urlscan.io logo urlscan.io
SecurityTrails logo

mailings.cs2.ch Open in urlscan Pro
194.42.96.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mailings.cs2.ch/
Effective URL: https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Submission Tags: phishingrod
Submission: On October 09 via api from DE — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 14 domains to perform 49 HTTP transactions. The main IP is 194.42.96.25, located in Germany and belongs to AMAZON-02, US. The main domain is mailings.cs2.ch.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 16th 2022. Valid for: a year.
This is the only time mailings.cs2.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 194.42.96.25 16509 (AMAZON-02)
4 52.48.200.112 16509 (AMAZON-02)
10 35.190.14.188 15169 (GOOGLE)
1 52.218.29.243 16509 (AMAZON-02)
3 142.250.185.168 15169 (GOOGLE)
6 35.241.3.184 15169 (GOOGLE)
2 35.201.111.240 396982 (GOOGLE-CL...)
1 142.250.185.162 15169 (GOOGLE)
1 13.107.21.200 8068 (MICROSOFT...)
4 151.101.193.44 54113 (FASTLY)
3 142.250.186.174 15169 (GOOGLE)
1 157.240.0.6 ()
49 13
4    194.42.96.25 (Germany)

ASN16509 (AMAZON-02, US)
PTR: ssl.cleverreach.com
mailings.cs2.ch
4    52.48.200.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-200-112.eu-west-1.compute.amazonaws.com
fonts.crsend.com
login.cleverreach.com
10    35.190.14.188 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 188.14.190.35.bc.googleusercontent.com
app.usercentrics.eu
1    52.218.29.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
3    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
6    35.241.3.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.3.241.35.bc.googleusercontent.com
api.usercentrics.eu
2    35.201.111.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.111.201.35.bc.googleusercontent.com
consent-api.service.consent.usercentrics.eu
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads.g.doubleclick.net
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
4    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
3    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
www.google-analytics.com
1    157.240.0.6 (None, )

ASN- ()
connect.facebook.net
Apex Domain
Subdomains		 Transfer
18 usercentrics.eu
app.usercentrics.eu — Cisco Umbrella Rank: 10497
api.usercentrics.eu — Cisco Umbrella Rank: 8526
consent-api.service.consent.usercentrics.eu — Cisco Umbrella Rank: 15478
146 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1126
trc.taboola.com
pips.taboola.com Failed
30 KB
4 cs2.ch
mailings.cs2.ch
10 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
87 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
263 KB
3 crsend.com
fonts.crsend.com
17 KB
1 facebook.net
connect.facebook.net
1 bing.com
bat.bing.com — Cisco Umbrella Rank: 427
13 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net Failed
2 KB
1 cleverreach.com
login.cleverreach.com
1 KB
1 amazonaws.com
s3-eu-west-1.amazonaws.com
3 KB
0 google.ch Failed
www.google.ch Failed
0 google.com Failed
region1.analytics.google.com Failed
www.google.com Failed
0 licdn.com Failed
snap.licdn.com Failed
49 14
Domain Requested by
10 app.usercentrics.eu mailings.cs2.ch
app.usercentrics.eu
6 api.usercentrics.eu app.usercentrics.eu
4 mailings.cs2.ch 2 redirects mailings.cs2.ch
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 cdn.taboola.com www.googletagmanager.com
cdn.taboola.com
3 www.googletagmanager.com mailings.cs2.ch
www.googletagmanager.com
www.google-analytics.com
3 fonts.crsend.com mailings.cs2.ch
fonts.crsend.com
2 consent-api.service.consent.usercentrics.eu app.usercentrics.eu
1 trc.taboola.com cdn.taboola.com
1 connect.facebook.net mailings.cs2.ch
1 bat.bing.com www.googletagmanager.com
bat.bing.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 login.cleverreach.com mailings.cs2.ch
1 s3-eu-west-1.amazonaws.com mailings.cs2.ch
0 pips.taboola.com Failed cdn.taboola.com
0 www.google.com Failed
0 www.google.ch Failed
0 stats.g.doubleclick.net Failed www.googletagmanager.com
www.google-analytics.com
0 region1.analytics.google.com Failed www.googletagmanager.com
0 snap.licdn.com Failed www.googletagmanager.com
49 20

This site contains links to these domains. Also see Links.

Domain
www.cleverreach.com
Subject Issuer Validity Valid
*.cs2.ch
Sectigo RSA Domain Validation Secure Server CA		 2022-12-16 -
2024-01-16		 a year crt.sh
fonts.crsend.com
R3		 2023-10-04 -
2024-01-02		 3 months crt.sh
app.usercentrics.eu
GTS CA 1D4		 2023-10-08 -
2024-01-06		 3 months crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon RSA 2048 M01		 2023-07-10 -
2024-05-31		 a year crt.sh
login.cleverreach.com
R3		 2023-09-23 -
2023-12-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
api.usercentrics.eu
GTS CA 1D4		 2023-10-06 -
2024-01-04		 3 months crt.sh
consent-api.service.consent.usercentrics.eu
GTS CA 1D4		 2023-08-18 -
2023-11-16		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-17 -
2023-10-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Frame ID: F1C829107AC64579A5B8202B203313C6
Requests: 44 HTTP requests in this frame

Frame: https://app.usercentrics.eu/browser-sdk/4.28.0/cross-domain-bridge.html
Frame ID: E7EAEFFD71C7CB1B9967D0B1C8EAC80F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CS2

Page URL History Show full URLs

  1. https://mailings.cs2.ch/ HTTP 302
    https://mailings.cs2.ch/admin/index.php HTTP 302
    https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

49
Requests

78 %
HTTPS

0 %
IPv6

14
Domains

20
Subdomains

13
IPs

3
Countries

571 kB
Transfer

1899 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mailings.cs2.ch/ HTTP 302
    https://mailings.cs2.ch/admin/index.php HTTP 302
    https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
mailings.cs2.ch/admin/
Redirect Chain
  • https://mailings.cs2.ch/
  • https://mailings.cs2.ch/admin/index.php
  • https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.42.96.25 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ssl.cleverreach.com
Software
openresty /
Resource Hash
1b3bd207998b79e3bfe35e0af1422376bc4ad2fff4525f52d7dca832fd1ee965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
4422
Content-Type
text/html; charset=UTF-8
Date
Mon, 09 Oct 2023 08:09:18 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
openresty
Vary
Accept-Encoding
X-CR-I
www-eu-i-0d689cd7e5076919a D=252226 t=1696838958273330
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 09 Oct 2023 08:09:18 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
openresty
X-CR-I
www-eu-i-0df795ce79514b3e6 D=20170 t=1696838958022959
location
https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
css
fonts.crsend.com/ 		6 KB
914 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.crsend.com/css?family=Poppins:300,400,500,600,700,900
Requested by
Host: mailings.cs2.ch
URL: https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.48.200.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-200-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
99922c27f1ea918af92ba9fb0db18581bb4e59c77d4ddaec4c621de38d7d2730
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:09:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
x-xss-protection
0
loader.js
app.usercentrics.eu/browser-ui/latest/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/latest/loader.js
Requested by
Host: mailings.cs2.ch
URL: https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9c78e8edf537b7fa554e6c2691b006264fc2533162fba95711ed95509d681bff
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:35:58 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
2001
x-guploader-uploadid
ADPycduYIGe87wGDSXvB0V__GPYrkFEEAcHSHkEwkkbB2YMkdAG1B94UwTs1QZteOb93AibaFeyALlnq0Bbby0jq3am3Bg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20316
last-modified
Thu, 14 Sep 2023 12:58:26 GMT
server
UploadServer
etag
"219e037373025f83a3a36910e07ce715"
x-goog-generation
1694696306486795
x-goog-hash
crc32c=3ZO4bA==, md5=IZ4Dc3MCX4Ojo2kQ4HznFQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Length, Transfer-Encoding
cache-control
public, max-age=3600, no-transform
x-goog-stored-content-length
20316
accept-ranges
bytes
content-type
text/javascript
expires
Mon, 09 Oct 2023 08:35:58 GMT
login-d863f21401.min.css
mailings.cs2.ch/assets/compiled/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mailings.cs2.ch/assets/compiled/login-d863f21401.min.css
Requested by
Host: mailings.cs2.ch
URL: https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.42.96.25 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ssl.cleverreach.com
Software
openresty /
Resource Hash
1461ae6a53a55f2dac7d5a051ec752d992d721a1f3e753661616d4bb2907a8df

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Mon, 09 Oct 2023 08:09:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Jun 2023 13:44:31 GMT
Server
openresty
ETag
"e5a-5fe2b44999799"
Content-Type
text/css
X-CR-I
www-eu-i-0f76dd1e9fe5f69e5 D=799 t=1696838958747953
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3674
logo_clean.png
s3-eu-west-1.amazonaws.com/files.crsend.com/8000/8579/whitelabel/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-eu-west-1.amazonaws.com/files.crsend.com/8000/8579/whitelabel/logo_clean.png
Requested by
Host: mailings.cs2.ch
URL: https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
52.218.29.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
3513f2ef126827b77a23a4c84fd472eac6dec92f16ae09a22e228a5376e98255

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Mon, 09 Oct 2023 08:09:21 GMT
Last-Modified
Fri, 15 Mar 2013 16:00:54 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:33/gname:www-data/uname:www-data/gid:33/mode:33279/mtime:1272881415/atime:1363342875/ctime:1338293489
x-amz-request-id
0AV0EM7NM1C02VMK
ETag
"01f85a79049674bbd8ab451ff5987861"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
2075
x-amz-id-2
v1uvFGuYcoGcKgZKyzYTWQpVzj8pFDiwyN29FVW/RcN06SopxAbovcS0MvKAOKIPlauorWPfyEU=
login.js
login.cleverreach.com/static/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.cleverreach.com/static/js/login.js
Requested by
Host: mailings.cs2.ch
URL: https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.48.200.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-200-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5786263782a5628ac8b4a143a20d2e90357dd3ba010110f3d964e49351a2d710
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:09:20 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Fri, 11 Aug 2023 17:37:00 GMT
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
content-length
963
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.crsend.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.crsend.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.crsend.com
URL: https://fonts.crsend.com/css?family=Poppins:300,400,500,600,700,900
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.48.200.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-200-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.crsend.com/css?family=Poppins:300,400,500,600,700,900
Origin
https://mailings.cs2.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:09:20 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
age
447136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7884
x-xss-protection
0
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.crsend.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.crsend.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.crsend.com
URL: https://fonts.crsend.com/css?family=Poppins:300,400,500,600,700,900
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.48.200.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-200-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.crsend.com/css?family=Poppins:300,400,500,600,700,900
Origin
https://mailings.cs2.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:09:20 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
age
300351
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7748
x-xss-protection
0
index.module.js
app.usercentrics.eu/browser-ui/3.30.0/ 		355 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.30.0/index.module.js
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
81c41f814f2cc03b2c5b247094ffd22ef741b8d9f9f12edd03e6ad961aa20a92
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://mailings.cs2.ch/
Origin
https://mailings.cs2.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 13:04:06 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
2142314
x-guploader-uploadid
ADPycdu4YBGg6q0xKy89_Xi_ZT2IQ_oj4XKmKU3B7d8On9owpR13zIW7GeOFJYjzM-7JZa8amGJC8pv3VUGUd2BM1fIdJmY16tfe
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104736
last-modified
Thu, 14 Sep 2023 12:57:53 GMT
server
UploadServer
etag
"32d46e5d1090b1de6b34048d81bca772"
x-goog-generation
1694696273912828
x-goog-hash
crc32c=4tGdZg==, md5=MtRuXRCQsd5rNASNgbyncg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
104736
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 13 Sep 2024 13:04:06 GMT
gtm.js
www.googletagmanager.com/ 		295 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQ8NNH
Requested by
Host: mailings.cs2.ch
URL: https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b111ff4e4adc42a6cae9c485c4d9b708144c811c0cf925bf5b0f96ebce288ca3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:09:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98593
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 09 Oct 2023 08:09:21 GMT
gtm.js
www.googletagmanager.com/ 		220 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-523HT3C
Requested by
Host: mailings.cs2.ch
URL: https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bab8548880b16d48d3ef2a4a4539222328fec4e3b2aaa946331c18ee62e8843f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:09:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74166
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 09 Oct 2023 08:09:21 GMT
languages.json
api.usercentrics.eu/settings/_Wu4KEBpy/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/_Wu4KEBpy/latest/languages.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://mailings.cs2.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 08:09:22 GMT
expires
Mon, 09 Oct 2023 08:09:22 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
CH,CHZH
x-guploader-uploadid
ADPycdtUo3E1wVF1h0glAHTRC7GQNCMzf5j0Qk95QhiEzM0r_zE8ghsgkqBccGl3HwpKFWv94F8f8k4NvzLBxY-UZp0yGg
languages.json
api.usercentrics.eu/settings/_Wu4KEBpy/latest/ 		206 B
647 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/_Wu4KEBpy/latest/languages.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.30.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4576de1dd5b373f578b18da3ab756a23d844e0df3e21e1fc0ac18e9eb9c5691c
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://mailings.cs2.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type
application/json

Response headers

date
Mon, 09 Oct 2023 08:09:22 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
CH,CHZH
x-guploader-uploadid
ADPycduV-4xIzW6ITMPULMraz4AimDc7tYQ1Jt5nxN1q4bWu9MihPOW6Vi29ascorwmphI8sxNfEw4Cy1xIJ0SAczFPtmQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
last-modified
Thu, 28 Sep 2023 10:42:07 GMT
server
UploadServer
etag
"a2119eb98408b24be7e63930ac2273a1"
vary
Accept-Encoding
x-goog-generation
1693922140407890
x-goog-hash
crc32c=IN2ZSA==, md5=ohGeuYQIskvn5jkwrCJzoQ==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
111
accept-ranges
bytes
content-type
application/json
expires
Mon, 09 Oct 2023 08:10:22 GMT
de.json
api.usercentrics.eu/settings/_Wu4KEBpy/latest/ 		39 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/_Wu4KEBpy/latest/de.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.30.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f5f40d7776a5e17a174243c4e08075832517a3dcf374e43adb46aada0ada8771
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://mailings.cs2.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type
application/json

Response headers

date
Mon, 09 Oct 2023 08:09:22 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
0
x-client-geo-location
CH,CHZH
x-guploader-uploadid
ADPycdsEEuLIdUGZVxOrLz9aGUVJ9KC8YbGcOrYjIZ9rAmDLGGusuhsiAUV2TOBCPDkD2jFBsW8nQQ70Igqnjad08W7FdkbqTlap
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11226
last-modified
Thu, 28 Sep 2023 10:42:07 GMT
server
UploadServer
etag
"abe03d3d50e03d8fcf020eea543cb6c1"
vary
Accept-Encoding
x-goog-generation
1695897727229964
x-goog-hash
crc32c=LkuNYQ==, md5=q+A9PVDgPY/PAg7qVDy2wQ==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=1800, s-maxage=60
x-goog-stored-content-length
11226
accept-ranges
bytes
content-type
application/json
expires
Mon, 09 Oct 2023 08:10:22 GMT
de.json
api.usercentrics.eu/settings/_Wu4KEBpy/latest/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/settings/_Wu4KEBpy/latest/de.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://mailings.cs2.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 08:09:22 GMT
expires
Mon, 09 Oct 2023 08:09:22 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
CH,CHZH
x-guploader-uploadid
ADPycdveERkqlMcPR-Kf2C41syG2RSdwbBQavF01q4DxG9UNwp-ow4pnVCnN_b77w1ftiD9cFsYR6eKgqvtH2x120ugw6Q
cross-domain-bridge.html
app.usercentrics.eu/browser-sdk/4.28.0/ Frame E7EA 		5 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-sdk/4.28.0/cross-domain-bridge.html
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.30.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8563f915516318c564b1a4b4d4005778294178cfac736d0ed7dd5afa86d4cd50
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://mailings.cs2.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
Content-Type Content-Length Transfer-Encoding
age
2142488
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=2592000, no-transform
content-encoding
gzip
content-length
1123
content-type
text/html
date
Thu, 14 Sep 2023 13:01:15 GMT
etag
"f38a7013943cca39fd3246cfcb7fc5d7"
expires
Sat, 14 Oct 2023 13:01:15 GMT
last-modified
Thu, 14 Sep 2023 12:57:28 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-goog-generation
1694696248384712
x-goog-hash
crc32c=00/Brg== md5=84pwE5Q8yjn9MkbPy3/F1w==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1123
x-guploader-uploadid
ADPycds2WsI3nKLBzKfmue-_wRGDs6H4LFc-okqVlq8PuMw53x0awA_QfYvDBPU-rl-Ofo7Dss-nmh2kjXHOrJedYWxptA
1px.png
app.usercentrics.eu/session/ 		489 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.usercentrics.eu/session/1px.png?settingsId=_Wu4KEBpy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 07:46:16 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
1387
x-guploader-uploadid
ADPycdslvukQG0zJF6da9hh3vdv2737tvop3XpuRCmvqF1bc4O_lfNRXbLWXLDQ2UmHch9F3EPJ04mYHAeiVF8IwSAHn1ee-zcz5
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
522
last-modified
Fri, 08 May 2020 09:06:13 GMT
server
UploadServer
etag
"3702ada73b8951017b8451cbd6a96523"
x-goog-generation
1588928773413784
x-goog-hash
crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type
image/png
cache-control
public,max-age=1800,no-transform
x-goog-stored-content-length
522
accept-ranges
bytes
expires
Mon, 09 Oct 2023 08:16:16 GMT
DefaultData-655d9254-48913d86.js
app.usercentrics.eu/browser-ui/3.30.0/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.30.0/DefaultData-655d9254-48913d86.js
Requested by
Host: mailings.cs2.ch
URL: https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a88df466fee0bb0d3fa786712623c7b60c713d62457466a56c1644b36fb7f86e
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.30.0/index.module.js
Origin
https://mailings.cs2.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 13:04:06 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
2142317
x-guploader-uploadid
ADPycds3dzuAlAX-ScsxW2EVjEHdAqdQGGXblBJfTXzrBFuQdVBfhmFc4oJW1d7SMMFcbzfQ58FQ_3Eh19YgUuAVY8iAtxK3hc9f
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
968
last-modified
Thu, 14 Sep 2023 12:57:42 GMT
server
UploadServer
etag
"fd4bb9c5ae868f2159b7afec7b709820"
x-goog-generation
1694696262906280
x-goog-hash
crc32c=FMG1oA==, md5=/Uu5xa6GjyFZt6/se3CYIA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
968
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 13 Sep 2024 13:04:06 GMT
translations-de.json
api.usercentrics.eu/translations/ 		8 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-de.json
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.30.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d4921e6caf1dfe28190143aa7cab9addbed7127f03827e73a7cdc56032c25610
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://mailings.cs2.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type
application/json

Response headers

date
Sun, 08 Oct 2023 13:30:34 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
67129
x-client-geo-location
CH,CHZH
x-guploader-uploadid
ADPycdsIh3LmEF5X3ReSP4J5D0avoJtHQZm2tB4B-zy5PlxEurBNwFaoqlP4XlmkX3i8iIFCV9-EZUtDQEFaMFOJpPvkMKzF_HKe
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2821
last-modified
Mon, 11 Sep 2023 07:33:50 GMT
server
UploadServer
etag
"444ecfbe97bd66d8afcd89c7c6b29da5"
vary
Accept-Encoding
x-goog-generation
1694417630874466
x-goog-hash
crc32c=yy8WTw==, md5=RE7Pvpe9ZtivzYnHxrKdpQ==
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400, s-maxage=86400
x-goog-stored-content-length
2821
accept-ranges
bytes
content-type
application/json
expires
Mon, 09 Oct 2023 13:30:34 GMT
translations-de.json
api.usercentrics.eu/translations/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.usercentrics.eu/translations/translations-de.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.3.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.3.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://mailings.cs2.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 08:09:23 GMT
expires
Mon, 09 Oct 2023 08:09:23 GMT
server
UploadServer
strict-transport-security
max-age=7776000
x-client-geo-location
CH,CHZH
x-guploader-uploadid
ADPycdvrxk5WEOfj99g5tYI9aj7VvXneKiiooXr9iDmRmIgFx_ZuXR8A2gIPib7ACIDOKhTmKYeIFjoo06J54m5p9E8edA
DefaultUI-26ba8847-4a5ca8dd.js
app.usercentrics.eu/browser-ui/3.30.0/ 		2 KB
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.30.0/DefaultUI-26ba8847-4a5ca8dd.js
Requested by
Host: mailings.cs2.ch
URL: https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c3d09fc75adcaac0c22577e5ab5413bd4ff59ce3efdabd907aef7349f1e94e93
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.30.0/index.module.js
Origin
https://mailings.cs2.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 13:04:06 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
2142317
x-guploader-uploadid
ADPycds8Wt8xc6SOnLibUC6txnTCA1tNiCocIL4WUQF6MNgsv4I37n9wkwfDVLvYWs5arIhZ9OVbGczp3nzOoVhXNlxaCqKbeiRZ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
758
last-modified
Thu, 14 Sep 2023 12:57:43 GMT
server
UploadServer
etag
"f78fb5473a22a340a6c5a9d8b15dac5e"
x-goog-generation
1694696263506086
x-goog-hash
crc32c=kiRjqg==, md5=94+1Rzoio0CmxanYsV2sXg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
758
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 13 Sep 2024 13:04:06 GMT
FirstLayerCustomization-4f604bd6-7844c3c5.js
app.usercentrics.eu/browser-ui/3.30.0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.30.0/FirstLayerCustomization-4f604bd6-7844c3c5.js
Requested by
Host: mailings.cs2.ch
URL: https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fdca819eed878aa74b52c43b07ef775bde65457494c40a2228697a5fe298158d
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.30.0/DefaultUI-26ba8847-4a5ca8dd.js
Origin
https://mailings.cs2.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 12:59:18 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
2142606
x-guploader-uploadid
ADPycdsGhHuCrNLL1GBLFtp-r4aAjvkwgItP2jjjtGr3Pv6inQ71hA4yypIjtL_kfo7fnx-E-ZgGPex0gKwSKu_jheIglw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1075
last-modified
Thu, 14 Sep 2023 12:57:43 GMT
server
UploadServer
etag
"0a66f8bb9257c6d73cd524d46a2a83b8"
x-goog-generation
1694696263819130
x-goog-hash
crc32c=SQBPAQ==, md5=Cmb4u5JXxtc81STUaiqDuA==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
1075
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 13 Sep 2024 12:59:18 GMT
ButtonsCustomization-b2eba160-04edb142.js
app.usercentrics.eu/browser-ui/3.30.0/ 		473 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.30.0/ButtonsCustomization-b2eba160-04edb142.js
Requested by
Host: mailings.cs2.ch
URL: https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4a0e0c5931babc166aaca2c1a7ca666d4ca07fcd2579fbdd9163ad9b9273102b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.30.0/DefaultUI-26ba8847-4a5ca8dd.js
Origin
https://mailings.cs2.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 13:04:06 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
2142318
x-guploader-uploadid
ADPycduTz1GIZpSqMnqRy4NabjYTVlKGJ4iVqlQEqmwgfq8fVrnlM-M6ytr0DWRLlhp-r4leDPAeH2E0UB67Tt541e16bbQBG5cV
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
236
last-modified
Thu, 14 Sep 2023 12:57:42 GMT
server
UploadServer
etag
"08b32d03424c148e01500401c73fc3b9"
x-goog-generation
1694696261977292
x-goog-hash
crc32c=kx25cw==, md5=CLMtA0JMFI4BUAQBxz/DuQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
236
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 13 Sep 2024 13:04:06 GMT
SecondLayerUI-78c6bc43-5e94417f.js
app.usercentrics.eu/browser-ui/3.30.0/ 		567 B
571 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.30.0/SecondLayerUI-78c6bc43-5e94417f.js
Requested by
Host: mailings.cs2.ch
URL: https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c901db9e6f8fefdd9f9460445a4c4963bdb4dab1d5841f0827ab66da9b0c984b
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.30.0/DefaultUI-26ba8847-4a5ca8dd.js
Origin
https://mailings.cs2.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 13:04:06 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
2142318
x-guploader-uploadid
ADPycdtB3v6W61xO0EWnYRLPCYSbZ2jUDJMpDyCRyyBsD3ODItTUjFHS5dlpfOjVtEuq2ht-u6YOq4tqxNFQihbkvVQJJA
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
317
last-modified
Thu, 14 Sep 2023 12:57:45 GMT
server
UploadServer
etag
"80c760916c01f0cbf513e7856bc3e4d7"
x-goog-generation
1694696265070903
x-goog-hash
crc32c=IT097A==, md5=gMdgkWwB8Mv1E+eFa8Pk1w==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
317
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 13 Sep 2024 13:04:06 GMT
Taglogger-51693fc2-eb327d0d.js
app.usercentrics.eu/browser-ui/3.30.0/ 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.usercentrics.eu/browser-ui/3.30.0/Taglogger-51693fc2-eb327d0d.js
Requested by
Host: mailings.cs2.ch
URL: https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.14.188 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
188.14.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
02de7011c861174353741463bfa50c040236cf408e32e718f28d630d2a794dc1
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Referer
https://app.usercentrics.eu/browser-ui/3.30.0/index.module.js
Origin
https://mailings.cs2.ch
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 13:04:05 GMT
content-encoding
gzip
strict-transport-security
max-age=7776000
age
2142319
x-guploader-uploadid
ADPycdtdn9vp8rxlYnY7rYvhSEm0brnBp7KMkPLw17uhnIsRHSn1QD26cxwWiyr0XW5FtcuTue2vXqFxMLANWb7vm8PO5ewcj6sS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
617
last-modified
Thu, 14 Sep 2023 12:57:45 GMT
server
UploadServer
etag
"438fae1bb0e39c8915473a38af6a9107"
x-goog-generation
1694696265702406
x-goog-hash
crc32c=LMv4gQ==, md5=Q4+uG7DjnIkVRzo4r2qRBw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
617
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 13 Sep 2024 13:04:05 GMT
2
consent-api.service.consent.usercentrics.eu/consent/uw/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.111.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.111.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://mailings.cs2.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 09 Oct 2023 08:09:25 GMT
server
Google Frontend
strict-transport-security
max-age=7776000
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-cloud-trace-context
099178d173f8350bb3f8df19c95f0672
2
consent-api.service.consent.usercentrics.eu/consent/uw/ 		0
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://consent-api.service.consent.usercentrics.eu/consent/uw/2
Requested by
Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.30.0/index.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.111.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
240.111.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=7776000

Request headers

Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://mailings.cs2.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
X-Request-ID
8eb4af79-bb29-45c0-9f37-8ce6b1717762
content-type
application/json

Response headers

date
Mon, 09 Oct 2023 08:09:25 GMT
via
1.1 google
strict-transport-security
max-age=7776000
server
Google Frontend
vary
Origin
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
b70eb178e21e18b93b032cf183e9f7ee
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
js
www.googletagmanager.com/gtag/ 		287 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q09SDP4HXY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-523HT3C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0002740d5071a59713e0a50d3bcef57266c18fec3c74501375f3562d936a8887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:09:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95931
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 09 Oct 2023 08:09:24 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/956195738/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/956195738/?random=1696838964461&cv=11&fst=1696838964461&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fmailings.cs2.ch%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&hn=www.googleadservices.com&frm=0&tiba=CS2&userId=8579&auid=1797142379.1696838964&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQ8NNH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
ad8744e5762d7a623ed379ea73024f4549bbedfd3c25f644958602efaf672694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 08:09:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1321
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQ8NNH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 09 Oct 2023 08:09:25 GMT
last-modified
Wed, 06 Sep 2023 22:41:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: ADEF31C3E2C349D1BE4943996B2BBAE2 Ref B: ZRHEDGE1715 Ref C: 2023-10-09T08:09:25Z
etag
"09cc4613e1d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12981
tfa.js
cdn.taboola.com/libtrc/unip/1455965/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQ8NNH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc8d2c4135f92fcb4d2f6e0dd6fa6469e5518bfc2d6f9740059ce6a7c0069268

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
Eltn66ZFmvnqG3Ep9yKc.LaAzq1beIh9
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 08:09:25 GMT
x-amz-request-id
7B8V5T9TBTZY1TGD
age
83
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
19975
x-amz-id-2
X58dsBCGTwdMKYwRTNuuMM6VPUI6UgE2numEvZbtVoLXX+mPMW8NpU4V2og5IgC6wJjYxFzxS48=
x-served-by
cache-fra-eddf8230036-FRA
last-modified
Sun, 08 Oct 2023 15:54:06 GMT
server
AmazonS3
x-timer
S1696838965.117943,VS0,VE1
etag
"c4d2e6b89b107dd1de071c3bc81ffa18"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
45
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
optimize.js
www.google-analytics.com/gtm/ 		179 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-WML8GRC
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQ8NNH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Google Tag Manager /
Resource Hash
1b735370c1eaa14b7889b63208e78dd0f239d4f18c16136e38556849b3cc464d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 08:09:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
66840
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 09 Oct 2023 08:09:25 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		189 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: mailings.cs2.ch
URL: https://mailings.cs2.ch/admin/login.php?ref=%2Fadmin%2Findex.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 09 Oct 2023 08:09:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53356
x-xss-protection
0
pragma
public
x-fb-debug
NZVDTystKNxT36IVyLAFo+LyzafhSDhbUiZd72Bp7yKxrTFVH4kLIbCtlNrpsDM1L41JwV31p52L5j0hxlMydg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
0
collect
stats.g.doubleclick.net/g/ 		0
0
ga-audiences
www.google.ch/ads/ 		0
0
json
trc.taboola.com/1455965/trc/3/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1455965/trc/3/json?tim=1696838965256&data=%7B%22id%22%3A932%2C%22ii%22%3A%22%2Fadmin%2Flogin.php%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1696838965248%2C%22cv%22%3A%2220231008-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fmailings.cs2.ch%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fref%3D%252Fadmin%252Findex.php%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-feicrashgroup%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22cbp%22%3A%22Usercentrics%22%2C%22cbpv%22%3A%221%22%2C%22cbcd%22%3A%22true%22%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1696838965255%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fmailings.cs2.ch%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0de3ff07139ccbb43d13164c111ff074bd6b672a6490a1c75185460db04e1477

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms
84
date
Mon, 09 Oct 2023 08:09:25 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.8308333333333334
x-fastly-to-nlb-rtt
64027
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230036-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1696838966.690708,VS0,VE84
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQ8NNH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 09 Oct 2023 07:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1183
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 09 Oct 2023 09:49:42 GMT
/
www.google.com/pagead/1p-user-list/956195738/ 		0
0
/
www.google.ch/pagead/1p-user-list/956195738/ 		0
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 08:09:26 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
1259
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230036-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1696838966.046674,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
1
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
8655
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1455965/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://mailings.cs2.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Oct 2023 08:09:26 GMT
x-amz-request-id
AXB48TVMJDNAM2N4
age
24453
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
b7zQHJfK4QWAGCGQdkiPE/NYuw9ml5U806n4eSZBtDuFhIIlij+/yIbwvs8ktIfKYwcGiAYa9+0=
x-served-by
cache-fra-eddf8230036-FRA
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1696838966.046675,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
80
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
44052
collect
www.google-analytics.com/j/ 		15 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1373186428&t=pageview&_s=1&dl=https%3A%2F%2Fmailings.cs2.ch%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&ul=en-us&de=UTF-8&dt=CS2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABRAAAACAAI~&jid=1680443768&gjid=607179890&cid=1149488427.1696838965&uid=8579&tid=UA-34921493-7&_gid=366072210.1696838966&_slc=1&gtm=45He3a40n81PDQ8NNH&cd1=8579&cd2=1&z=299473259
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
4b48b697b749eb473fc6c1b7c9ef344db26d90333013fea22bc3afb3a76150e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mailings.cs2.ch/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 08:09:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mailings.cs2.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		0
0
26005642.js
bat.bing.com/p/action/ 		0
0
0
bat.bing.com/action/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
/
pips.taboola.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
snap.licdn.com
URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-Q09SDP4HXY&gtm=45je3a40&_p=1373186428&_gaz=1&cid=1149488427.1696838965&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=8579&sid=1696838964&sct=1&seg=0&dl=https%3A%2F%2Fmailings.cs2.ch%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&dt=CS2&en=page_view&_fv=1&_nsi=1&_ss=1
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q09SDP4HXY&cid=1149488427.1696838965&gtm=45je3a40&aip=1&uid=8579
Domain
www.google.ch
URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q09SDP4HXY&cid=1149488427.1696838965&gtm=45je3a40&aip=1&uid=8579&z=1407604877
Domain
www.google.com
URL
https://www.google.com/pagead/1p-user-list/956195738/?random=1696838964461&cv=11&fst=1696838400000&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fmailings.cs2.ch%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&frm=0&tiba=CS2&userId=8579&fmt=3&is_vtc=1&random=3510231325&rmt_tld=0&ipr=y
Domain
www.google.ch
URL
https://www.google.ch/pagead/1p-user-list/956195738/?random=1696838964461&cv=11&fst=1696838400000&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fmailings.cs2.ch%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&frm=0&tiba=CS2&userId=8579&fmt=3&is_vtc=1&random=3510231325&rmt_tld=1&ipr=y
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-34921493-7&cid=1149488427.1696838965&jid=1680443768&uid=8579&gjid=607179890&_gid=366072210.1696838966&_u=YCDAiEABRAAAAGAAI~&z=1000832247
Domain
bat.bing.com
URL
https://bat.bing.com/p/action/26005642.js
Domain
bat.bing.com
URL
https://bat.bing.com/action/0?ti=26005642&tm=gtm002&Ver=2&mid=cd0c55ea-8f86-4b7b-b4d5-1032185a6a45&sid=299dd160667b11ee9ddedbd55f05617e&vid=299e0ed0667b11ee9b1bf781029d2828&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=CS2&p=https%3A%2F%2Fmailings.cs2.ch%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&r=&lt=5801&evt=pageLoad&sv=1&rn=152862
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-C1Z5HRPEE1&cx=c&_slc=1
Domain
pips.taboola.com
URL
https://pips.taboola.com/

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| crCData string| bb_data_confirm_title string| bb_data_confirm_ok string| bb_data_confirm_cancel string| fvInvalidEmail string| fvRequiredEmail string| fvRequiredField string| fvInvalidBIC string| fvInvalidURL object| fvRemoteInvalid string| hostUrl object| cleverlogin object| cleverLoginCallBacks function| cleverLoginReceiveMessage function| encodeQueryData function| setfocus function| receiveCleverLogin object| crControl object| dataLayer function| __import__ boolean| UC_UI_IS_RENDERED function| dynamicImportPolyfill object| google_tag_manager object| google_tag_data object| GooglebQhCsO object| __tfa_pixel_init object| _tfa string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| fbq function| _fbq object| UC_UI function| onYouTubeIframeAPIReady object| gaGlobal function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| google_optimize

5 Cookies

Domain/Path Name / Value
mailings.cs2.ch/ Name: PHPSESSID
Value: lZ63sKjF9OPKu0LXs-c6MR-X0ksqXHpzi9-iKjHz678j6Qpx
.cs2.ch/ Name: _gcl_au
Value: 1.1.1797142379.1696838964
.cs2.ch/ Name: _ga
Value: GA1.1.1149488427.1696838965
.cs2.ch/ Name: _ga_Q09SDP4HXY
Value: GS1.1.1696838964.1.0.1696838964.60.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

6 Console Messages

Source Level URL
Text
network error URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Q09SDP4HXY&gtm=45je3a40&_p=1373186428&_gaz=1&cid=1149488427.1696838965&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=8579&sid=1696838964&sct=1&seg=0&dl=https%3A%2F%2Fmailings.cs2.ch%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&dt=CS2&en=page_view&_fv=1&_nsi=1&_ss=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q09SDP4HXY&cid=1149488427.1696838965&gtm=45je3a40&aip=1&uid=8579&z=1407604877
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://www.google.ch/pagead/1p-user-list/956195738/?random=1696838964461&cv=11&fst=1696838400000&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fmailings.cs2.ch%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&frm=0&tiba=CS2&userId=8579&fmt=3&is_vtc=1&random=3510231325&rmt_tld=1&ipr=y
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://www.google.com/pagead/1p-user-list/956195738/?random=1696838964461&cv=11&fst=1696838400000&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fmailings.cs2.ch%2Fadmin%2Flogin.php%3Fref%3D%252Fadmin%252Findex.php&frm=0&tiba=CS2&userId=8579&fmt=3&is_vtc=1&random=3510231325&rmt_tld=0&ipr=y
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-34921493-7&cid=1149488427.1696838965&jid=1680443768&uid=8579&gjid=607179890&_gid=366072210.1696838966&_u=YCDAiEABRAAAAGAAI~&z=1000832247
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.usercentrics.eu
app.usercentrics.eu
bat.bing.com
cdn.taboola.com
connect.facebook.net
consent-api.service.consent.usercentrics.eu
fonts.crsend.com
googleads.g.doubleclick.net
login.cleverreach.com
mailings.cs2.ch
pips.taboola.com
region1.analytics.google.com
s3-eu-west-1.amazonaws.com
snap.licdn.com
stats.g.doubleclick.net
trc.taboola.com
www.google-analytics.com
www.google.ch
www.google.com
www.googletagmanager.com
bat.bing.com
pips.taboola.com
region1.analytics.google.com
snap.licdn.com
stats.g.doubleclick.net
www.google.ch
www.google.com
www.googletagmanager.com
13.107.21.200
142.250.185.162
142.250.185.168
142.250.186.174
151.101.193.44
157.240.0.6
194.42.96.25
35.190.14.188
35.201.111.240
35.241.3.184
52.218.29.243
52.48.200.112
0002740d5071a59713e0a50d3bcef57266c18fec3c74501375f3562d936a8887
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
02de7011c861174353741463bfa50c040236cf408e32e718f28d630d2a794dc1
0de3ff07139ccbb43d13164c111ff074bd6b672a6490a1c75185460db04e1477
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
1461ae6a53a55f2dac7d5a051ec752d992d721a1f3e753661616d4bb2907a8df
1b3bd207998b79e3bfe35e0af1422376bc4ad2fff4525f52d7dca832fd1ee965
1b735370c1eaa14b7889b63208e78dd0f239d4f18c16136e38556849b3cc464d
3513f2ef126827b77a23a4c84fd472eac6dec92f16ae09a22e228a5376e98255
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
4576de1dd5b373f578b18da3ab756a23d844e0df3e21e1fc0ac18e9eb9c5691c
4a0e0c5931babc166aaca2c1a7ca666d4ca07fcd2579fbdd9163ad9b9273102b
4b48b697b749eb473fc6c1b7c9ef344db26d90333013fea22bc3afb3a76150e0
5786263782a5628ac8b4a143a20d2e90357dd3ba010110f3d964e49351a2d710
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81c41f814f2cc03b2c5b247094ffd22ef741b8d9f9f12edd03e6ad961aa20a92
8563f915516318c564b1a4b4d4005778294178cfac736d0ed7dd5afa86d4cd50
99922c27f1ea918af92ba9fb0db18581bb4e59c77d4ddaec4c621de38d7d2730
9c78e8edf537b7fa554e6c2691b006264fc2533162fba95711ed95509d681bff
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a88df466fee0bb0d3fa786712623c7b60c713d62457466a56c1644b36fb7f86e
ad8744e5762d7a623ed379ea73024f4549bbedfd3c25f644958602efaf672694
b111ff4e4adc42a6cae9c485c4d9b708144c811c0cf925bf5b0f96ebce288ca3
bab8548880b16d48d3ef2a4a4539222328fec4e3b2aaa946331c18ee62e8843f
c3d09fc75adcaac0c22577e5ab5413bd4ff59ce3efdabd907aef7349f1e94e93
c901db9e6f8fefdd9f9460445a4c4963bdb4dab1d5841f0827ab66da9b0c984b
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d4921e6caf1dfe28190143aa7cab9addbed7127f03827e73a7cdc56032c25610
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5f40d7776a5e17a174243c4e08075832517a3dcf374e43adb46aada0ada8771
fc8d2c4135f92fcb4d2f6e0dd6fa6469e5518bfc2d6f9740059ce6a7c0069268
fdca819eed878aa74b52c43b07ef775bde65457494c40a2228697a5fe298158d