shf.ch Open in urlscan Pro
87.245.122.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shf.ch/
Effective URL:
https://shf.ch/
Submission: On April 23 via api (April 23rd 2024, 7:25:17 am UTC) from NL — Scanned from CH

Summary HTTP 65 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 16 domains to perform 65 HTTP transactions. The main IP is 87.245.122.111, located in Schaffhausen, Switzerland and belongs to SASAG, CH. The main domain is shf.ch.
TLS certificate: Issued by R3 on April 23rd 2024. Valid for: 3 months.

This is the only time shf.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	87.245.122.111 87.245.122.111	35518 (SASAG) (SASAG)
8	172.67.68.225 172.67.68.225	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	217.26.52.21 217.26.52.21	29097 (HOSTPOINT-AS) (HOSTPOINT-AS)
3	185.125.25.29 185.125.25.29	29222 (INFOMANIA...) (INFOMANIAK-AS)
4	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
4	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
1	104.16.87.20 104.16.87.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225b:3c00:a:e047:754:3401	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.211.13.38 52.211.13.38	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	96.16.108.246 96.16.108.246	() ()
65	26

13 87.245.122.111 (Schaffhausen, Switzerland)

ASN35518 (SASAG, CH)
PTR: static-87-245-122-111.ptr.as35518.net

shf.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.68.225 (United States)

ASN13335 (CLOUDFLARENET, US)

adnz.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.adnz.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.26.52.21 (Switzerland)

ASN29097 (HOSTPOINT-AS, CH)
PTR: sl42.web.hostpoint.ch

epg.shf.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.125.25.29 (Switzerland)

ASN29222 (INFOMANIAK-AS, CH)
PTR: reverse-proxy-ip-9.infomaniak.ch

player.vod2.infomaniak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.87.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:3c00:a:e047:754:3401 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a83c80b51ce4b6fa0ed3b2fd970db3a2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
63c19cf8a8009731ceaa7e1a4a870d46.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.13.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-13-38.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.108.246 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	shf.ch shf.ch epg.shf.ch	168 KB
10	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 207	171 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 a83c80b51ce4b6fa0ed3b2fd970db3a2.safeframe.googlesyndication.com 63c19cf8a8009731ceaa7e1a4a870d46.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	31 KB
8	adnz.co adnz.co — Cisco Umbrella Rank: 78119 api.adnz.co — Cisco Umbrella Rank: 86823	77 KB
6	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 252 acdn.adnxs.com — Cisco Umbrella Rank: 620	45 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2676 google-bidout-d.openx.net — Cisco Umbrella Rank: 2648	478 B
3	infomaniak.com player.vod2.infomaniak.com
2	google.com www.google.com — Cisco Umbrella Rank: 2
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1152 bcp.crwdcntrl.net — Cisco Umbrella Rank: 974	13 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 977 id5-sync.com — Cisco Umbrella Rank: 507	27 KB
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 453
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 661	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2061	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3173	3 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2641	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	1 KB
65	16

	Domain	Requested by
13	shf.ch	shf.ch
10	securepubads.g.doubleclick.net	adnz.co securepubads.g.doubleclick.net
6	api.adnz.co	adnz.co
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	ib.adnxs.com	adnz.co acdn.adnxs.com
3	player.vod2.infomaniak.com	shf.ch
2	www.google.com	tpc.googlesyndication.com
2	oajs.openx.net	1 redirects
2	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
2	acdn.adnxs.com	adnz.co acdn.adnxs.com
2	adnz.co	shf.ch adnz.co
1	google-bidout-d.openx.net	oa.openxcdn.net
1	gum.criteo.com	static.criteo.net
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	63c19cf8a8009731ceaa7e1a4a870d46.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	a83c80b51ce4b6fa0ed3b2fd970db3a2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	epg.shf.ch	shf.ch
65	25

This site contains links to these domains. Also see Links.

Domain
www.shf.ch
www.facebook.com
twitter.com
www.youtube.com
tvepg.eu
tv.teleboy.ch

Subject Issuer	Validity	Valid
shf.ch R3	`2024-04-23` - `2024-07-22`	3 months	crt.sh
adnz.co E1	`2024-04-03` - `2024-07-02`	3 months	crt.sh
epg.shf.ch R3	`2024-03-05` - `2024-06-03`	3 months	crt.sh
vod2.infomaniak.com R3	`2024-03-20` - `2024-06-18`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2024-04-08` - `2025-05-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
id5-sync.com E1	`2024-04-06` - `2024-07-05`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2024-04-20` - `2024-07-19`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
cdn.prod.uidapi.com R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-03-20` - `2024-06-18`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.id5-sync.com R3	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-15` - `2024-07-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://shf.ch/
Frame ID: 2F2F34E60F078B7A7C95B8C7E6944CEC
Requests: 25 HTTP requests in this frame

Frame: https://epg.shf.ch/embed/?spalten=4&start=0&range=6
Frame ID: 4A31ABD093272B372024673A9ED75FC6
Requests: 1 HTTP requests in this frame

Frame: https://player.vod2.infomaniak.com/embed/1jhvl2uqodz6o
Frame ID: B0F84181292EEC3A520B6971726375B3
Requests: 1 HTTP requests in this frame

Frame: https://player.vod2.infomaniak.com/embed/1jhvl2uqodwvl
Frame ID: 87C63B9F17FA308CF726E25FDF76829C
Requests: 1 HTTP requests in this frame

Frame: https://player.vod2.infomaniak.com/embed/1jhvl2uqnmvmi
Frame ID: F02F56359B4C1F58C69999EA884CA18D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: EDE806BE5E22619A6DE91DB1749FE5E1
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 2D9B79DA0530109118CDDE3E5CF020A2
Requests: 8 HTTP requests in this frame

Frame: https://a83c80b51ce4b6fa0ed3b2fd970db3a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B516151E2B15401B77FA0625C78D3C82
Requests: 1 HTTP requests in this frame

Frame: https://63c19cf8a8009731ceaa7e1a4a870d46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E6C825BDA995108D5210B04D94B6E80E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=shf.ch
Frame ID: 52C3AE768908ABB58E4BB8BCA6EA2960
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5AF87C2907FE61FF2AE3EB5C08D47CB1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AA292691547CF91FEB3932DCED86E7EB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 30B9C20180D667F7BDF7BC57328A5CBA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 89FA6B2CD684C481E4F7275E5A242AED
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: A06FDAD44A6AA97A6F800ECF43F1340B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 04D8275AC483A94498A0534692EE2EA2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Schaffhauser Fernsehen | Heute im Schaffhauser Fernsehen

Page URL History Show full URLs

http://shf.ch/ HTTP 307
https://shf.ch/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

65
Requests

95 %
HTTPS

28 %
IPv6

16
Domains

25
Subdomains

26
IPs

6
Countries

559 kB
Transfer

2143 kB
Size

24
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.shf.ch/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Schaffhauser-Fernsehen/116066151787218

Search URL Search Domain Scan URL

URL: https://twitter.com/shfernsehen

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/SHFonline

Search URL Search Domain Scan URL

URL: https://tvepg.eu/de/switzerland/channel/shf_schaffhauser_fernsehen#now
Title: SHf Programmguide

Search URL Search Domain Scan URL

URL: https://tv.teleboy.ch/live(player:live/559)
Title: Teleboy Livestream

Search URL Search Domain Scan URL

URL: https://www.shf.ch/index.php?Shop
Title: Zum Shop

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shf.ch/ HTTP 307
https://shf.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://oajs.openx.net/esp?url=https%3A%2F%2Fshf.ch%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fshf.ch%2F&rid=esp&cc=1

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
shf.ch/
Redirect Chain

http://shf.ch/
https://shf.ch/

10 KB
10 KB

222ms
106ms

Document
text/html

87.245.122.111
SASAG

General

Check archive.org

Show headers Download Go to

Full URL: https://shf.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 87.245.122.111 Schaffhausen, Switzerland, ASN35518 (SASAG, CH),
Reverse DNS: static-87-245-122-111.ptr.as35518.net
Software: Microsoft-IIS/8.5 / PHP/5.3.28 ASP.NET
Resource Hash: b440ec3021445265f4c70c7ecf8524f03cd7a5d6cbb048bd0b6675a2fd85ed6b

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 9890
Content-Type: text/html; charset=utf-8
Date: Tue, 23 Apr 2024 07:30:51 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/5.3.28 ASP.NET
X-phpwcms-Page-Processed-In: 72.700 ms
X-phpwcms-Release: 1.4.1 (2009/01/30)

Redirect headers

Location: https://shf.ch/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK frontend.js Show response
shf.ch/template/inc_js/ 4 KB
4 KB 16ms
15ms Script
application/javascript 87.245.122.111
SASAG

General

Check archive.org

Show headers Download Go to

Full URL: https://shf.ch/template/inc_js/frontend.js
Requested by: Host: shf.ch
URL: https://shf.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 87.245.122.111 Schaffhausen, Switzerland, ASN35518 (SASAG, CH),
Reverse DNS: static-87-245-122-111.ptr.as35518.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 403bd2deef61e1f6610359aeaeff88267a3c3f9b2c58c121042449be9836fe06

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 07:30:51 GMT
Last-Modified: Sat, 29 Dec 2007 14:13:04 GMT
Server: Microsoft-IIS/8.5
ETag: "01844ed244ac81:0"
X-Powered-By: ASP.NET
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 4280

GET
H/1.1 200
OK style_2011.css
shf.ch/template/inc_css/ 6 KB
7 KB 56ms
39ms Stylesheet
text/css 87.245.122.111
SASAG

General

Check archive.org

Show headers Download Go to

Full URL: https://shf.ch/template/inc_css/style_2011.css
Requested by: Host: shf.ch
URL: https://shf.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 87.245.122.111 Schaffhausen, Switzerland, ASN35518 (SASAG, CH),
Reverse DNS: static-87-245-122-111.ptr.as35518.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9543cc9aba48e0e0dcd5be94ec0b89fa1b46344a2e5df4c1c1a49eff62a6a745

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 07:30:51 GMT
Last-Modified: Tue, 19 Sep 2023 07:21:34 GMT
Server: Microsoft-IIS/8.5
ETag: "f7c147ebc9ead91:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 6502

GET
H3 200 header.js Show response
adnz.co/ 281 KB
62 KB 74ms
40ms Script
application/javascript 172.67.68.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adnz.co/header.js?adTagId=156

Requested by

Host: shf.ch
URL: https://shf.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c1f3cd57b8712957e943a32cc034e9bd9020ca34461beccd1b54f6cd2bb7de92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1566
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 23 Apr 2024 06:59:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tnIde%2BM%2BVEyJTrgaNWlluzud8UGWQp0JKs1iGcfD9eYXPnaHBajUJ%2F%2Fo7GM%2Fxvd69n1TqVU6pAilprOH72b3rnxwvtqkFmFYRYB1gQJ79AKygfTpMeWYAY4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1200
cf-ray: 878c1e4a19171ad7-FRA
access-control-allow-headers: origin, content-type, accept
expires: Tue, 23 Apr 2024 07:45:12 GMT

GET
H/1.1 200
OK shf_facebook.png
shf.ch/images/ 8 KB
8 KB 71ms
39ms Image
image/png 87.245.122.111
SASAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shf.ch/images/shf_facebook.png
Requested by: Host: shf.ch
URL: https://shf.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 87.245.122.111 Schaffhausen, Switzerland, ASN35518 (SASAG, CH),
Reverse DNS: static-87-245-122-111.ptr.as35518.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 235f31f0e88abdc27b4a2810234948a839b239d4cb22321fac3bc1cf0ab7342a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 07:30:51 GMT
Last-Modified: Tue, 25 Sep 2012 07:15:51 GMT
Server: Microsoft-IIS/8.5
ETag: "f413f097ed9acd1:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 7948

GET
H/1.1 200
OK shf_twitter.png
shf.ch/images/ 7 KB
7 KB 325ms
270ms Image
image/png 87.245.122.111
SASAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shf.ch/images/shf_twitter.png
Requested by: Host: shf.ch
URL: https://shf.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 87.245.122.111 Schaffhausen, Switzerland, ASN35518 (SASAG, CH),
Reverse DNS: static-87-245-122-111.ptr.as35518.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e2cd908b3f7445c3564fe1fdfe5fb11ca4af9ffe495bc42b8c0d83fcfe091dc6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 07:30:51 GMT
Last-Modified: Tue, 25 Sep 2012 07:15:51 GMT
Server: Microsoft-IIS/8.5
ETag: "4e76f297ed9acd1:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6770

GET
H/1.1 200
OK shf_youtube.png
shf.ch/images/ 4 KB
5 KB 283ms
283ms Image
image/png 87.245.122.111
SASAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shf.ch/images/shf_youtube.png
Requested by: Host: shf.ch
URL: https://shf.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 87.245.122.111 Schaffhausen, Switzerland, ASN35518 (SASAG, CH),
Reverse DNS: static-87-245-122-111.ptr.as35518.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6c261af82512bec39a14b2be72ce31572ef11866369311fb107840276bd33e0e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 07:30:51 GMT
Last-Modified: Tue, 25 Sep 2012 07:15:51 GMT
Server: Microsoft-IIS/8.5
ETag: "3ad71398ed9acd1:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4602

GET
H/1.1 200
OK bace01872928d92d2b1b7c84e0223e07.jpg
shf.ch/content/images/ 5 KB
5 KB 19ms
18ms Image
image/jpeg 87.245.122.111
SASAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shf.ch/content/images/bace01872928d92d2b1b7c84e0223e07.jpg
Requested by: Host: shf.ch
URL: https://shf.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 87.245.122.111 Schaffhausen, Switzerland, ASN35518 (SASAG, CH),
Reverse DNS: static-87-245-122-111.ptr.as35518.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 334f5dc1ad92103b23a13cdc1f75cf3bf3dae3c6823dad42b41535d848818658

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 07:30:51 GMT
Last-Modified: Thu, 22 Dec 2022 15:44:14 GMT
Server: Microsoft-IIS/8.5
ETag: "562c293e1c16d91:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4917

GET
H/1.1 200
OK 1e772417ecdfa9fb75d3fa5d8e7b4307.jpg
shf.ch/content/images/ 7 KB
7 KB 34ms
34ms Image
image/jpeg 87.245.122.111
SASAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shf.ch/content/images/1e772417ecdfa9fb75d3fa5d8e7b4307.jpg
Requested by: Host: shf.ch
URL: https://shf.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 87.245.122.111 Schaffhausen, Switzerland, ASN35518 (SASAG, CH),
Reverse DNS: static-87-245-122-111.ptr.as35518.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3afdfd6a32e0fedc354f116c92727eff325da0096683bdd9aa640bb7281a0fa2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 07:30:51 GMT
Last-Modified: Mon, 22 Apr 2024 07:22:43 GMT
Server: Microsoft-IIS/8.5
ETag: "4129a5dd8594da1:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 7146

GET
H/1.1 200
OK 421f019a86cf76f475a4b2152b8a66f7.jpg
shf.ch/content/images/ 2 KB
2 KB 289ms
257ms Image
image/jpeg 87.245.122.111
SASAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shf.ch/content/images/421f019a86cf76f475a4b2152b8a66f7.jpg
Requested by: Host: shf.ch
URL: https://shf.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 87.245.122.111 Schaffhausen, Switzerland, ASN35518 (SASAG, CH),
Reverse DNS: static-87-245-122-111.ptr.as35518.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4f85910870520c8a3f738cb9dd5bd843d7f9e8913f8396b1b4e34bf07293ff82

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 07:30:51 GMT
Last-Modified: Mon, 30 Mar 2020 07:10:21 GMT
Server: Microsoft-IIS/8.5
ETag: "f4b17946626d61:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 2268

GET
H/1.1 200
OK 818080069fd8e3201143d845f4ce7c6f.jpg
shf.ch/content/images/ 7 KB
7 KB 265ms
230ms Image
image/jpeg 87.245.122.111
SASAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shf.ch/content/images/818080069fd8e3201143d845f4ce7c6f.jpg
Requested by: Host: shf.ch
URL: https://shf.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 87.245.122.111 Schaffhausen, Switzerland, ASN35518 (SASAG, CH),
Reverse DNS: static-87-245-122-111.ptr.as35518.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0070c4287f1b8118d09f0c7c66b762f2fd3be90023f5833d64d89a197ef0f31c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 07:30:51 GMT
Last-Modified: Fri, 19 Jun 2020 07:52:00 GMT
Server: Microsoft-IIS/8.5
ETag: "f11ab483e46d61:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 6912

GET
H3 200 publisher.js Show response
adnz.co/dmp/ 33 KB
13 KB 30ms
29ms Script
application/javascript 172.67.68.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adnz.co/dmp/publisher.js

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=156

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ae4ddd3577189a8eb7596b8701b46109c32a47e74ef772fce315f53ddaa372f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000d20d814d21152f34-006626a750-133281d-default
age: 1061
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Apr 2024 14:02:40 GMT
server: cloudflare
etag: W/"89ef0ec50c2c23bfc2c0c00eb5ab0004"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ymgZr2WToP4rZ8w28h6JJW8egdTUvOkuAfzeMvuDLo1dnwCkRG7FRxDI0O7%2FPgaRh2OfY5KvUDfXwpdV8aUm6ibkZrn4vUNZMNNlfEClDIHbaHB91rQbEiM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
x-rgw-object-type: Normal
cache-control: public, max-age=1800
access-control-allow-credentials: true
cf-ray: 878c1e4ab9bc1ad7-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With

GET
H3 200 country Show response
api.adnz.co/api/ws-geodata/ 2 B
675 B 76ms
39ms Fetch
application/text 172.67.68.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.adnz.co/api/ws-geodata/country

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=156

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab861dc170dc2e43224e45278d3d31a675b9ebc34c9b0f48c066ca1eeaed8ee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/text
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:12 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
ratelimit-reset: 1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time: 0
ratelimit-limit: 100
alt-svc: h3=":443"; ma=86400
content-length: 2
x-xss-protection: 0
pragma: no-cache
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
content-type: application/text;charset=UTF-8
access-control-allow-origin: https://shf.ch
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LEsexNB7Wp8rDTOpSi6NsqtFENFSv581i1zdbqJ1YfvBJjCjDXV5DLHNQNAKkPf3Q9wKTp7LdR%2BmtLD04RtYXHilIsY%2FItK%2FoPABRqO0P7k93pSqCcaoDtjalti8"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 878c1e4aeb6e9b9e-FRA
ratelimit-remaining: 99
expires: 0

GET
H2 200 / Show response
epg.shf.ch/embed/ Frame 4A31 2 KB
855 B 304ms
238ms Document
text/html 217.26.52.21
HOSTPOINT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://epg.shf.ch/embed/?spalten=4&start=0&range=6
Requested by: Host: shf.ch
URL: https://shf.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.26.52.21 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS: sl42.web.hostpoint.ch
Software: Apache /
Resource Hash: 269584a5b367978c0a7e3dcaf6b2d18ce2d2adce172fdc63f1f8ef9bed5d8324

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://shf.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 23 Apr 2024 07:25:12 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 1jhvl2uqodz6o
player.vod2.infomaniak.com/embed/ Frame B0F8 0
0 206ms
24ms Document
text/html 185.125.25.29
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vod2.infomaniak.com/embed/1jhvl2uqodz6o
Requested by: Host: shf.ch
URL: https://shf.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.125.25.29 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),
Reverse DNS: reverse-proxy-ip-9.infomaniak.ch
Software: /
Resource Hash

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://shf.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 23 Apr 2024 07:25:12 GMT
etag: W/"661f559d-c16"
last-modified: Wed, 17 Apr 2024 04:52:45 GMT
vary: Accept-Encoding

GET
H2 200 1jhvl2uqodwvl
player.vod2.infomaniak.com/embed/ Frame 87C6 0
0 207ms
26ms Document
text/html 185.125.25.29
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vod2.infomaniak.com/embed/1jhvl2uqodwvl
Requested by: Host: shf.ch
URL: https://shf.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.125.25.29 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),
Reverse DNS: reverse-proxy-ip-9.infomaniak.ch
Software: /
Resource Hash

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://shf.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 23 Apr 2024 07:25:12 GMT
etag: W/"661f559d-c16"
last-modified: Wed, 17 Apr 2024 04:52:45 GMT
vary: Accept-Encoding

GET
H2 200 1jhvl2uqnmvmi
player.vod2.infomaniak.com/embed/ Frame F02F 0
0 204ms
24ms Document
text/html 185.125.25.29
INFOMANIAK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.vod2.infomaniak.com/embed/1jhvl2uqnmvmi
Requested by: Host: shf.ch
URL: https://shf.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.125.25.29 , Switzerland, ASN29222 (INFOMANIAK-AS, CH),
Reverse DNS: reverse-proxy-ip-9.infomaniak.ch
Software: /
Resource Hash

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://shf.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 23 Apr 2024 07:25:12 GMT
etag: W/"661f559d-c16"
last-modified: Wed, 17 Apr 2024 04:52:45 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK shfbg2013.png
shf.ch/images/ 5 KB
5 KB 284ms
259ms Image
image/png 87.245.122.111
SASAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shf.ch/images/shfbg2013.png
Requested by: Host: shf.ch
URL: https://shf.ch/template/inc_css/style_2011.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 87.245.122.111 Schaffhausen, Switzerland, ASN35518 (SASAG, CH),
Reverse DNS: static-87-245-122-111.ptr.as35518.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dba577576f956494221d37cb3105c0e406f79c8670c328043e85c033c71f7a0f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/template/inc_css/style_2011.css
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 07:30:51 GMT
Last-Modified: Tue, 09 Apr 2013 09:18:08 GMT
Server: Microsoft-IIS/8.5
ETag: "dbf98726335ce1:0"
X-Powered-By: ASP.NET
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4673

GET
H/1.1 200
OK header_new.gif
shf.ch/images/ 6 KB
6 KB 282ms
267ms Image
image/gif 87.245.122.111
SASAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shf.ch/images/header_new.gif
Requested by: Host: shf.ch
URL: https://shf.ch/template/inc_css/style_2011.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 87.245.122.111 Schaffhausen, Switzerland, ASN35518 (SASAG, CH),
Reverse DNS: static-87-245-122-111.ptr.as35518.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b202f101244a6a1edfe1dd9a2cba321fda4369f3a59af335fed01f1db27d5bd9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/template/inc_css/style_2011.css
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 07:30:51 GMT
Last-Modified: Mon, 15 Mar 2010 17:00:43 GMT
Server: Microsoft-IIS/8.5
ETag: "80ef41c61c4ca1:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 5839

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
692 B 127ms
75ms Fetch
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=156

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 23 Apr 2024 07:25:12 GMT
an-x-request-uuid: 32a5b162-c76b-4160-878b-8b66b5cb3d8f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shf.ch
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.106.6; 176.10.106.6; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 visitor-id Show response
api.adnz.co/api/ws-convey/ 19 B
756 B 41ms
40ms Fetch
text/plain 172.67.68.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-convey/visitor-id?url=https%3A%2F%2Fshf.ch%2F
Requested by: Host: adnz.co
URL: https://adnz.co/header.js?adTagId=156
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c71f1aeee4189f436d219b57072e3a60878b36d2bceac8b35cc79f4b745003b6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:12 GMT
ratelimit-reset: 1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="Not used"
x-envoy-upstream-service-time: 5
ratelimit-limit: 100
alt-svc: h3=":443"; ma=86400
content-length: 19
pragma: no-cache
server: cloudflare
etag: 2621963797953161830
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pb7hMSOT%2BVI4WDEV1lW8ahHJLswcXy8ls59tIcje5o3OcK6aTVeDLuYh064kd3MtEhz9IaBHd%2BcYujfa4OJIjRb1xVSJYj1ECQ%2BREFWEE42gvcxnoardNJtExqq3"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://shf.ch
access-control-expose-headers: ETag, Authorization
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 878c1e4aea121ad7-FRA
ratelimit-remaining: 99
expires: -1

GET
H3 200 page-keywords Show response
api.adnz.co/api/ws-semantiq/ 38 B
659 B 48ms
48ms Fetch
application/json 172.67.68.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.adnz.co/api/ws-semantiq/page-keywords?url=https%3A%2F%2Fshf.ch%2F&tenantIds=1,43

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=156

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cabf5609dd3ca129d4a52f774801221dd9715298f4d99d36959ce24dc3c716ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:12 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
ratelimit-reset: 1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-envoy-upstream-service-time: 2
ratelimit-limit: 100
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://shf.ch
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQm5P5218UrzDASz3PBxIc2ZrJ3VT2%2FRokRDAd%2FLjPZ%2FIaOat14MejET%2BEK7IM0zC%2Fp1abupU69l3voPhUs2izX67EyKK2CR2GXGI86%2BmrV5cWOiUbNSqTxAQiC0"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 878c1e4b2bb39b9e-FRA
ratelimit-remaining: 99
expires: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EDE8 92 KB
29 KB 118ms
65ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78423b821d1beb88f516d803163c822f488c90ea8d16e1af222fa68d1219df77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29517
x-xss-protection: 0
server: cafe
etag: 216 / 19836 / m202404170101 / config-hash: 10380679877830304120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Apr 2024 07:25:12 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 2D9B 92 KB
0 116ms
116ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78423b821d1beb88f516d803163c822f488c90ea8d16e1af222fa68d1219df77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29517
x-xss-protection: 0
server: cafe
etag: 216 / 19836 / m202404170101 / config-hash: 10380679877830304120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Apr 2024 07:25:12 GMT

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 122 KB
42 KB 80ms
20ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: adnz.co
URL: https://adnz.co/header.js?adTagId=156
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 97711cf6d03d55d6dfa7ba68473b2d0d3c64c963463100f87f6792a4d0d080c1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Expires: Wed, 14 Feb 2024 18:28:30 GMT
Date: Tue, 23 Apr 2024 07:25:13 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 46466
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 41982
X-Served-By: cache-lga21942-LGA, cache-fra-eddf8230073-FRA
Last-Modified: Tue, 13 Feb 2024 18:28:18 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1713857113.088501,VS0,VE0
ETag: W/"65cbb4c2-1e942"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 84016, 12757

POST
H2 200 v3 Show response
ib.adnxs.com/ut/ 292 B
974 B 24ms
23ms Fetch
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=156

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

49a70b5e3d49235c659640cf6de1414f1fe0ea5e044e2179616477b08aae04e1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
pragma: no-cache
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
cache-control: no-cache
Referer: https://shf.ch/
X-Is-Test: 0
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 23 Apr 2024 07:25:13 GMT
an-x-request-uuid: ff784577-4c50-4687-9043-9e66a38a3573
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shf.ch
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.106.6; 176.10.106.6; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 292
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 v3
ib.adnxs.com/ut/ Frame 0
0 78ms
28ms Preflight
text/plain 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,pragma,x-is-test
Access-Control-Request-Method: POST
Origin: https://shf.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: cache-control,pragma,x-is-test
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://shf.ch
access-control-max-age: 86400
an-x-request-uuid: 463c6225-cfa2-4550-b02c-93bb9c66f1ec
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 23 Apr 2024 07:25:13 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 176.10.106.6; 176.10.106.6; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0

POST
H2 200 v3 Show response
ib.adnxs.com/ut/ 302 B
1 KB 759ms
758ms XHR
application/json 37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

6ff3bf3a24748720f14368b9aeeb4041aa95e4f7696c182375a0bac7d0e605be

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Apr 2024 07:25:13 GMT
an-x-request-uuid: 2d9482b7-12db-4a6d-8b70-9debb1b271a7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shf.ch
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 176.10.106.6; 176.10.106.6; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 302
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK favicon.ico
shf.ch/ 94 KB
94 KB 31ms
31ms Other
image/x-icon 87.245.122.111
SASAG

General

Check archive.org

Show headers Download Go to

Full URL: https://shf.ch/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 87.245.122.111 Schaffhausen, Switzerland, ASN35518 (SASAG, CH),
Reverse DNS: static-87-245-122-111.ptr.as35518.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8d4f97847b7c1455ae0ebbac89eec6d264cd8fc680302531835fee587d0de981

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 07:30:52 GMT
Last-Modified: Wed, 11 May 2022 09:12:09 GMT
Server: Microsoft-IIS/8.5
ETag: "80fa1b311765d81:0"
X-Powered-By: ASP.NET
Content-Type: image/x-icon
Accept-Ranges: bytes
Content-Length: 96066

GET
H3 204 batch
api.adnz.co/api/ws-events-sink/ 0
0 36ms
36ms Fetch 172.67.68.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-events-sink/batch?visitorId=2621963797953161830&hash=&uid=&events=W3sidHlwZSI6IlBBR0VfSU1QUkVTU0lPTiIsImV2ZW50SWQiOjcxOTgzMzI1NTM3MDg0MjcsInBhZ2VJbXByZXNzaW9uSWQiOjE4NDc0MzEzMzg4ODI5LCJ1cmwiOiJodHRwczovL3NoZi5jaC8iLCJib2R5Ijp7fX0seyJ0eXBlIjoiSEVBREVSX0RPTV9GT1VORCIsImV2ZW50SWQiOjY1ODUwMTM4MDcyNDc1MjEsInBhZ2VJbXByZXNzaW9uSWQiOjE4NDc0MzEzMzg4ODI5LCJ1cmwiOiJodHRwczovL3NoZi5jaC8iLCJib2R5Ijp7ImFkVGFnSWQiOjE1NiwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIiwiaXNSZWxvYWQiOmZhbHNlLCJzaXplTWFwcGluZ0lkIjoiMjg0NyJ9fSx7InR5cGUiOiJIRUFERVJfRE9NX0ZPVU5EIiwiZXZlbnRJZCI6NzIzNDMzMTg0MjQwMzc2NSwicGFnZUltcHJlc3Npb25JZCI6MTg0NzQzMTMzODg4MjksInVybCI6Imh0dHBzOi8vc2hmLmNoLyIsImJvZHkiOnsiYWRUYWdJZCI6MTU2LCJkaXZJZCI6ImFkbnpfaGFsZnBhZ2VfMSIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6IjI4NDgifX0seyJ0eXBlIjoiSEVBREVSX0NBTl9CRV9QUkVMT0FERUQiLCJldmVudElkIjo5MDIzNjIxODI3MTc0NTksInBhZ2VJbXByZXNzaW9uSWQiOjE4NDc0MzEzMzg4ODI5LCJ1cmwiOiJodHRwczovL3NoZi5jaC8iLCJib2R5Ijp7ImFkVGFnSWQiOjE1NiwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIiwiaXNSZWxvYWQiOmZhbHNlLCJzaXplTWFwcGluZ0lkIjoiMjg0NyJ9fSx7InR5cGUiOiJIRUFERVJfQ0FOX0JFX1BSRUxPQURFRCIsImV2ZW50SWQiOjU1NjgyNTA5NDk5MzE0MzcsInBhZ2VJbXByZXNzaW9uSWQiOjE4NDc0MzEzMzg4ODI5LCJ1cmwiOiJodHRwczovL3NoZi5jaC8iLCJib2R5Ijp7ImFkVGFnSWQiOjE1NiwiZGl2SWQiOiJhZG56X2hhbGZwYWdlXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOiIyODQ4In19LHsidHlwZSI6IkhFQURFUl9DQU5fQkVfU0hPV04iLCJldmVudElkIjozNTM5MzgwODY5MTc4NTQzLCJwYWdlSW1wcmVzc2lvbklkIjoxODQ3NDMxMzM4ODgyOSwidXJsIjoiaHR0cHM6Ly9zaGYuY2gvIiwiYm9keSI6eyJhZFRhZ0lkIjoxNTYsImRpdklkIjoiYWRuel93aWRlYm9hcmRfMSIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6IjI4NDcifX0seyJ0eXBlIjoiSEVBREVSX0NBTl9CRV9TSE9XTiIsImV2ZW50SWQiOjU3OTk1ODU4MDcyMjcyNDUsInBhZ2VJbXByZXNzaW9uSWQiOjE4NDc0MzEzMzg4ODI5LCJ1cmwiOiJodHRwczovL3NoZi5jaC8iLCJib2R5Ijp7ImFkVGFnSWQiOjE1NiwiZGl2SWQiOiJhZG56X2hhbGZwYWdlXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOiIyODQ4In19XQ%3D%3D
Requested by: Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:13 GMT
ratelimit-reset: 1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nERQcYB7pM75dbRNIrFz0aM6OTpGL9LQ7LJ6pLc9ZqEgp5o4bXsTwvIxHP%2FBOXBzEWagShWJnt1xpjmYrlU%2FoVqOvnsS2ZwaAh5atmESgvxAh3y6DKClzwbze1jj"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://shf.ch
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
ratelimit-limit: 100
cf-ray: 878c1e4e0d071ad7-FRA
ratelimit-remaining: 99
alt-svc: h3=":443"; ma=86400

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/ Frame EDE8 451 KB
141 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71eb11ec6af6382b7d873d1900a972390f18a8897964f41e8acd9f3a1b8fa14c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 10:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74851
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143856
x-xss-protection: 0
server: cafe
etag: 5552259019330558669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 22 Apr 2025 10:37:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame EDE8 675 B
342 B 96ms
54ms XHR
application/json 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shf.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

230aa1090b476e3a460ae9e79985d036125e35c824104e3d837a50b8099d10f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 317
x-xss-protection: 0
expires: Tue, 23 Apr 2024 07:25:13 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame EDE8 92 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78423b821d1beb88f516d803163c822f488c90ea8d16e1af222fa68d1219df77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29517
x-xss-protection: 0
server: cafe
etag: 216 / 19836 / m202404170101 / config-hash: 10380679877830304120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Apr 2024 07:25:12 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/ Frame 2D9B 451 KB
0 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71eb11ec6af6382b7d873d1900a972390f18a8897964f41e8acd9f3a1b8fa14c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 10:37:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74851
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143856
x-xss-protection: 0
server: cafe
etag: 5552259019330558669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 22 Apr 2025 10:37:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 2D9B 675 B
0 94ms
94ms XHR
application/json 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shf.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

230aa1090b476e3a460ae9e79985d036125e35c824104e3d837a50b8099d10f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 317
x-xss-protection: 0
expires: Tue, 23 Apr 2024 07:25:13 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 2D9B 92 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: adnz.co
URL: https://adnz.co/header.js?adTagId=156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78423b821d1beb88f516d803163c822f488c90ea8d16e1af222fa68d1219df77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29517
x-xss-protection: 0
server: cafe
etag: 216 / 19836 / m202404170101 / config-hash: 10380679877830304120
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Apr 2024 07:25:12 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EDE8 828 B
427 B 582ms
581ms Fetch
text/plain 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1131168402656695&correlator=1160954277719467&eid=31079957&output=ldjh&gdfp_req=1&vrg=202404170101&ptt=17&impl=fif&iu_parts=96628199%3A22843942346%2Cde_shf.ch_v2%2Cde_shf.ch_v2_2847&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=994x118%7C728x90%7C800x250%7C970x250%7C994x250%7C1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1713857114000&lmt=1713857114&adxs=800&adys=15&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=bd506d0zm3d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3LjYwIl0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny42MCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&nhd=1&url=https%3A%2F%2Fshf.ch%2F&ref=https%3A%2F%2Fshf.ch%2F&top=https%3A%2F%2Fshf.ch%2F&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ga_vid=1764927260.1713857114&ga_sid=1713857114&ga_hid=1045420002&ga_fc=false&dlt=1713857112867&idt=1100&ppid=00000002621963797953161830tgbuzi&prev_scp=hb_pb%3D0.30&adks=3544497445&frm=23&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

97accede2f2e075ed8efcab14acd0e54c9bd1eb5a68991a22f65965b19a65e8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 396
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://shf.ch
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ Frame EDE8 732 B
1 KB 53ms
30ms Script
application/javascript 104.16.87.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 40190
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-lga21971-LGA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SVAqldCplUgggwiKrib35up78%2FYiiHvZ6q4DjE6d%2B2Ct5PbZ6il2oQFn%2FSo28G8U0frR0klPpUdbuDkBcaRB2mjMVterlJC3akJh5Nh0ogsNYqW6Fm5KeWGeaTKMUieAQOs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 878c1e52bab55262-MXP

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ Frame EDE8 93 KB
27 KB 90ms
32ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b8e2bfff3dd904d036afafe2e6dfd7f6b94a58213ab96b2808f40cccc064a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:14 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Apr 2024 12:18:50 GMT
server: cloudflare
x-amz-request-id: 9NFZP4WB5BFJ455T
age: 2073
etag: W/"0433e7dd1d8537de06e7ada0d7d3d9cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 878c1e52fa8fa064-FRA
x-amz-id-2: i1YUF4NPNqCzU9gxtG3Sz5XLLgztpxh3pfoF55brl0AgIIqvrDbsdQ6DXPuj5zOSBVyHNCD3BS4=

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ Frame EDE8 1 KB
1 KB 88ms
38ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:14 GMT
via: 1.1 google, 1.1 google
last-modified: Mon, 05 Feb 2024 22:07:56 GMT
server: Google Frontend
etag: cd19e0900da0cdbc6697310fd9330fb6
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 74d417b8b900ac8aa0278fab5ac358e4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1195

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ Frame EDE8 39 KB
12 KB 73ms
23ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6cd320c5ba515fef3997afe473332231160a2cb715f1a99679a7cefa1cf0be0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 02:33:56 GMT
content-encoding: gzip
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
last-modified: Wed, 14 Feb 2024 17:39:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 17479
x-amz-server-side-encryption: AES256
etag: W/"21f8671135afbd2e874c42d3dc478afa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: f0YWOD04-E-qQ8k-E_O-ci8jxQg-Q74uGad--Upwyavv6_uhBScA9g==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ Frame EDE8 3 KB
3 KB 91ms
27ms Script
text/javascript 2600:9000:225b:3c00:a:e047:754:3401
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:3c00:a:e047:754:3401 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Tue, 23 Apr 2024 04:36:08 GMT
Via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P1
Age: 10147
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: bjlXPTB2dZ5Wxpr8gjYacprY5cGbcV_z3EP6APPNrRIt3j8QccFqjw==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ Frame EDE8 24 KB
8 KB 55ms
16ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Apr 2024 05:00:42 GMT
content-encoding: gzip
age: 1736672
x-guploader-uploadid: ABPtcPqiDS5tBwV0QLZmyML_yzcPEQr3nc6FLNBQrfNVEH6ZBn0MtJkPczDlDTsLPVZ_9cVT-HNMmDk9RmaQll4t4L8-LQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 03 Apr 2025 05:00:42 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ Frame EDE8 41 KB
13 KB 128ms
57ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

16eef82325d88bccb3f09d34d6155a3ee890edfdb479d44264212b5d5eca1af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Apr 2024 12:20:57 GMT
server: nginx
etag: W/"661532a9-a5c1"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 24 Apr 2024 07:25:14 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EDE8 16 KB
12 KB 162ms
119ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

01be1393891a8b8be242acadcc3878bd3fa03c3d91bbfddc8adf1ec0160028c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12270
x-xss-protection: 0

GET
H2 200 container.html
a83c80b51ce4b6fa0ed3b2fd970db3a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B516 0
0 100ms
28ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a83c80b51ce4b6fa0ed3b2fd970db3a2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://shf.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Apr 2024 07:25:14 GMT
expires: Wed, 23 Apr 2025 07:25:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2D9B 830 B
433 B 501ms
501ms Fetch
text/plain 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1712715735337443&correlator=2066135425698282&eid=31079957%2C31082397%2C31082137&output=ldjh&gdfp_req=1&vrg=202404170101&ptt=17&impl=fif&iu_parts=96628199%3A22843942346%2Cde_shf.ch_v2%2Cde_shf.ch_v2_2848&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600%7C300x600%7C1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1713857114011&lmt=1713857114&adxs=1068&adys=184&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4z8izxqwi30n&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3LjYwIl0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny42MCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&nhd=1&url=https%3A%2F%2Fshf.ch%2F&ref=https%3A%2F%2Fshf.ch%2F&top=https%3A%2F%2Fshf.ch%2F&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ga_vid=2073636739.1713857114&ga_sid=1713857114&ga_hid=1048868186&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYlN_gzvAxSABSAghkEhkKCnB1YmNpZC5vcmcYlN_gzvAxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGJTf4M7wMUgAUgIIZBIXCghydGJob3VzZRiU3-DO8DFIAFICCGQSGQoKdWlkYXBpLmNvbRiU3-DO8DFIAFICCGQSFAoFb3BlbngYlN_gzvAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiU3-DO8DFIAFICCGQ.&dlt=1713857112875&idt=1110&ppid=00000002621963797953161830tgbuzi&prev_scp=hb_pb%3D0.30&adks=221310055&frm=23&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f2.1e100.net

Software

cafe /

Resource Hash

8a97520f07039becd997dd5f12a3faec9dafa220cb7f9adabb728ed90b47049c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 402
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://shf.ch
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2D9B 16 KB
12 KB 227ms
71ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202404170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

0ff2d1ce8b3a524d0345700a60570f1f8b205a37504139daa2397a8d447d1331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12609
x-xss-protection: 0

GET
H2 200 container.html
63c19cf8a8009731ceaa7e1a4a870d46.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E6C8 0
0 110ms
29ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://63c19cf8a8009731ceaa7e1a4a870d46.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://shf.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 23 Apr 2024 07:25:14 GMT
expires: Wed, 23 Apr 2025 07:25:14 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

esp Show response
oajs.openx.net/ Frame EDE8
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fshf.ch%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fshf.ch%2F&rid=esp&cc=1

85 B
194 B

140ms
139ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fshf.ch%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 2c7c01f7a0ecaeb3d1365858b94ff316030636a7e9b1023ea14150aa290f2918

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://shf.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Apr 2024 07:25:14 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-kHDJ175QGtQG7znfRpNStTk7S2M"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://shf.ch
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Tue, 23 Apr 2024 07:25:14 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://shf.ch
location: /esp?url=https%3A%2F%2Fshf.ch%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame EDE8 235 B
686 B 140ms
51ms XHR
application/json 52.211.13.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.13.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-13-38.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: e16c4f16c68c0851a23f9ce5f9f25168890b174353bf208b318312f212a91a50

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 Apr 2024 07:25:14 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://shf.ch
cache-control: no-cache
x-server: 10.45.22.22
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ Frame EDE8 0
222 B 74ms
22ms XHR
text/plain 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://shf.ch
date: Tue, 23 Apr 2024 07:25:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe
gum.criteo.com/ Frame 52C3 0
0 94ms
32ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=shf.ch

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://shf.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 Apr 2024 07:25:13 GMT
server: Kestrel
server-processing-duration-in-ticks: 300423
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EDE8 17 KB
7 KB 109ms
46ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Apr 2024 07:25:14 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2D9B 17 KB
0 38ms
38ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202404170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 23 Apr 2024 07:25:14 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5AF8 0
0 70ms
21ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://shf.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 35242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Apr 2024 21:37:52 GMT
expires: Tue, 22 Apr 2025 21:37:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame AA29 0
0 75ms
34ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9YXu72WIsEt7J_hlrNb7hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://shf.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-9YXu72WIsEt7J_hlrNb7hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 Apr 2024 07:25:14 GMT
expires: Tue, 23 Apr 2024 07:25:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 30B9 0
0 66ms
66ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://shf.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 35242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Apr 2024 21:37:52 GMT
expires: Tue, 22 Apr 2025 21:37:52 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 89FA 0
0 73ms
73ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9YXu72WIsEt7J_hlrNb7hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://shf.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-9YXu72WIsEt7J_hlrNb7hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 23 Apr 2024 07:25:14 GMT
expires: Tue, 23 Apr 2024 07:25:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 batch
api.adnz.co/api/ws-events-sink/ 0
0 38ms
38ms Fetch 172.67.68.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-events-sink/batch?visitorId=2621963797953161830&hash=&uid=&events=W3sidHlwZSI6IkJJRF9SRVFVRVNUIiwiZXZlbnRJZCI6ODkzMDUzMDg3ODg3MTExOSwicGFnZUltcHJlc3Npb25JZCI6MTg0NzQzMTMzODg4MjksInVybCI6Imh0dHBzOi8vc2hmLmNoLyIsImJvZHkiOnsiaGVhZGVyVGFnSWQiOiIxNTYiLCJjcmVhdGVkIjoxNzEzODU3MTEzODg4LCJyZXF1ZXN0SWQiOiIyNzE2OTY3MzkxNzE3NDUzIiwiYmlkZGVycyI6WyJBUFBORVhVUyIsIlRFQURTIiwiSVgiLCJBTUFaT04iLCJCQyIsIkJUQSIsIkNPREUiLCJYQU5EUl9CQU5ORVIiLCJZQUxFT19QUkVCSUQiXSwic2l6ZXMiOlsiOTk0eDI1MCIsIjk5NHgxMTgiLCI3Mjh4OTAiLCI4MDB4MjUwIiwiOTcweDI1MCIsIjk5NHgyNTAiXSwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIn19LHsidHlwZSI6IkJJRF9SRVFVRVNUIiwiZXZlbnRJZCI6ODcxMzc1MDM5OTYxMDc2NSwicGFnZUltcHJlc3Npb25JZCI6MTg0NzQzMTMzODg4MjksInVybCI6Imh0dHBzOi8vc2hmLmNoLyIsImJvZHkiOnsiaGVhZGVyVGFnSWQiOiIxNTYiLCJjcmVhdGVkIjoxNzEzODU3MTEzODg4LCJyZXF1ZXN0SWQiOiIyNzE2OTY3MzkxNzE3NDUzIiwiYmlkZGVycyI6WyJBUFBORVhVUyIsIlRFQURTIiwiSVgiLCJBTUFaT04iLCJCQyIsIkJUQSIsIkNPREUiLCJYQU5EUl9CQU5ORVIiLCJZQUxFT19QUkVCSUQiXSwic2l6ZXMiOlsiMzAweDYwMCIsIjE2MHg2MDAiLCIzMDB4NjAwIl0sImRpdklkIjoiYWRuel9oYWxmcGFnZV8xIn19LHsidHlwZSI6IkhFQURFUl9BVUNUSU9OIiwiZXZlbnRJZCI6ODE5Mzk4NjY4OTU0OTg0OSwicGFnZUltcHJlc3Npb25JZCI6MTg0NzQzMTMzODg4MjksInVybCI6Imh0dHBzOi8vc2hmLmNoLyIsImJvZHkiOnsiYWRUYWdJZCI6MTU2LCJkaXZJZCI6ImFkbnpfd2lkZWJvYXJkXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOiIyODQ3In19LHsidHlwZSI6IkhFQURFUl9BVUNUSU9OIiwiZXZlbnRJZCI6NTAwMDczMzU1NTk1MDc4MywicGFnZUltcHJlc3Npb25JZCI6MTg0NzQzMTMzODg4MjksInVybCI6Imh0dHBzOi8vc2hmLmNoLyIsImJvZHkiOnsiYWRUYWdJZCI6MTU2LCJkaXZJZCI6ImFkbnpfaGFsZnBhZ2VfMSIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6IjI4NDgifX0seyJ0eXBlIjoiSEVBREVSX0FMTE9XRUQiLCJldmVudElkIjozMzY0NTQ0MjI2Mjc1OTM1LCJwYWdlSW1wcmVzc2lvbklkIjoxODQ3NDMxMzM4ODgyOSwidXJsIjoiaHR0cHM6Ly9zaGYuY2gvIiwiYm9keSI6eyJhZFRhZ0lkIjoxNTYsImRpdklkIjoiYWRuel93aWRlYm9hcmRfMSIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6IjI4NDcifX0seyJ0eXBlIjoiSEVBREVSX0FMTE9XRUQiLCJldmVudElkIjo3NTA3NDY5MjQ0MDA0MjcsInBhZ2VJbXByZXNzaW9uSWQiOjE4NDc0MzEzMzg4ODI5LCJ1cmwiOiJodHRwczovL3NoZi5jaC8iLCJib2R5Ijp7ImFkVGFnSWQiOjE1NiwiZGl2SWQiOiJhZG56X2hhbGZwYWdlXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOiIyODQ4In19LHsidHlwZSI6IkhFQURFUl9HUFRfSU5KRUNURUQiLCJldmVudElkIjoxMzk0MzQyNDE2NjY0NzMzLCJwYWdlSW1wcmVzc2lvbklkIjoxODQ3NDMxMzM4ODgyOSwidXJsIjoiaHR0cHM6Ly9zaGYuY2gvIiwiYm9keSI6eyJhZFRhZ0lkIjoxNTYsImRpdklkIjoiYWRuel93aWRlYm9hcmRfMSIsImlzUmVsb2FkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6IjI4NDcifX0seyJ0eXBlIjoiSEVBREVSX0dQVF9JTkpFQ1RFRCIsImV2ZW50SWQiOjQxNDg1NzQwODQ1NTU1MDksInBhZ2VJbXByZXNzaW9uSWQiOjE4NDc0MzEzMzg4ODI5LCJ1cmwiOiJodHRwczovL3NoZi5jaC8iLCJib2R5Ijp7ImFkVGFnSWQiOjE1NiwiZGl2SWQiOiJhZG56X2hhbGZwYWdlXzEiLCJpc1JlbG9hZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOiIyODQ4In19XQ%3D%3D
Requested by: Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:14 GMT
ratelimit-reset: 1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xI%2FlexCmIAzl5rUOMwNFgSqf%2B3b%2FN3WoU1RjFPqhdxhX11hU3ekaNFUQQlqMbrSYh62L8Qccm%2FzNdw8FyvfFOOIb6501ejuwPR%2BSqUzoMQ4WPOEnwL%2FEKsLnOIYP"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://shf.ch
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
ratelimit-limit: 100
cf-ray: 878c1e548b981ad7-FRA
ratelimit-remaining: 99
alt-svc: h3=":443"; ma=86400

GET
H2 200 pd
google-bidout-d.openx.net/w/1.0/ Frame A06F 0
0 67ms
31ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://shf.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 444
content-type: text/html
date: Tue, 23 Apr 2024 07:25:14 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET sodar
pagead2.googlesyndication.com/pagead/ Frame EDE8 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ Frame 2D9B 0
0

GET
H3 204 batch
api.adnz.co/api/ws-events-sink/ 0
0 39ms
38ms Fetch 172.67.68.225
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adnz.co/api/ws-events-sink/batch?visitorId=2621963797953161830&hash=&uid=&events=W3sidHlwZSI6IkJJRF9XSU5ORVIiLCJldmVudElkIjo4NTI0NTU1MjIwNzI2MTE5LCJwYWdlSW1wcmVzc2lvbklkIjoxODQ3NDMxMzM4ODgyOSwidXJsIjoiaHR0cHM6Ly9zaGYuY2gvIiwiYm9keSI6eyJoZWFkZXJUYWdJZCI6IjE1NiIsImNyZWF0ZWQiOjE3MTM4NTcxMTQ1MTgsInNpemVNYXBwaW5nSWQiOiIiLCJzaXplIjoiIiwicmVxdWVzdElkIjoiMjcxNjk2NzM5MTcxNzQ1MyIsImRpdklkIjoiYWRuel9oYWxmcGFnZV8xIiwiYmlkZGVyU2NvcmVzIjp7IkFQUE5FWFVTIjpudWxsLCJURUFEUyI6bnVsbCwiSVgiOm51bGwsIkFNQVpPTiI6bnVsbCwiQkMiOm51bGwsIkJUQSI6bnVsbCwiQ09ERSI6bnVsbCwiWEFORFJfQkFOTkVSIjpudWxsLCJZQUxFT19QUkVCSUQiOm51bGwsIkdPT0dMRSI6MH19fSx7InR5cGUiOiJIRUFERVJfQURfSU1QUkVTU0lPTiIsImV2ZW50SWQiOjQyNzA0NTMyMTQxMjg2ODksInBhZ2VJbXByZXNzaW9uSWQiOjE4NDc0MzEzMzg4ODI5LCJ1cmwiOiJodHRwczovL3NoZi5jaC8iLCJib2R5Ijp7ImFkVGFnSWQiOjE1NiwiZGl2SWQiOiJhZG56X2hhbGZwYWdlXzEiLCJpc1JlbG9hZCI6ZmFsc2UsImlzRGVsaXZlcmVkIjpmYWxzZSwic2l6ZU1hcHBpbmdJZCI6IjI4NDgifX0seyJ0eXBlIjoiQklEX1dJTk5FUiIsImV2ZW50SWQiOjc4MjQ3MzExMDk2NTU3NTcsInBhZ2VJbXByZXNzaW9uSWQiOjE4NDc0MzEzMzg4ODI5LCJ1cmwiOiJodHRwczovL3NoZi5jaC8iLCJib2R5Ijp7ImhlYWRlclRhZ0lkIjoiMTU2IiwiY3JlYXRlZCI6MTcxMzg1NzExNDU4OSwic2l6ZU1hcHBpbmdJZCI6IiIsInNpemUiOiIiLCJyZXF1ZXN0SWQiOiIyNzE2OTY3MzkxNzE3NDUzIiwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIiwiYmlkZGVyU2NvcmVzIjp7IkFQUE5FWFVTIjpudWxsLCJURUFEUyI6bnVsbCwiSVgiOm51bGwsIkFNQVpPTiI6bnVsbCwiQkMiOm51bGwsIkJUQSI6bnVsbCwiQ09ERSI6bnVsbCwiWEFORFJfQkFOTkVSIjpudWxsLCJZQUxFT19QUkVCSUQiOm51bGwsIkdPT0dMRSI6MH19fSx7InR5cGUiOiJIRUFERVJfQURfSU1QUkVTU0lPTiIsImV2ZW50SWQiOjgwMjY5OTk2OTc2MDg0MTEsInBhZ2VJbXByZXNzaW9uSWQiOjE4NDc0MzEzMzg4ODI5LCJ1cmwiOiJodHRwczovL3NoZi5jaC8iLCJib2R5Ijp7ImFkVGFnSWQiOjE1NiwiZGl2SWQiOiJhZG56X3dpZGVib2FyZF8xIiwiaXNSZWxvYWQiOmZhbHNlLCJpc0RlbGl2ZXJlZCI6ZmFsc2UsInNpemVNYXBwaW5nSWQiOiIyODQ3In19XQ%3D%3D
Requested by: Host: adnz.co
URL: https://adnz.co/dmp/publisher.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.68.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://shf.ch/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 07:25:16 GMT
ratelimit-reset: 1
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ipO8T6tT4QvV8pgLZNeFPEiI9jUCKZqAcW1qwxnuzrxjafxwERDygkzuifNztUDbqAfSAf09tz3O6ENY%2BX83%2Bn0HmslDjsoDbIAXKXtIEpidt76vStlQqxFhbbJk"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://shf.ch
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
ratelimit-limit: 100
cf-ray: 878c1e6149c41ad7-FRA
ratelimit-remaining: 99
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame 04D8 0
0 141ms
37ms Document
text/html 96.16.108.246

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 96.16.108.246 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Referer: https://shf.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 23 Apr 2024 07:25:17 GMT
ETag: "623de86a-cf34"
Expires: Wed, 24 Apr 2024 07:25:19 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404170101&jk=1131168402656695&bg=!tbaltvnNAAZ55ZTXWeU7ADQBe5WfOFll2OcNnD31kw_0fANP6lDm56P9UvqZFADLxbylp7SCm1GrvGH6yp0PlKewcBlGAgAAADBSAAAAAmgBB34ANTUIVXRuy5U1kySqZlutm3OvgEP1uFtxREBHbaY77hBKBRx-xQMqli3QgyME82A_vHhuJl_1mQLP7H6jJN4j1lVhtDE_wKpBt5raMbOnZCxQwCs5EAlzXYnXqMT8ufpQuhmKrHTDX8gW-xSsmfZzE7-wxnPW_w8uGAghHPbpxY2bsVhWhMa2HQAHvdK9skwG7WTcFaKK2kAv3G2NssY68dYIz9deZ0sfXnn3aZ6VGCVptYriFq7x_At1rZ2v3gCfcBWt67fvOvy1KxYVjIi2KCCBTTHoAxx_FNwzFyCM6qvJV9MnM0gErH0IQfgLsK7L1C7tF9VwGpC_nhTX7IrhlFF-vjXv6JMwrr6EmJ3kHscLu97F7IUiiYDaK1xxRmZdDZMwTom0UZk8GfXXxiETOXD5QpbBhzAB3DAD2tdFb5tjDlegJm3-gaDHjSL_MGoEr8FXhpOJ4fRU5emVBwxAIAlih24NEKM-dNGYl4MGIcQnncTjFe0yBDT9zfH0FLASfwyEnfOiJLxE1HUyNagj8wTMqnZn-V3HN-qvJJzFa1xddG2UmarObbVwf0tijltER3llRVE-GL3hEZ2Bjl8TrKIb_eEpxEQzxCiu3JjO3bjDXwbGl-Z0nElfqVQ4iM54WN8-l1hTL4tDMunvj_a9JrfqL4hiMxVeUCVADxTpzpcv8z2B71TdrGlzHrmkjbL1-HVangSTYENOjC2hmTZzLPlqI7UgfV3S7LyAp-7TNN4mgdsG4tEXkus9bWEuQPPn7k3wbodilwUfTA5NlbKBembwUg7WmZ6BwkfNAbh3pwwh5LE79ZIMb9kfHKw5F2Tj5q2oc1bYVIagCEKt9qWFX165aw0ihlW6419hzpQn_ZuKlltCmm5y9D330n0gBrVon60ad56U9zRfeEblE3E1Vm6_yY60ZC8LUCQn7iM5WT_WjDDFiyAoQyHts_p7qf_UGCPMlz4UXHcr6Y_9i_YlVq8pTNPFHcfQUFrJSPIwLxIjSj4ZHcpyGDBlIwlxCz5bw515Ol-GSDw

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202404170101&jk=1712715735337443&bg=!7-yl7KPNAAbzwaj-08E7ADQBe5WfOKc8Y5_JxiAd2o2rDYFACwa3W1oWX_oHoirpIF1l0GFyt2fe6hpECdEKSzJXvPlWAgAAAC5SAAAAAmgBB34ANcqgVQzpAIWRbufQAXtV1C4B7DxVx5hqdMLzQrkTsiGL3xeCKVcHmq7GaPMKdb8nSZ4YC3uXCgBC7o_bJjME7qN2GxvkDt8NlJuTlmusa7m9XcWmiNDcJdHvQ7YaGo9rjwwActXqFWApJV3lUusmME75irD7MCQi3tAomQLuDenEZKpRrfnDkeoyS0Q9geTMx2Q9VoH_P1j1-WRB2QDtIsKZ8jU3QT1RoQJRr8PbwKSfw0fkB23GXNq2zB2FA938ppJUwm_DqGpB1l4Ix-W3-7PuS4-a8K78-WgRrix1pOKOX-TOJa5PD-ZLPD7E4sAj9RfS_VYER6oWc6g0QjqMSXtCVMld6wYCTMONXoL124x6QMnviCmLk00xaxhW9yM2d36kCcLBKFj0lQilmPXqZAtKG3gAmrDoFNCTcV_7ObblLi-vt9A8VtHTc7SUNRKS8pJh_M_zkVXmnwN3WXCn_b9Pvi7rHWgcXCvHsYCkcJvswcb_3xCctIJvxqpe9gvoN5ygiMQWuu0AIlb_r55a55H1k7hwRYf2IvRjKowqUqU-IahGpJpKTnrDxaWftxi5jXoaPpuyqQjC-Rq5qX8OCcACmj1L4F8rH-l5d1b-h8d_E3HgQNvls5PyZ8sIk-uzCIZCLvfSruMjNxl5F6eJQ7-6BwlnE80ee2Wkm5yebj1Mbz3RlzRSMdHdZzdg7oc04wC1PbyeqAstrjtrTt7ysw3imMHvWwdkl2B1vACOE7wDTgSKTunbF3mGim-vjBgLPD9446azPfThMT2TE1Lyg6CWahewPSiKIKI_dOA57aXooZqpHzfLxS4Dd50qsihjxEE8EYxhW2WduoeN8wJgFCgoe3SHA1b1BLLliUAA_vtseGXa0Fm5OxrRlUQJybObrQZOKG9zxG4B8YSnC-sQd_MZazse4oCZUx1_g0UcNOidkAhgbVlUtFMViNlc8yTt4uuT5DKKlkru1eO1I5x-vxi4-d9G0ZyKAsor54ys4Ygto1HRumdxB6yGK4jBDUGpPEeW30gaio2A_qcQsYa4OVuYXSDMtNazpXsvhPRQQqd-l8RihHondedn3A9YTkkUU0PwkbFA_zDDOnFQf2ygvb2240vmm62r-G3ugOIktLHLj6-uR02wLDEQ8zrGJsUpHdvinNpdttkKP3j9

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.adnz.co/	1970-01-21 04:49:53	Name: adnzVisitorId Value: 2621963797953161830
.adnxs.com/	1970-01-20 22:13:53	Name: XANDR_PANID Value: mwF04SWD207RZUplEuCImSpvKYLGVyDmUH45umyqvJNqTTzzN0XEjAIQ9w7uoqIvFbb1n8IL7m5zQHYefDDcclcewIWJRNVIf5V7R6leZb0.
.adnxs.com/	1970-01-20 22:13:53	Name: icu Value: ChgI1odtEAoYASABKAEw2cSdsQY4AUABSAEQ2cSdsQYYAA..
.adnxs.com/	1970-01-21 05:40:17	Name: receive-cookie-deprecation Value:
.adnxs.com/	1970-01-20 22:13:53	Name: uuid2 Value: 1289745551405881806
.crwdcntrl.net/	1970-01-21 02:33:03	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-21 02:33:03	Name: _cc_id Value: 90bd6b549038180474c529d38ef419a5
.shf.ch/	1970-01-21 02:33:05	Name: _cc_id Value: 90bd6b549038180474c529d38ef419a5
.shf.ch/	1970-01-20 20:14:21	Name: panoramaId_expiry Value: 1714461914193
.shf.ch/	1970-01-20 20:14:21	Name: panoramaId Value: 3d9d925ecb50fbd6717cec13de27185ca02ca08a2dcda17bb058cdb9eb6e0449
.shf.ch/	1970-01-20 20:14:21	Name: panoramaIdType Value: panoDevice
.criteo.com/	1970-01-21 05:25:53	Name: uid Value: 274f42cc-7f12-44a6-8792-2c049bc3d2a1
.criteo.com/	1970-01-21 05:25:53	Name: receive-cookie-deprecation Value: 1
.openx.net/	1970-01-21 04:49:53	Name: i Value: e4c861e1-7c97-4f87-aae4-64d2b6c1e23e\|1713857114
.shf.ch/	1970-01-21 05:25:53	Name: cto_bundle Value: 9Z2pKl94Vk1WODElMkZvOU9YdmFiem9tb2lHelN2MSUyRnIlMkI3d0tBN3hveVBwZzJ0YkVYeUc3bld5Z0tuRFgwTXcwT3ZwbEw2VldXa053U1lVZnA0MWJLeEdlbzlUeSUyRkx2Y3FTNWludEtIWDRoUkkycFBBUUtJNHMySEJYTG1YcyUyQms1TEF5eFVNS3V3R3hkaTd0JTJGTFp4bjRUWUZOcVElM0QlM0Q
.openx.net/	1970-01-20 20:25:53	Name: pd Value: v2\|1713857114\|n0vNvQiygu
.shf.ch/	1970-01-21 05:25:53	Name: __gads Value: ID=176bf311f388742d:T=1713857114:RT=1713857114:S=ALNI_MYUToRgb0VLTatuhhyjjJc0nhxjPQ
.shf.ch/	1970-01-21 05:25:53	Name: __gpi Value: UID=00000dfbc418df77:T=1713857114:RT=1713857114:S=ALNI_MYifgCO8pv_GE6zSPuSZD36YOCpiA
.shf.ch/	1970-01-21 00:23:29	Name: __eoi Value: ID=f1a19d14e784d198:T=1713857114:RT=1713857114:S=AA-AfjYe5NdZ8Og92eu9XGl_XCFi
.doubleclick.net/	1970-01-21 05:40:17	Name: IDE Value: AHWqTUkN4NG4zM7yOlRzbnQIEd30W0h5TDTsrg0rEz0vuutuFE-moPXN0iWSQpcpUAY
.adform.net/	1970-01-20 20:47:29	Name: C Value: 1
.adform.net/	1970-01-20 21:30:41	Name: uid Value: 3772639117132191744
.amazon-adsystem.com/	1970-01-21 02:08:36	Name: ad-id Value: A8BCatwVmE52kz6bBXSybmQ
.amazon-adsystem.com/	1970-01-21 05:40:17	Name: ad-privacy Value: 0

41 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shf.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

63c19cf8a8009731ceaa7e1a4a870d46.safeframe.googlesyndication.com
a83c80b51ce4b6fa0ed3b2fd970db3a2.safeframe.googlesyndication.com
acdn.adnxs.com
adnz.co
api.adnz.co
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
epg.shf.ch
google-bidout-d.openx.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
invstatic101.creativecdn.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
player.vod2.infomaniak.com
securepubads.g.doubleclick.net
shf.ch
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google.com
pagead2.googlesyndication.com
104.16.87.20
142.250.184.196
142.250.185.162
151.101.65.108
162.19.138.116
172.67.68.225
185.125.25.29
216.58.206.66
217.26.52.21
2600:9000:225b:3c00:a:e047:754:3401
2606:4700:10::6816:3556
2a00:1450:4001:806::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:81d::2001
2a02:2638:3::3
2a02:2638:3::c
34.102.146.192
34.120.107.143
34.96.70.87
34.98.64.218
37.252.171.52
52.211.13.38
65.9.66.122
87.245.122.111
96.16.108.246
0070c4287f1b8118d09f0c7c66b762f2fd3be90023f5833d64d89a197ef0f31c
01be1393891a8b8be242acadcc3878bd3fa03c3d91bbfddc8adf1ec0160028c8
0ff2d1ce8b3a524d0345700a60570f1f8b205a37504139daa2397a8d447d1331
16eef82325d88bccb3f09d34d6155a3ee890edfdb479d44264212b5d5eca1af9
1ae4ddd3577189a8eb7596b8701b46109c32a47e74ef772fce315f53ddaa372f
230aa1090b476e3a460ae9e79985d036125e35c824104e3d837a50b8099d10f6
235f31f0e88abdc27b4a2810234948a839b239d4cb22321fac3bc1cf0ab7342a
269584a5b367978c0a7e3dcaf6b2d18ce2d2adce172fdc63f1f8ef9bed5d8324
2c7c01f7a0ecaeb3d1365858b94ff316030636a7e9b1023ea14150aa290f2918
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
334f5dc1ad92103b23a13cdc1f75cf3bf3dae3c6823dad42b41535d848818658
3afdfd6a32e0fedc354f116c92727eff325da0096683bdd9aa640bb7281a0fa2
403bd2deef61e1f6610359aeaeff88267a3c3f9b2c58c121042449be9836fe06
49a70b5e3d49235c659640cf6de1414f1fe0ea5e044e2179616477b08aae04e1
4f85910870520c8a3f738cb9dd5bd843d7f9e8913f8396b1b4e34bf07293ff82
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b8e2bfff3dd904d036afafe2e6dfd7f6b94a58213ab96b2808f40cccc064a3c
6c261af82512bec39a14b2be72ce31572ef11866369311fb107840276bd33e0e
6ff3bf3a24748720f14368b9aeeb4041aa95e4f7696c182375a0bac7d0e605be
71eb11ec6af6382b7d873d1900a972390f18a8897964f41e8acd9f3a1b8fa14c
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
78423b821d1beb88f516d803163c822f488c90ea8d16e1af222fa68d1219df77
8a97520f07039becd997dd5f12a3faec9dafa220cb7f9adabb728ed90b47049c
8d4f97847b7c1455ae0ebbac89eec6d264cd8fc680302531835fee587d0de981
9543cc9aba48e0e0dcd5be94ec0b89fa1b46344a2e5df4c1c1a49eff62a6a745
97711cf6d03d55d6dfa7ba68473b2d0d3c64c963463100f87f6792a4d0d080c1
97accede2f2e075ed8efcab14acd0e54c9bd1eb5a68991a22f65965b19a65e8a
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
ab861dc170dc2e43224e45278d3d31a675b9ebc34c9b0f48c066ca1eeaed8ee6
b202f101244a6a1edfe1dd9a2cba321fda4369f3a59af335fed01f1db27d5bd9
b440ec3021445265f4c70c7ecf8524f03cd7a5d6cbb048bd0b6675a2fd85ed6b
c1f3cd57b8712957e943a32cc034e9bd9020ca34461beccd1b54f6cd2bb7de92
c71f1aeee4189f436d219b57072e3a60878b36d2bceac8b35cc79f4b745003b6
cabf5609dd3ca129d4a52f774801221dd9715298f4d99d36959ce24dc3c716ad
dba577576f956494221d37cb3105c0e406f79c8670c328043e85c033c71f7a0f
e16c4f16c68c0851a23f9ce5f9f25168890b174353bf208b318312f212a91a50
e2cd908b3f7445c3564fe1fdfe5fb11ca4af9ffe495bc42b8c0d83fcfe091dc6
e388e19ca38c825b329e762c79c66bbd41bd334f18312c5e97fde0a8f64bca36
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6cd320c5ba515fef3997afe473332231160a2cb715f1a99679a7cefa1cf0be0

shf.ch Open in urlscan Pro 87.245.122.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

95 %HTTPS

28 %IPv6

16 Domains

25 Subdomains

26 IPs

6 Countries

559 kBTransfer

2143 kBSize

24 Cookies

7 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shf.ch Open in urlscan Pro
87.245.122.111 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

95 %
HTTPS

28 %
IPv6

16
Domains

25
Subdomains

26
IPs

6
Countries

559 kB
Transfer

2143 kB
Size

24
Cookies

65 HTTP transactions
0 data transactions