urlscan.io logo urlscan.io
SecurityTrails logo

eticket.papiliorama.ch Open in urlscan Pro
81.62.188.77  Public Scan

Go To Rescan Add Verdict Report
URL: https://eticket.papiliorama.ch/
Submission: On July 30 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 6 countries across 13 domains to perform 40 HTTP transactions. The main IP is 81.62.188.77, located in Kaltbach, Switzerland and belongs to SWISSCOM Swisscom (Switzerland) Ltd, CH. The main domain is eticket.papiliorama.ch.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 30th 2020. Valid for: 3 months.
This is the only time eticket.papiliorama.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    81.62.188.77 (Kaltbach, Switzerland)

ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH)
PTR: 77.188.62.81.static.wline.lns.sme.cust.swisscom.ch
eticket.papiliorama.ch
3    104.26.3.83 (United States)

ASN13335 (CLOUDFLARENET, US)
gonnado.com
1    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.217.16.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:400c:c03::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
6 www.google.de
6 www.google.com 2 redirects
5 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
5 www.google-analytics.com 1 redirects eticket.papiliorama.ch
www.googletagmanager.com
5 eticket.papiliorama.ch eticket.papiliorama.ch
4 connect.facebook.net gonnado.com
connect.facebook.net
3 www.googletagmanager.com gonnado.com
www.googletagmanager.com
3 gonnado.com eticket.papiliorama.ch
gonnado.com
2 www.facebook.com
2 fonts.gstatic.com eticket.papiliorama.ch
1 stats.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 code.jquery.com gonnado.com
1 fonts.googleapis.com eticket.papiliorama.ch
40 14

This site contains links to these domains. Also see Links.

Domain
papiliorama.ch
Subject Issuer Validity Valid
eticket.papiliorama.ch
Let's Encrypt Authority X3		 2020-07-30 -
2020-10-28		 3 months crt.sh
gonnado.com
Cloudflare Inc ECC CA-3		 2020-07-02 -
2021-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://eticket.papiliorama.ch/
Frame ID: 44B84FC1845BD80A7980A4BCF1863DF7
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

40
Requests

100 %
HTTPS

79 %
IPv6

13
Domains

14
Subdomains

13
IPs

6
Countries

725 kB
Transfer

2316 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=161581715&t=pageview&_s=1&dl=https%3A%2F%2Feticket.papiliorama.ch%2F&ul=en-us&de=UTF-8&dt=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=qGDAAUAB~&jid=1752742064&gjid=553425979&cid=2111791040.1596144482&uid=zy23loentpfj8lj31f1ibkhrz7z1mve9&tid=UA-124520964-1&_gid=1025111111.1596144482&_r=1&gtm=2ou7m1&z=792750909 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-124520964-1&cid=2111791040.1596144482&jid=1752742064&uid=zy23loentpfj8lj31f1ibkhrz7z1mve9&_gid=1025111111.1596144482&gjid=553425979&_v=j83&z=792750909 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-124520964-1&cid=2111791040.1596144482&jid=1752742064&_v=j83&z=792750909 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-124520964-1&cid=2111791040.1596144482&jid=1752742064&_v=j83&z=792750909&slf_rd=1&random=3277715394
Request Chain 27
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986995636/?random=1596144485428&cv=9&fst=1596144485428&num=1&fmt=3&userId=zy23loentpfj8lj31f1ibkhrz7z1mve9&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&ig=1&data=event%3DPageView%3Bbusiness_client_id%3D231%3Bevent_label%3Dzy23loentpfj8lj31f1ibkhrz7z1mve9%7C2020-07-30%2023%3A28%3A05%3Bdynx_itemid%3D3ced6fc7d028c89876941a8bb523ffc7&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&hn=www.googleadservices.com&async=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/986995636/?random=1596144485428&cv=9&fst=1596142800000&num=1&fmt=3&userId=zy23loentpfj8lj31f1ibkhrz7z1mve9&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&data=event%3DPageView%3Bbusiness_client_id%3D231%3Bevent_label%3Dzy23loentpfj8lj31f1ibkhrz7z1mve9%7C2020-07-30%2023%3A28%3A05%3Bdynx_itemid%3D3ced6fc7d028c89876941a8bb523ffc7&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&async=1&is_vtc=1&random=2224158313&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-user-list/986995636/?random=1596144485428&cv=9&fst=1596142800000&num=1&fmt=3&userId=zy23loentpfj8lj31f1ibkhrz7z1mve9&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&data=event%3DPageView%3Bbusiness_client_id%3D231%3Bevent_label%3Dzy23loentpfj8lj31f1ibkhrz7z1mve9%7C2020-07-30%2023%3A28%3A05%3Bdynx_itemid%3D3ced6fc7d028c89876941a8bb523ffc7&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&async=1&is_vtc=1&random=2224158313&resp=GooglemKTybQhCsO&ipr=y

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
eticket.papiliorama.ch/ 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eticket.papiliorama.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
81.62.188.77 Kaltbach, Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
77.188.62.81.static.wline.lns.sme.cust.swisscom.ch
Software
Microsoft-IIS/8.5 /
Resource Hash
899489ab80b34ca573e6928e1a646591bd7052f5ba510d8944ed9077e526ea48

Request headers

Host
eticket.papiliorama.ch
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding,Accept-Encoding
Server
Microsoft-IIS/8.5
Set-Cookie
ASP.NET_SessionId=co0stigaj0zy03uuversvhpu; path=/; HttpOnly
X-AspNetMvc-Version
5.2
Date
Thu, 30 Jul 2020 21:27:48 GMT
Content-Length
3699
css
eticket.papiliorama.ch/Content/ 		143 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eticket.papiliorama.ch/Content/css?v=9uTzTtgmV_sIeMvLFrx93bf6qIdHqBln91lIdzDK5OY1
Requested by
Host: eticket.papiliorama.ch
URL: https://eticket.papiliorama.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
81.62.188.77 Kaltbach, Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
77.188.62.81.static.wline.lns.sme.cust.swisscom.ch
Software
Microsoft-IIS/8.5 /
Resource Hash
0327f8da19ff12d661b0000c5a90987c8b9d5d45c96ae9e4665030d0e2473fce

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 21:27:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 21:27:48 GMT
Server
Microsoft-IIS/8.5
Vary
User-Agent,Accept-Encoding,Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public
Content-Length
32070
Expires
Fri, 30 Jul 2021 21:27:48 GMT
js
eticket.papiliorama.ch/bundles/ 		372 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eticket.papiliorama.ch/bundles/js?v=D8RLMrPHCKN-zoy4v4WD8F2Z04YgdhhzSOCayUwAw_o1
Requested by
Host: eticket.papiliorama.ch
URL: https://eticket.papiliorama.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
81.62.188.77 Kaltbach, Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
77.188.62.81.static.wline.lns.sme.cust.swisscom.ch
Software
Microsoft-IIS/8.5 /
Resource Hash
dc4253ae12e7f5456d8e215b4e2b5a457366c05109e50692dd2a2d7e87b41765

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 21:27:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 21:27:48 GMT
Server
Microsoft-IIS/8.5
Vary
User-Agent,Accept-Encoding,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public
Transfer-Encoding
chunked
Expires
Fri, 30 Jul 2021 21:27:48 GMT
3x24AEGBOwK9OpzLyNka.js
gonnado.com/pixel/papiliorama/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gonnado.com/pixel/papiliorama/3x24AEGBOwK9OpzLyNka.js
Requested by
Host: eticket.papiliorama.ch
URL: https://eticket.papiliorama.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4232e0a6b86d66105d4e18d148d57615d30687048f83a3b443c9a4590dcc553

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:28:05 GMT
content-encoding
br
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Cookie, Accept-Language
content-language
en
status
200
cf-ray
5bb22ad75c1f0c7d-AMS
content-type
application/x-javascript
cf-request-id
0443391a9800000c7d13a41200000001
css
fonts.googleapis.com/ 		5 KB
757 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400
Requested by
Host: eticket.papiliorama.ch
URL: https://eticket.papiliorama.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cb91f4bd7ea91c6ef5d9f48f0bd22325a2728685571c934ad4bfa4a901852de4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 30 Jul 2020 20:48:27 GMT
server
ESF
date
Thu, 30 Jul 2020 21:28:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Jul 2020 21:28:01 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: eticket.papiliorama.ch
URL: https://eticket.papiliorama.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
3261
date
Thu, 30 Jul 2020 20:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Thu, 30 Jul 2020 22:33:41 GMT
papiliorama.png
eticket.papiliorama.ch/Content/Images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eticket.papiliorama.ch/Content/Images/papiliorama.png
Requested by
Host: eticket.papiliorama.ch
URL: https://eticket.papiliorama.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
81.62.188.77 Kaltbach, Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
77.188.62.81.static.wline.lns.sme.cust.swisscom.ch
Software
Microsoft-IIS/8.5 /
Resource Hash
446edfb9354be3a895e9f40d3aba7c73f169bfe48f215e1ac4112a8af372c6c1

Request headers

Referer
https://eticket.papiliorama.ch/Content/css?v=9uTzTtgmV_sIeMvLFrx93bf6qIdHqBln91lIdzDK5OY1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 21:27:48 GMT
Last-Modified
Thu, 28 Mar 2019 17:24:35 GMT
Server
Microsoft-IIS/8.5
ETag
"62b37a1d8be5d41:0"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
1911
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: eticket.papiliorama.ch
URL: https://eticket.papiliorama.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400
Origin
https://eticket.papiliorama.ch

Response headers

date
Thu, 16 Jul 2020 19:53:18 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
1215284
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Fri, 16 Jul 2021 19:53:18 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: eticket.papiliorama.ch
URL: https://eticket.papiliorama.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400
Origin
https://eticket.papiliorama.ch

Response headers

date
Sat, 11 Jul 2020 09:25:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
1684937
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sun, 11 Jul 2021 09:25:45 GMT
glyphicons-halflings-regular.woff
eticket.papiliorama.ch/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://eticket.papiliorama.ch/fonts/glyphicons-halflings-regular.woff
Requested by
Host: eticket.papiliorama.ch
URL: https://eticket.papiliorama.ch/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
81.62.188.77 Kaltbach, Switzerland, ASN3303 (SWISSCOM Swisscom (Switzerland) Ltd, CH),
Reverse DNS
77.188.62.81.static.wline.lns.sme.cust.swisscom.ch
Software
Microsoft-IIS/8.5 /
Resource Hash
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://eticket.papiliorama.ch/Content/css?v=9uTzTtgmV_sIeMvLFrx93bf6qIdHqBln91lIdzDK5OY1
Origin
https://eticket.papiliorama.ch

Response headers

Date
Thu, 30 Jul 2020 21:27:48 GMT
Last-Modified
Sun, 09 Sep 2018 15:58:21 GMT
Server
Microsoft-IIS/8.5
ETag
"d1129fee5548d41:0"
Vary
Accept-Encoding
Content-Type
font/x-woff
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
23320
collect
www.google-analytics.com/r/ 		35 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=161581715&t=pageview&_s=1&dl=https%3A%2F%2Feticket.papiliorama.ch%2F&ul=en-us&de=UTF-8&dt=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1687685308&gjid=604769426&cid=2111791040.1596144482&tid=UA-17887246-35&_gid=1025111111.1596144482&_r=1&z=1689634713
Requested by
Host: eticket.papiliorama.ch
URL: https://eticket.papiliorama.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
gonnado.com/en/pixel/widget/640db343/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gonnado.com/en/pixel/widget/640db343/?action=click&url=https%3A%2F%2Feticket.papiliorama.ch%2F&referrer=
Requested by
Host: gonnado.com
URL: https://gonnado.com/pixel/papiliorama/3x24AEGBOwK9OpzLyNka.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b0bac1e1f009a56f98293a2ccfeda71f282f5a6ee7333649b96e8c2637d9367

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
text/plain

Response headers

date
Thu, 30 Jul 2020 21:28:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-headers
*
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Language, Cookie
access-control-allow-methods
GET
content-language
en
access-control-allow-origin
https://eticket.papiliorama.ch
access-control-allow-credentials
true
cf-ray
5bb22ad7ccf20c7d-AMS
content-type
application/json
cf-request-id
0443391ad800000c7d13a46200000001
pixel-min-c1fa87d867.js
gonnado.com/static/js/pixel/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gonnado.com/static/js/pixel/pixel-min-c1fa87d867.js
Requested by
Host: gonnado.com
URL: https://gonnado.com/pixel/papiliorama/3x24AEGBOwK9OpzLyNka.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3992369ee73e49d2d590db5e7133149e27d732673c5f2deb0f6126025bb6df

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:28:05 GMT
content-encoding
br
cf-cache-status
HIT
age
223441
status
200
cf-request-id
0443391b5b00000c7d13a56200000001
pragma
public
last-modified
Tue, 28 Jul 2020 07:19:06 GMT
server
cloudflare
etag
W/"5f1fd16a-75cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
5bb22ad89e460c7d-AMS
expires
Thu, 27 Aug 2020 07:24:04 GMT
jquery-1.11.3.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: gonnado.com
URL: https://gonnado.com/static/js/pixel/pixel-min-c1fa87d867.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:28:05 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2015 16:20:58 GMT
server
nginx
status
200
etag
W/"553fb36a-176d5"
vary
Accept-Encoding
x-hw
1596144485.dop208.fr8.t,1596144485.cds277.fr8.hc,1596144485.cds127.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33261
fbevents.js
connect.facebook.net/en_US/ 		134 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: gonnado.com
URL: https://gonnado.com/static/js/pixel/pixel-min-c1fa87d867.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34220
x-xss-protection
0
pragma
public
x-fb-debug
D8BQKM75beCQMyTwBzuvJWSnw0UAmScMjz5LKQyR3Q0arow5agrxsTuIex8Pjmxeawejh2chjUcSGBbO6xfj1g==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 30 Jul 2020 21:28:05 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		85 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-851617575
Requested by
Host: gonnado.com
URL: https://gonnado.com/static/js/pixel/pixel-min-c1fa87d867.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e6c72c05c8470a06b9ba9120e22a53556800b3e6b4a91b8f03b6b11abdc826e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:28:05 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34121
x-xss-protection
0
last-modified
Thu, 30 Jul 2020 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Jul 2020 21:28:05 GMT
identity.js
connect.facebook.net/signals/plugins/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.22
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b72031ab9ee0b637634d8b4c5ea7d5c9c1286acaa1a5f3f8c43d3a8f5fa82664
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
10760
x-xss-protection
0
pragma
public
x-fb-debug
1rbd1mSt7eS94ANzRU3JztV3I/of1cuki02/8vYuPfs1XwRRvET8qbR3xUNyBqGjRIAfaxTjwVt/LZc042irnA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 30 Jul 2020 21:28:05 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
1307213492660904
connect.facebook.net/signals/config/ 		522 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1307213492660904?v=2.9.22&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e973612736213abbefbfe404461c909f4adcd488dd8ee5b5a67ac4cdd9ba18c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
JjaZKZ+qAIaYk+4gou/DTxSG8oGjBL9pXYZ/N9TMSCMcX1ME703VHiQL6Eh7LjinZhq8tSsWBirbmYuQhePWiA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 30 Jul 2020 21:28:05 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-851617575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s11-in-f2.1e100.net
Software
cafe /
Resource Hash
71aa66e3c94df617c70a1b9530acaa18c9f049d6d29dbaa6d0efe84d7104805a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11323
x-xss-protection
0
server
cafe
etag
17153042000983114910
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 30 Jul 2020 21:28:05 GMT
js
www.googletagmanager.com/gtag/ 		85 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-986995636&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-851617575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b7c7308aa23b2c3bd16852853f4236f41c160665142499631a66d27ddb5d4ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:28:05 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34188
x-xss-protection
0
last-modified
Thu, 30 Jul 2020 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Jul 2020 21:28:05 GMT
js
www.googletagmanager.com/gtag/ 		85 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-124520964-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-851617575
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ea6e70882238036a3f0ee13682775095139cc4c0db1a9966f29235f54e029f3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:28:05 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34178
x-xss-protection
0
last-modified
Thu, 30 Jul 2020 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 30 Jul 2020 21:28:05 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-124520964-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
3264
date
Thu, 30 Jul 2020 20:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Thu, 30 Jul 2020 22:33:41 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&aip=1&a=161581715&t=pageview&_s=1&dl=https%3A%2F%2Feticket.papiliorama.ch%2F&ul=en-us&de=UTF-8&dt=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersic...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-124520964-1&cid=2111791040.1596144482&jid=1752742064&uid=zy23loentpfj8lj31f1ibkhrz7z1mve9&_gid=1025111111.1596144482&gjid=553425...
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-124520964-1&cid=2111791040.1596144482&jid=1752742064&_v=j83&z=792750909
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-124520964-1&cid=2111791040.1596144482&jid=1752742064&_v=j83&z=792750909&slf_rd=1&random=3277715394
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-124520964-1&cid=2111791040.1596144482&jid=1752742064&_v=j83&z=792750909&slf_rd=1&random=3277715394
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:05 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-124520964-1&cid=2111791040.1596144482&jid=1752742064&_v=j83&z=792750909&slf_rd=1&random=3277715394
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j83&aip=1&a=161581715&t=event&_s=2&dl=https%3A%2F%2Feticket.papiliorama.ch%2F&ul=en-us&de=UTF-8&dt=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=PageView&el=zy23loentpfj8lj31f1ibkhrz7z1mve9%7C2020-07-30%2023%3A28%3A05&_u=qGDAAUAB~&jid=&gjid=&cid=2111791040.1596144482&uid=zy23loentpfj8lj31f1ibkhrz7z1mve9&tid=UA-124520964-1&_gid=1025111111.1596144482&gtm=2ou7m1&z=753572216
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jul 2020 18:30:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
183471
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/851617575/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/851617575/?random=1596144485423&cv=9&fst=1596144485423&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d66e2980d606be16d7e6317bec27359f643117ea9ca83f0e8cfbf9d85375f835
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1041
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/851617575/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/851617575/?random=1596144485426&cv=9&fst=1596144485426&num=1&userId=zy23loentpfj8lj31f1ibkhrz7z1mve9&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&ig=1&data=event%3DPageView%3Bbusiness_client_id%3D231%3Bevent_label%3Dzy23loentpfj8lj31f1ibkhrz7z1mve9%7C2020-07-30%2023%3A28%3A05%3Bdynx_itemid%3D3ced6fc7d028c89876941a8bb523ffc7&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce6f5e5992a12c672c750f03d91063262571969f5063935ffa6d0abee259f862
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1157
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/986995636/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986995636/?random=1596144485428&cv=9&fst=1596144485428&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f199687ae298b917a1cdb03a2f026fd14da3e1e9fe12ea545f3771936b6c136
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1042
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/986995636/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986995636/?random=1596144485429&cv=9&fst=1596144485429&num=1&userId=zy23loentpfj8lj31f1ibkhrz7z1mve9&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&ig=1&data=event%3DIndustryImpression%3Btag_id%3D508%3Bcategory_id%3D86%3Bmain_category_id%3D22%3Bevent_label%3D508%20-%20640db343&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d668f56ee0cd175de370c573b7e94ed2b1b9a4fe7ec3a9fbfafaa2ff6f185e60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1126
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/986995636/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986995636/?random=1596144485428&cv=9&fst=1596144485428&num=1&fmt=3&userId=zy23loentpfj8lj31f1ibkhrz7z1mve9&bg=ffffff&guid=ON&resp=Go...
  • https://www.google.com/pagead/1p-user-list/986995636/?random=1596144485428&cv=9&fst=1596142800000&num=1&fmt=3&userId=zy23loentpfj8lj31f1ibkhrz7z1mve9&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u...
  • https://www.google.de/pagead/1p-user-list/986995636/?random=1596144485428&cv=9&fst=1596142800000&num=1&fmt=3&userId=zy23loentpfj8lj31f1ibkhrz7z1mve9&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_...
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/986995636/?random=1596144485428&cv=9&fst=1596142800000&num=1&fmt=3&userId=zy23loentpfj8lj31f1ibkhrz7z1mve9&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&data=event%3DPageView%3Bbusiness_client_id%3D231%3Bevent_label%3Dzy23loentpfj8lj31f1ibkhrz7z1mve9%7C2020-07-30%2023%3A28%3A05%3Bdynx_itemid%3D3ced6fc7d028c89876941a8bb523ffc7&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&async=1&is_vtc=1&random=2224158313&resp=GooglemKTybQhCsO&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:05 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/986995636/?random=1596144485428&cv=9&fst=1596142800000&num=1&fmt=3&userId=zy23loentpfj8lj31f1ibkhrz7z1mve9&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&data=event%3DPageView%3Bbusiness_client_id%3D231%3Bevent_label%3Dzy23loentpfj8lj31f1ibkhrz7z1mve9%7C2020-07-30%2023%3A28%3A05%3Bdynx_itemid%3D3ced6fc7d028c89876941a8bb523ffc7&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&async=1&is_vtc=1&random=2224158313&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/851617575/ 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/851617575/?random=1596144485423&cv=9&fst=1596142800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&async=1&fmt=3&is_vtc=1&random=1770315053&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/851617575/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/851617575/?random=1596144485423&cv=9&fst=1596142800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&async=1&fmt=3&is_vtc=1&random=1770315053&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/851617575/ 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/851617575/?random=1596144485426&cv=9&fst=1596142800000&num=1&userId=zy23loentpfj8lj31f1ibkhrz7z1mve9&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&data=event%3DPageView%3Bbusiness_client_id%3D231%3Bevent_label%3Dzy23loentpfj8lj31f1ibkhrz7z1mve9%7C2020-07-30%2023%3A28%3A05%3Bdynx_itemid%3D3ced6fc7d028c89876941a8bb523ffc7&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&async=1&fmt=3&is_vtc=1&random=1425265282&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/851617575/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/851617575/?random=1596144485426&cv=9&fst=1596142800000&num=1&userId=zy23loentpfj8lj31f1ibkhrz7z1mve9&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&data=event%3DPageView%3Bbusiness_client_id%3D231%3Bevent_label%3Dzy23loentpfj8lj31f1ibkhrz7z1mve9%7C2020-07-30%2023%3A28%3A05%3Bdynx_itemid%3D3ced6fc7d028c89876941a8bb523ffc7&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&async=1&fmt=3&is_vtc=1&random=1425265282&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/986995636/ 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/986995636/?random=1596144485429&cv=9&fst=1596142800000&num=1&userId=zy23loentpfj8lj31f1ibkhrz7z1mve9&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&data=event%3DIndustryImpression%3Btag_id%3D508%3Bcategory_id%3D86%3Bmain_category_id%3D22%3Bevent_label%3D508%20-%20640db343&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&async=1&fmt=3&is_vtc=1&random=1251690761&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/986995636/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/986995636/?random=1596144485429&cv=9&fst=1596142800000&num=1&userId=zy23loentpfj8lj31f1ibkhrz7z1mve9&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&data=event%3DIndustryImpression%3Btag_id%3D508%3Bcategory_id%3D86%3Bmain_category_id%3D22%3Bevent_label%3D508%20-%20640db343&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&async=1&fmt=3&is_vtc=1&random=1251690761&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/986995636/ 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/986995636/?random=1596144485428&cv=9&fst=1596142800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&async=1&fmt=3&is_vtc=1&random=3257820327&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/986995636/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/986995636/?random=1596144485428&cv=9&fst=1596142800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Feticket.papiliorama.ch%2F&tiba=Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht&async=1&fmt=3&is_vtc=1&random=3257820327&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 Jul 2020 21:28:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
470804960149457
connect.facebook.net/signals/config/ 		523 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/470804960149457?v=2.9.22&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39e1eea5692e5fca43afa9a6052e7b4ee45d6abcf7c365f73ff7a18720dd025e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
135044
x-xss-protection
0
pragma
public
x-fb-debug
vWcRm74o9I95CdxiilKl0jSydg6kRI8V4TpnBL9tiXBYu4yFFxDhIpWkIMLMBeHvFnVhtjJkNdUW7v4410MdLg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 30 Jul 2020 21:28:05 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1307213492660904&ev=PageView&dl=https%3A%2F%2Feticket.papiliorama.ch%2F&rl=&if=false&ts=1596144485666&cd[client_id]=231&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&fbp=fb.1.1596144485665.680209870&it=1596144485325&coo=false&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:28:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 30 Jul 2020 21:28:05 GMT
/
www.facebook.com/tr/ 		44 B
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1307213492660904&ev=Microdata&dl=https%3A%2F%2Feticket.papiliorama.ch%2F&rl=&if=false&ts=1596144487169&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Besuch%20Papiliorama%20-%20Ticket%C3%BCbersicht%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.22&r=stable&ec=1&o=30&fbp=fb.1.1596144485665.680209870&it=1596144485325&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://eticket.papiliorama.ch/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 21:28:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 30 Jul 2020 21:28:07 GMT

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| TicketPrice function| PercentPromoCode function| FreeTicketPromoCode function| Ticket function| OneTimeTicketPriceCalculator function| AbonementPriceCalculator function| AbonementPrice function| VoucherPriceCalculator function| VoucherPrice function| $ function| jQuery function| Globalize object| jQuery110204755374572865825 object| respond object| html5 object| Modernizr string| GoogleAnalyticsObject function| ga undefined| didScroll number| lastScrollTop number| delta number| navbarHeight function| hasScrolled object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| deDuplicatePixel function| getScript function| fetchPixelConfig function| getAllUrlParams object| 3x24AEGBOwK9OpzLyNka object| pixelConfig object| overlayYOffset undefined| popupIFrame undefined| landingIFrame undefined| conversionData undefined| overlayData string| popupScriptUrl string| referrerCookie string| businessClientUuid object| dialogTriggers function| httpGet function| getScriptAsync function| createEmptyIFrame function| loadjQuery function| loadDialogTrigger function| gonnadoCookieParser function| getUrlParams function| getExitPopupCookie function| getOverlayStateCookie function| fetchUserIsNearStore function| setOverlayStateCookie function| setGclidCookie function| setLastClickAttributionCookie function| setExitPopupCookie function| setUpdateInvolvementCookie function| showCookieMessage function| gShowPopup function| setPopupMode function| onPopupReady function| sendImpressionEvent function| getPopup function| setupDialogTriggers function| showPopupMinimized object| gonnadoFbPixel object| gonnadoAwPixel boolean| useGoogleTracking string| PIXEL_GROUP string| fbColor string| awColor object| conversionEvents function| log_staff_only function| logAdNetworkConversion function| logFbConversion function| logGgConversion function| initializeGoogleTracking function| adjustIframeHeight function| configureLeadFormIframes function| initLeadFormIframeConfiguration function| Cookies function| md5 function| gonnadoTrackEvent function| fbq function| _fbq object| google_tag_manager object| dataLayer function| gonnadojQuery function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

4 Cookies

Domain/Path Name / Value
.papiliorama.ch/ Name: _gid
Value: GA1.2.1025111111.1596144482
.papiliorama.ch/ Name: _gat
Value: 1
.papiliorama.ch/ Name: _ga
Value: GA1.2.2111791040.1596144482
eticket.papiliorama.ch/ Name: ASP.NET_SessionId
Value: co0stigaj0zy03uuversvhpu

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
connect.facebook.net
eticket.papiliorama.ch
fonts.googleapis.com
fonts.gstatic.com
gonnado.com
googleads.g.doubleclick.net
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.26.3.83
172.217.16.162
2001:4de0:ac19::1:b:3a
2a00:1450:4001:806::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:81d::2004
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::200a
2a00:1450:4001:821::2003
2a00:1450:400c:c03::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
81.62.188.77
0327f8da19ff12d661b0000c5a90987c8b9d5d45c96ae9e4665030d0e2473fce
0b7c7308aa23b2c3bd16852853f4236f41c160665142499631a66d27ddb5d4ca
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
39e1eea5692e5fca43afa9a6052e7b4ee45d6abcf7c365f73ff7a18720dd025e
446edfb9354be3a895e9f40d3aba7c73f169bfe48f215e1ac4112a8af372c6c1
4b0bac1e1f009a56f98293a2ccfeda71f282f5a6ee7333649b96e8c2637d9367
4f199687ae298b917a1cdb03a2f026fd14da3e1e9fe12ea545f3771936b6c136
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6b3992369ee73e49d2d590db5e7133149e27d732673c5f2deb0f6126025bb6df
6e6c72c05c8470a06b9ba9120e22a53556800b3e6b4a91b8f03b6b11abdc826e
71aa66e3c94df617c70a1b9530acaa18c9f049d6d29dbaa6d0efe84d7104805a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
899489ab80b34ca573e6928e1a646591bd7052f5ba510d8944ed9077e526ea48
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
b72031ab9ee0b637634d8b4c5ea7d5c9c1286acaa1a5f3f8c43d3a8f5fa82664
c4232e0a6b86d66105d4e18d148d57615d30687048f83a3b443c9a4590dcc553
cb91f4bd7ea91c6ef5d9f48f0bd22325a2728685571c934ad4bfa4a901852de4
ce6f5e5992a12c672c750f03d91063262571969f5063935ffa6d0abee259f862
d668f56ee0cd175de370c573b7e94ed2b1b9a4fe7ec3a9fbfafaa2ff6f185e60
d66e2980d606be16d7e6317bec27359f643117ea9ca83f0e8cfbf9d85375f835
dc4253ae12e7f5456d8e215b4e2b5a457366c05109e50692dd2a2d7e87b41765
e973612736213abbefbfe404461c909f4adcd488dd8ee5b5a67ac4cdd9ba18c8
ea6e70882238036a3f0ee13682775095139cc4c0db1a9966f29235f54e029f3c
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955