms XHR
application/json 52.0.189.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.0.189.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

6d394c748b89d8d61b902fc92e3771684ab085e3736b800e6f8ac39a51e926f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5NTI4NTAyMDEwIiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTUxNjEwMiIsImV4cCI6MTY1MTYyMjU1NiwiaWF0IjoxNjIwMDg2NTU2fQ.cD4DDSdUwlG3E8JUwxJGzfftnD_kpp7ItR2Aq1s0-OBsfUC4ZA34a55O72fkInehMmNMylxv6Mbd31fKNH0Fvg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 May 2021 00:02:36 GMT
requestid: a0fd4af242f0e45b
access-control-max-age: 1209600
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 750

OPTIONS
H2 200 track
event.api.drift.com/ Frame 0
0 332ms
109ms Preflight
text/plain 52.0.189.149
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://event.api.drift.com/track

Protocol

Server

52.0.189.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 May 2021 00:02:36 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
allow: POST,OPTIONS
requestid: driftca0c7a841469468b27dfeacafd3

GET
H2 200 43.fc7b4d57.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 17 KB
7 KB 21ms
20ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/43.fc7b4d57.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a7843fe2ffcd809673ef29acec5b64d1ac7e93eec31cc637099276c7ad5cb467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 13:54:04 GMT
content-encoding: gzip
age: 295712
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 13:24:11 GMT
server: nginx
etag: W/"2c4db2f0ddd1e36bfd230f1715c73545"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: PoJLiw0.w8iY2wd4Ea3nCjeYck2Lek6G
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: m-aaIWQku926JNiz8F4X7jOednkeHkYpWKReZikVkFPkpWKIbiOczQ==

GET
H2 200 44.a62fd4b8.chunk.js Show response
js.driftt.com/core/assets/js/ Frame EAAB 17 KB
6 KB 20ms
20ms Script
application/javascript 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/assets/js/44.a62fd4b8.chunk.js

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/runtime~main.a5da2889.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

324d01ef7f0060b668eb74ff00816d2daedbe385bb4a9d83ffacd023a51464c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://js.driftt.com/core/chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 13:10:26 GMT
content-encoding: gzip
age: 384730
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
last-modified: Thu, 25 Mar 2021 19:27:43 GMT
server: nginx
etag: W/"975a68568d054bd43cff65c64b196a99"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
x-amz-version-id: GF2od9k.Rlz.mQ8IIJyUY3sxYlADtpc8
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: JIRKrT_pkuJbgEAf-ryLD2WNK7WIfUqs0tRxYfpt1DLpEWquJw6LYw==

GET
H3-29 200 css
fonts.googleapis.com/ Frame EAAB 4 KB
643 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/2.4cd53141.chunk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://js.driftt.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 22:40:02 GMT
server: ESF
date: Tue, 04 May 2021 00:02:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 00:02:36 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ Frame EAAB 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 598319
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 27 Apr 2022 01:50:37 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame EAAB 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans|Open%20Sans:bold&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://js.driftt.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 20:40:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 530518
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Wed, 27 Apr 2022 20:40:38 GMT

POST
H/1.1 200
OK bulk Show response
metrics.api.drift.com/monitoring/metrics/event2/ Frame 6E5F 25 B
697 B 126ms
126ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5NTI4NTAyMDEwIiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTUxNjEwMiIsImV4cCI6MTY1MTYyMjU1NiwiaWF0IjoxNjIwMDg2NTU2fQ.cD4DDSdUwlG3E8JUwxJGzfftnD_kpp7ItR2Aq1s0-OBsfUC4ZA34a55O72fkInehMmNMylxv6Mbd31fKNH0Fvg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 May 2021 00:02:37 GMT
server: istio-envoy
requestid: cc3b2fa22f5409aa
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 16
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H/1.1 200
OK bulk
metrics.api.drift.com/monitoring/metrics/event2/ Frame 0
0 113ms
112ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/event2/bulk

Protocol

HTTP/1.1

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 May 2021 00:02:37 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drift63be5da4cd9b4c1f1c4abd69c79
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

POST
H/1.1 200
OK bulk Show response
metrics.api.drift.com/monitoring/metrics/add/ Frame 6E5F 25 B
696 B 111ms
111ms XHR
application/json 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/core/assets/js/39.00daf76c.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.driftt.com/
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI5NTI4NTAyMDEwIiwiY2xpZW50SWQiOiJmNnp1aXpkeWh4cm03ciIsInVzZXJJZFR5cGUiOiJMRUFEIiwic2NvcGUiOiJsZWFkIiwiaXNzIjoiMTUxNjEwMiIsImV4cCI6MTY1MTYyMjU1NiwiaWF0IjoxNjIwMDg2NTU2fQ.cD4DDSdUwlG3E8JUwxJGzfftnD_kpp7ItR2Aq1s0-OBsfUC4ZA34a55O72fkInehMmNMylxv6Mbd31fKNH0Fvg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 04 May 2021 00:02:40 GMT
server: istio-envoy
requestid: 7c416d0883510eb9
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1209600
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
content-length: 25
access-control-expose-headers: X-Results-Total-Count,X-Page-Info

OPTIONS
H/1.1 200
OK bulk
metrics.api.drift.com/monitoring/metrics/add/ Frame 0
0 113ms
112ms Preflight
text/plain 3.94.218.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.api.drift.com/monitoring/metrics/add/bulk

Protocol

HTTP/1.1

Server

3.94.218.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://js.driftt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 May 2021 00:02:40 GMT
access-control-allow-origin: *
access-control-allow-headers: origin, content-type, accept, authorization, auth-token, uber-trace-id, x-amzn-oidc-data, x-version
access-control-allow-credentials: true
access-control-expose-headers: X-Results-Total-Count,X-Page-Info
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 1209600
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain
allow: POST,OPTIONS
requestid: drifta3cc980464fb7d01e2866d23412
content-length: 13
x-envoy-upstream-service-time: 1
server: istio-envoy

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.gonser.ch/	1970-01-19 18:01:28	Name: drift_campaign_refresh Value: a6c1b15c-f907-4e25-ada8-1e2c547d4d4e

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://js.driftt.com/core/assets/js/24.51b9fb55.chunk.js(Line 1) Message: react-i18next:: You will need to pass in an i18next instance by using initReactI18next

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4780959.fls.doubleclick.net
5994599.fls.doubleclick.net
a.twiago.com
acdn.adnxs.com
ad.ad-srv.net
ad.doubleclick.net
ad11.adfarm1.adition.com
ad4m.at
ad4mat.net
ads.creative-serving.com
adservice.google.com
adservice.google.de
as.ad4m.at
bat.bing.com
bootstrap.api.drift.com
cct.connects.ch
cct.gonser.ch
cdn.findologic.com
cdn.jsdelivr.net
cdn02.plentymarkets.com
cdn10.plentymarkets.com
cdnjs.cloudflare.com
clever-redirect.com
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
dmp.ad4mat.net
dsum-sec.casalemedia.com
embeds.driftcdn.com
event.api.drift.com
fonts.googleapis.com
fonts.gstatic.com
gonser-services.ch
hal9000.redintelligence.net
ib.adnxs.com
ih.adscale.de
imagesrv.adition.com
insight.adsrvr.org
js.driftt.com
kamala-cha.com
metrics.api.drift.com
pixel.mathtag.com
r.adserver01.de
r.lnk8j7.com
rtb-csync.smartadserver.com
s.pinimg.com
s2.adform.net
saxp.zedo.com
secure.adnxs.com
secure.converto.com
static.newsletter2go.com
stats.g.doubleclick.net
targeting.api.drift.com
tc.connects.ch
track.adform.net
tracker.clever-redirect.com
www.capitalonebankcard.com
www.dwin1.com
www.facebook.com
www.gonser.ch
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.lacmp.net
www.searchfor.org
www.smartredirect.de
www.usemax.de
www.usemaxserver.de
x.bidswitch.net
104.75.88.209
104.79.88.164
138.201.63.157
142.250.181.226
142.250.184.230
146.148.21.162
151.101.113.108
151.101.114.109
18.184.22.220
18.193.98.4
18.195.54.133
18.215.11.20
185.86.137.110
195.201.108.174
212.32.237.101
212.48.120.130
212.83.50.108
217.79.188.10
23.218.208.246
2600:9000:2104:2600:f:8ce2:fb80:93a1
2606:4700:20::681a:728
2606:4700:3032::ac43:aa7a
2606:4700:3036::ac43:8065
2606:4700:3039::6815:c056
2606:4700::6810:135e
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:827::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9b
2a01:ab20:0:203::52
2a02:6ea0:c700::4
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::84
3.123.78.164
3.123.96.39
3.94.218.138
34.204.215.213
34.255.138.57
37.157.2.236
37.157.6.236
37.252.172.250
52.0.189.149
52.222.183.22
54.153.123.185
54.192.210.60
54.208.107.202
65.9.66.75
65.9.84.90
78.46.197.88
84.200.5.215
85.114.159.112
85.215.5.31
94.130.102.164
99.86.2.80
010cef1e54b072ce90408423f0994e332cccdfbdeb2422e363587896fdda487c
028ebb9e7486ff4dfe159a084de6239ad17b4e9a21ed2816a4a84b73a84d5794
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
067a3f3a6d50349a650f9df58b4c118f0ca0a2136ee24163742dea4625b85cff
09698cbca28bc2f3d73d1f57ac823d2c707082442b068badf5fdd774f3d9b1b5
0a306526fc6a2c25361cccc5ba74de9592c51c225daa00e81e2fea18959d4499
0ca889ef77939a842e23efde134019e4bc994afe490d495e3ae775acb8dd41e4
0fb09ced4ee40ce2d345b5e6b2255ad71f2ee44bb8998598fd94c137e813afec
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1309ba224b27bc03db61a1f96b80571423a4241e03a98502d0f67d05ab440845
1476c101cda6283fbd6a7b4381767b7ecde6d8e1bd871dd43bfba89f1b950a87
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
170c9486f56ff28c3fb7c31c307ab8c7f73b00cf8dc462e0c7c4d9f97f5dd7a7
18fd1575b10125807103f4c1a232cfeaaeedf7baf74a86598ede6bae6d23b828
1a6d2c0675a46c16261ab620e5eda102fdfb5d085391347db3306bf872a90664
1b9fa6b47fe8ff761081243300f6365067cb56367c0ec4ad74314a729d4e1d16
1c5e0d6a65087044ff1aeed54e598fc04d3f725265b89e84798e9ef1db98171c
1d6178ebd3651ac0fbafce375ebf1b7c46e54508c8d0e6c4ff1ffeac73484b4f
2194a482d5318ea04b18c274ec9bfe99a8c71bb9897e802063e7e849557e8d23
222e0f6d902baccd9480e2ca7de53f44ce0f3ab3496b751af15acdf162e55f2a
2296b231b2626e942d6fed4272180dda619828a26eb0de538df08c0598102575
23549c754483396f757217e23f5735d613b4a5b9371c06c7a073e086ff146aa7
23aba1847b53c07cb128214d9f1dc8f477b4f9d46cee8654e82db819c6849692
263d71d257e8ffa6aeed6dcc1a9b6fe88b61d38c13181eb00115ced54d4a918a
270212e65cb4c2ddde71885f54f0d8d1ef1e5812335c26d2f1fcf27effe61242
289f3870dae134cb32ffcdc517a271b108c955ede6ade89835f4e6fb5aaf93d0
2a5715197eb96bb39f8f4efe44343adb47b1fdaab45e7da970d1afa38448ea50
2bbd412bfc6e2aefaee5cf0648ad34e5ae55f21b7baec795169ad9d1a5361883
2bf0b536a769d3b2f41deba6a8f8f9886418682e9f05e5a9a6d4e8663a10355c
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d52d642dbd9ecfbefd4da4ec8d937484ec2e655923912909d872c51ed7cadd2
2ff0301ee0a7740af6130069310f3dadd270e5f6a16acb16ca207ceb01fd6bbf
302e1a06cf45cb9dc221eee6eb8a619a6af3820e7918f1e4bf50f091954526f5
3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299
324d01ef7f0060b668eb74ff00816d2daedbe385bb4a9d83ffacd023a51464c3
337c5824e8502220398b84ba82ac409c2139beba4083b7f9d430911f6038b69f
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37f5811ee6b17fb6568094cf17ad70e8847616ce0c42da9709df94e06595f603
3883ff2a5b46193da5464f5ae5fb94169d1361cfecedbd187439d459dc669f31
3910eae42f5a2e3145fe4d8fefe19303938774c6d5113be75f4f1410bde0b60b
3a20d7d126f2764f575487ba49d6a3446cafb5225520bb36cd8d463dd33fdf3a
3a5cb6f839139172961a3d35b3203f85f6ce4d1e4b96c95825fc1cd870430880
3a831b2949d080b9ab402c2c968b99590a24b0bc2177c3de548bb318bd96689d
3f27849fbcb7ec27f0e71094e146f71be03c431f73a8c9c021a4462a39df5a22
475dbccf84ca50f8d13df95ef5a85c58198fd65fefa481850453de7feb2d4bb2
483f498432e2432f9878924f6103c26d3ecf1a71a973ced38d9bec843cfe0297
48a9635c90c2e857397074cc488f2ed173ea7b0084a32f827c3cabee958b8e88
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b96fcdb0d9e90f7527b30c33c4259e8a83595f0cf73d7224df7b6e362c82af6
4f4ab87946162884af2a2fc74e126b9ac2f3e6553212104d1938528bd3dc1d0e
5141d75e689daebfcb48d486032ea2797c1f16f4b2a27f3d3b1cd891c53818c1
5400169421a0312cc19dc21b4731bed89851dcbeb98c73e92cabb3af4c3dfbf5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57809464d54046b0288d0dd158529b275867d4bb425cf385696241bc955bff0b
5812928833975e41704a340bb60dcd4b3aef43bf9da8b1c758e9b0ff4a7a582d
5d510ae375fa0e1b84c32d26bb09026a48adc492fe41a0392ecc1cdad751d3d7
5dc7a0d79aa42ca2a29dba91d753a581d87ca73d42770091d5d88fd56e808bb7
5dd1a8e941b7a5151b30e3dd535abc7ab4c9e25ca0d15e419dd2ada5a81d2bcf
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964
6147eb27f1262940ab9b1b603aa7b36d1987a76bc949de41d39226c9da67cede
62b33c7813e7ad094f92e3917fa81aff0546a584602763b43ce4bcd4ea7b46c8
63238449f8169563732e486bbd85aa432a13e68d06be671475d9c33b83f0dd79
65d29e040c59a5e843952c3f0da27028455dc63372440602d129681883891276
6824695692a6ccb50cd16bfce8cbcc2a1c6e6e1adf3578ce9e6b423106414157
69b51ce5274738bb3e7a3462b821870ff6fdab7ed0181213356b7a789f3483ad
6a937cac6c1f73afedba2ff302d69c69560b9413ab327158718fd76bdc66a669
6ac3327f188a75ff18f3a723a4db374fc75716467e90d552b9943d3cad40cff5
6bad27d578e5780e745238f567a9e6722581165379fe9247ac1c72dfa5f6fd38
6d394c748b89d8d61b902fc92e3771684ab085e3736b800e6f8ac39a51e926f6
71d2875f860e7f7cff2d62b30a7a85bb3c7f84e68cff66399c0e27c182c78454
7416d49df67c5369a0eea9639bfe455a4233a81964fde164c04d25271d3aabc7
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
773e03ac001d0d50aa313e801d59d2acb8e8740d969a218e004effc8f1334ef0
78fbb3a5eec2541f75ac4d79c190197f4e337da8777f95e17a4a0ed82ea58629
7a07686bad99f9f1570118de341caf346848b3bba2c5f49703c59583f039f181
7b9be083609cdb03285eae8d967c4b7f0c91f9056049335e5fd5aa26b6afa0a8
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e41ca21e421f129d3881e345f990027b66c0ab3c5580e549575f9393d117cbd
7f88a93ff20a8309a18049051f502f298ca7241b433a22b6f86eb67a343bfc0c
814c2610b8322a5e04506726f035caa9ed74eec834af27c2dfc60c94919b28a6
817c7a8de5f73b3bd9358babbbd8f904fa639279f18bc86d320fcfb7fcfa8485
82a557180fc468bdfc051140172475ed640c424fd73a78f27211c8ce949b5134
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84481c66973dbcfaad9597e7109d4f2039bcddd5c734429bff4174fdcde5a0da
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85baa67b6e630a446f4bd1fcd8db03e23268c2f7af7171b3c011a0107b4e5765
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87a2f8365c65b08bc824cecca8cefe071bbb0312957d3842b0557b3dbaed3fff
884d21267e4501ada62d76baf8e95e05e2ce84de495ced536ce46eb7044b68fe
8a1db3cde7ae485c2ba1b417afd72d8d10610ffc7783f19abaaf74db42227dab
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ee5517ab0e70d747f3cf7de5ce07bab4e9553eac8b8b51a1315c743791af92d
8fa7e02441ac12b38e71dbcd72a60015e83a4b650962350fdce37bab18cf454f
9062e8f330834ebd0beec454ca50a7256f2438b8d9480aaa3a586f591a61fac9
972c94e24cd810cd05f2a2b3510f400edeb373d5a8355089d43ef3e4f650886e
9aff01bc783d8594a56120806445b231bf83e9cabd5b293a7ccfa61826a1edd9
9be5d4713a5fd39ef85c55dc9adfdc2faf65081b4a7af2cd7778b9d209029a26
9c17f7641c292d904bc694ca5582287de651a98b873434862099959d0d912ef5
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9cc016821d012dfa8d0addafb149af61c8d0772c1546ab27241fa8bdcb95a279
9d3e183f345640bea2f2fe0ae6688a4696e24a7ba06bb762aa8325d94233cc43
9e8cc5e854a8efec968751ed0cc28419077cdb259cdee4bc2c7c343be561da77
9f968e31e5ff530e8e45203809c0150f78f669305a5edd40bb509cf7df15387d
9f994806adf9626a0928ae332215d4ecd0a6cc4c3675482764c90ffffb68df78
a0774f290781320b1ee451e53e384381cfa827d5c94526856eb4f5f80b3e50e7
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a530f18a3872bed929f7723682c3b1a67d302308741586dea8e73d756d85fb61
a700f71fb1bb8fbba02eb3a6e70c73441e24337c4521bacc1c4e2b97d7b191a9
a7843fe2ffcd809673ef29acec5b64d1ac7e93eec31cc637099276c7ad5cb467
a90e21c46231e20048209952d51a8de790cf605c095023d54a1ac463493ff2c2
a9885038c50d2ae4af29f5089c02051b3c87caccc4d8e42b4fe56208c16478ce
ab80dc8754fc12f26b3cc534416c13d7b67f5d4f04920a51751cff3ea93337b8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b824d2ca37d0850382ef9fc499ef7ddae7cb9ff5e0f4c0a5b0588e8bd1dfe4a6
b89d3e0e1d4a7def18a1802b6425d95a670f6854d6b1a67fcf220004b8fdd071
bafa38e691539928bf93936e48240e22e36c288496ec7bcda16a8b090095bb57
bb6fbd8251b10829e05c4f00f9bce990379c87093be9bab7ce76eb67bb0ca79f
bbb9aec1d8e82301b7ad4ebc4ffce0b3a638d73f0f612383713b24e15bdc10df
bc9a4312d75cfdd9988ce23c743e83536e40c23f09f8e3ed3311093e95409943
bca70781003218de9b40526bf839743abb108642b539b63958e2aea7f3cae0c2
c8adaf3188585a5b34f8888433375deca3246c299c1c10b46bc804641bd55ddd
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca1fc239abec2c26ba5f92b6232dc811f60ad7ddf64a9afcfb5acdc07fee7f2e
cf078d9faa64842b4228004af8bac9181baa732fd0645206c94fa68ecdcb0fc7
cf4d63447718d9709833a01ac215139cf374cee06d8fb4c56c4e2432148bd526
cf691a4716b5aee523570a1e7b654d52b5a6a4cb8a9fb1c2011b429a0dea7ff2
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d3322d34e84d3827dc942b20698f825e460f2cb09a03f2b9e4c3f26342240ad1
d3528e4a656c1898832bd0aadf4b7493a6dab833bcf77de82220134cff487105
d411775260d8563a58272ca5581260d0594ff8377e4820e885eac1ffcba4d858
d75c1823f06b25faffc4d8177e4fbad465186322ee07a862adabf1de9f6606ce
da5be0996d98c4143d3ff55682a814a3fd0addefb010e90b9018533307569d76
dd09e3ba26066abe27c4dad57c8e0c8a63fe23a0bc87e63bcab94f25e9096459
df355dc7d56ee94befe907edb2da5f9f680704139d1e0ffbe0c4c19a57166263
e01a31d1eb9be759017e7eb1cca7a856cdb6c73fd2495a3cae6fe24e15f3fef9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7657b3001a9523fb81152df7eb790ac0e7c7a163d06c31c5052b6e1b25ca77d
e900793533d5a24861457658acd88eefaf284309e5e5f8a049b9468af341abf2
ecaef097a49429f00f55336367b45e898f27c6e85801c55cebb6e2f25ad8742e
ed1b3d93b1d4d4e593d7b07fe0e1d8cfd0cdd9410596547c06b1bb5ef9fd628b
ed433190c4325c7a7c86a1ba7a74ef568e98b1fc962392a11dda88df9be15d98
ed56292da2883fe23fa81f64fcedb3c6dff5f09b4f2aed777be50699e7f04ba7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef403c6c759d482925f23c6f42e164d0d615d0b0f6fde37d8aeaf92c63833e2d
f446df74eaa83a2c4f4c62fbd027e36c01661f96822f053f26db7beb429cd3e8
f58ace84e88735de6302205e795e8e425f9ba4ced96a12a5867148a5c964acfb
f6bc8489b1db408b87e08d302f51c012dc6dca9e28b8fc7cb3403409eb446baf
f72460c23395dda305f27ef54e3980e8bc69c000f0ff87097492aab1d26e839a
f8c91e009d219173c41b4c0b6e43ad28081f7580df6cb99a76aa0a476390ca47
f8e3f110b75b3f1951f50fb7795c6eaf5bee4f07b787a1b535b39e734c7f1723
fa4c038d956360db4c2d8d590bd504b82dedcfd48f481c484acb83b5508dca0f
fc1228b3caba9cc6d5a2169399a3d14838abc607f24b3d07f5ed080b60a62ac4
fe2187ef1cea930c08986c2ceab529b1601cd9345a2dc346c3e55cfb1b483e29
ff5f297251fd007ada40124892ba3fceb370a857e61c2a6a66f2132955ba01b3

www.gonser.ch Open in urlscan Pro 18.193.98.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

209 Requests

100 %HTTPS

34 %IPv6

51 Domains

70 Subdomains

50 IPs

8 Countries

4052 kBTransfer

6902 kBSize

1 Cookies

3 Outgoing links

Page URL History

Redirected requests

209 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gonser.ch Open in urlscan Pro
18.193.98.4 Public Scan

Screenshot
Live screenshot

Full Image

209
Requests

100 %
HTTPS

34 %
IPv6

51
Domains

70
Subdomains

50
IPs

8
Countries

4052 kB
Transfer

6902 kB
Size

1
Cookies

209 HTTP transactions
4 data transactions