5.187.56.63 Open in urlscan Pro
5.187.56.63 Public Scan

URL:
http://5.187.56.63/
Submission: On September 24 via manual (September 24th 2020, 12:32:17 pm UTC) from LU

Summary HTTP 240 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 52 IPs in 9 countries across 32 domains to perform 240 HTTP transactions. The main IP is 5.187.56.63, located in Switzerland and belongs to CORTEX-IT-AS http://www.cortex-it.ch, CH. The main domain is 5.187.56.63.

This is the only time 5.187.56.63 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
109	5.187.56.63 5.187.56.63	199092 (CORTEX-IT...) (CORTEX-IT-AS http://www.cortex-it.ch)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff0b	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
5	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
2	143.204.215.110 143.204.215.110	16509 (AMAZON-02) (AMAZON-02)
1 2	151.252.10.121 151.252.10.121	49788 (NEXTHOP) (NEXTHOP)
2	46.105.202.39 46.105.202.39	16276 (OVH) (OVH)
1	2606:4700:10:... 2606:4700:10::6814:15ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	217.79.188.59 217.79.188.59	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	217.79.188.2 217.79.188.2	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	89.187.169.37 89.187.169.37	60068 (CDN77) (CDN77)
2	2a02:26f0:6c0... 2a02:26f0:6c00:283::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	212.47.171.67 212.47.171.67	6830 (LIBERTYGL...) (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
4	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1 7	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
1	35.156.63.21 35.156.63.21	16509 (AMAZON-02) (AMAZON-02)
1	99.86.243.25 99.86.243.25	16509 (AMAZON-02) (AMAZON-02)
1	13.35.43.129 13.35.43.129	16509 (AMAZON-02) (AMAZON-02)
4 5	3.126.112.135 3.126.112.135	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
2	145.234.241.155 145.234.241.155	206567 (TAMEDIA-AS) (TAMEDIA-AS)
1 1	40.74.50.168 40.74.50.168	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	68.232.35.125 68.232.35.125	15133 (EDGECAST) (EDGECAST)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1 6	63.34.216.240 63.34.216.240	16509 (AMAZON-02) (AMAZON-02)
3 3	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
5	18.194.220.116 18.194.220.116	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
1	3.127.132.197 3.127.132.197	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	216.59.56.23 216.59.56.23	53334 (TUT-AS) (TUT-AS)
1	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1	216.59.56.193 216.59.56.193	53334 (TUT-AS) (TUT-AS)
1	216.58.208.38 216.58.208.38	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2006	15169 (GOOGLE) (GOOGLE)
5	2600:9000:214... 2600:9000:214f:b200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	151.101.36.84 151.101.36.84	54113 (FASTLY) (FASTLY)
19	104.244.38.20 104.244.38.20	7415 (ADSAFE-1) (ADSAFE-1)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	68.232.34.60 68.232.34.60	15133 (EDGECAST) (EDGECAST)
1	34.250.28.202 34.250.28.202	16509 (AMAZON-02) (AMAZON-02)
1	13.80.250.21 13.80.250.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	216.58.207.34 216.58.207.34	15169 (GOOGLE) (GOOGLE)
1	34.255.65.133 34.255.65.133	16509 (AMAZON-02) (AMAZON-02)
240	52

109 5.187.56.63 (Switzerland)

ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH)
PTR: 63-56-187-5.static.braincloud.ch

5.187.56.63	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4a0:1338:28::c38a:ff0b (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.110 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-110.fra53.r.cloudfront.net

tdn.da-services.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.252.10.121 (Oslo, Norway) 1 redirects

ASN49788 (NEXTHOP, NO)
PTR: a-cre.tamedia.ch

www.bilan.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.202.39 (France)

ASN16276 (OVH, FR)

u.heatmap.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:15ef (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.59 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.79.188.2 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ad1.adfarm1.adition.com

ad1.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.187.169.37 (Frankfurt am Main, Germany)

ASN60068 (CDN77, GB)
PTR: unn-89-187-169-37.cdn77.com

files.newsnetz.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:283::1931 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.47.171.67 (Switzerland) 1 redirects

ASN6830 (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding, aka AORTA), AT)

bilan.wemfbox.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.22.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.63.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-63-21.eu-central-1.compute.amazonaws.com

weather.da-services.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.243.25 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-25.vie50.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.43.129 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-43-129.mxp64.r.cloudfront.net

beagle.prod.tda.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.126.112.135 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-112-135.eu-central-1.compute.amazonaws.com

tagger.opecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.234.241.155 (Zurich, Switzerland)

ASN206567 (TAMEDIA-AS, CH)

epaper.tamedia.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.74.50.168 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.r66net.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.232.35.125 (United States)

ASN15133 (EDGECAST, US)

static.r66net.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bvt.r66net.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
box.r66net.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 63.34.216.240 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-216-240.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.244 (Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.194.220.116 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-220-116.eu-central-1.compute.amazonaws.com

pexus.prod.tda.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zuba.prod.tda.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.132.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-132-197.eu-central-1.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.59.56.23 (United States)

ASN53334 (TUT-AS, US)
PTR: customer.ipv4.totaluptime.com

u.videostep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.videostep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kwebstat.videostep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

eab1a9882a5cb9a3b6d29ce9f5bcf179.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.241 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.59.56.193 (United States)

ASN53334 (TUT-AS, US)
PTR: customer.ipv4.totaluptime.com

content.videostep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.208.38 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f38.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:214f:b200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.36.84 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.244.38.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: sjedt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.34.60 (United States)

ASN15133 (EDGECAST, US)

video.r66net.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.28.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-28-202.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.80.250.21 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

paid.invibes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.65.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-65-133.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	adsafeprotected.com 1 redirects cdn.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	198 KB
15	googlesyndication.com eab1a9882a5cb9a3b6d29ce9f5bcf179.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ade.googlesyndication.com	31 KB
14	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	137 KB
6	r66net.com 1 redirects k.r66net.com static.r66net.com bvt.r66net.com box.r66net.com video.r66net.com	32 KB
6	tda.link beagle.prod.tda.link pexus.prod.tda.link zuba.prod.tda.link	6 KB
6	googletagservices.com www.googletagservices.com	120 KB
5	facebook.net connect.facebook.net	228 KB
5	opecloud.com 4 redirects tagger.opecloud.com	2 KB
5	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	86 KB
4	videostep.com u.videostep.com content.videostep.com s.videostep.com kwebstat.videostep.com	2 KB
4	adnxs.com 3 redirects secure.adnxs.com ib.adnxs.com	4 KB
3	google.com apis.google.com adservice.google.com	67 KB
3	gstatic.com fonts.gstatic.com	28 KB
3	wemfbox.ch 1 redirects bilan.wemfbox.ch	1 KB
3	pinterest.com assets.pinterest.com log.pinterest.com	20 KB
3	adition.com imagesrv.adition.com ad1.adfarm1.adition.com	11 KB
3	da-services.ch tdn.da-services.ch weather.da-services.ch	111 KB
2	2mdn.net s0.2mdn.net	38 KB
2	facebook.com www.facebook.com	242 B
2	google-analytics.com 1 redirects www.google-analytics.com	238 B
2	twitter.com platform.twitter.com	29 KB
2	tamedia.ch epaper.tamedia.ch
2	googletagmanager.com 1 redirects www.googletagmanager.com	39 KB
2	newsnetz.ch files.newsnetz.ch	58 KB
2	pingdom.net rum-static.pingdom.net rum-collector-2.pingdom.net	3 KB
2	heatmap.it u.heatmap.it	11 KB
2	bilan.ch 1 redirects www.bilan.ch	261 B
2	googleapis.com fonts.googleapis.com	2 KB
1	invibes.com paid.invibes.com	170 B
1	google.de adservice.google.de	168 B
1	sharethis.com sync.sharethis.com	167 B
1	linkedin.com platform.linkedin.com	55 KB
240	32

	Domain	Requested by
19	dt.adsafeprotected.com	5.187.56.63
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net 5.187.56.63 tpc.googlesyndication.com
7	securepubads.g.doubleclick.net	1 redirects 5.187.56.63 www.googletagservices.com securepubads.g.doubleclick.net
6	pixel.adsafeprotected.com	1 redirects cdn.adsafeprotected.com securepubads.g.doubleclick.net 5.187.56.63
6	www.googletagservices.com	5.187.56.63 securepubads.g.doubleclick.net www.googletagservices.com s0.2mdn.net
5	static.adsafeprotected.com	pixel.adsafeprotected.com 5.187.56.63
5	pagead2.googlesyndication.com	ad.doubleclick.net www.googletagservices.com 5.187.56.63 securepubads.g.doubleclick.net
5	connect.facebook.net	5.187.56.63 connect.facebook.net
5	tagger.opecloud.com	4 redirects tdn.da-services.ch
4	zuba.prod.tda.link	beagle.prod.tda.link
3	secure.adnxs.com	3 redirects
3	cdn.krxd.net	5.187.56.63 cdn.krxd.net
3	fonts.gstatic.com	fonts.googleapis.com
3	bilan.wemfbox.ch	1 redirects 5.187.56.63
2	ade.googlesyndication.com	5.187.56.63
2	googleads4.g.doubleclick.net	5.187.56.63
2	s0.2mdn.net	5.187.56.63 s0.2mdn.net
2	www.facebook.com	connect.facebook.net 5.187.56.63
2	cm.g.doubleclick.net	2 redirects
2	stats.g.doubleclick.net	5.187.56.63
2	www.google-analytics.com	1 redirects 5.187.56.63
2	apis.google.com	5.187.56.63 apis.google.com
2	platform.twitter.com	5.187.56.63 platform.twitter.com
2	static.r66net.com	5.187.56.63 k.r66net.com
2	epaper.tamedia.ch	5.187.56.63
2	www.googletagmanager.com	1 redirects 5.187.56.63
2	assets.pinterest.com	5.187.56.63 assets.pinterest.com
2	files.newsnetz.ch	5.187.56.63
2	ad1.adfarm1.adition.com	5.187.56.63 ad1.adfarm1.adition.com
2	u.heatmap.it	5.187.56.63 u.heatmap.it
2	www.bilan.ch	1 redirects 5.187.56.63
2	tdn.da-services.ch	5.187.56.63 tdn.da-services.ch
2	fonts.googleapis.com	5.187.56.63
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	paid.invibes.com	5.187.56.63
1	kwebstat.videostep.com	5.187.56.63
1	beacon.krxd.net	cdn.krxd.net
1	video.r66net.com	5.187.56.63
1	box.r66net.com	5.187.56.63
1	bvt.r66net.com	5.187.56.63
1	log.pinterest.com	5.187.56.63
1	ad.doubleclick.net	www.googletagservices.com
1	s.videostep.com	5.187.56.63
1	content.videostep.com	k.r66net.com
1	ib.adnxs.com	tdn.da-services.ch
1	eab1a9882a5cb9a3b6d29ce9f5bcf179.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	u.videostep.com	k.r66net.com
1	consumer.krxd.net	cdn.krxd.net
1	sync.sharethis.com	5.187.56.63
1	pexus.prod.tda.link	5.187.56.63
1	k.r66net.com	1 redirects
1	beagle.prod.tda.link	tdn.da-services.ch
1	cdn.adsafeprotected.com	tdn.da-services.ch
1	weather.da-services.ch	tdn.da-services.ch
1	imagesrv.adition.com	5.187.56.63
1	rum-static.pingdom.net	5.187.56.63
1	platform.linkedin.com	5.187.56.63
240	59

This site contains links to these domains. Also see Links.

Domain
abo.bilan.ch
www.facebook.com
twitter.com
www.linkedin.com
epaper.bilan.ch
www.bilan.ch
femmesleaders.ch
plus.google.com
www.lematin.ch
www.lematindimanche.ch
www.24heures.ch
www.tdg.ch
www.femina.ch
www.tamedia.ch

Subject Issuer	Validity	Valid
*.bilan.ch GeoTrust RSA CA 2018	`2019-11-21` - `2021-11-20`	2 years	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
weather.da-services.ch Amazon	`2019-11-16` - `2020-12-16`	a year	crt.sh
tdn.da-services.ch Amazon	`2020-05-12` - `2021-06-12`	a year	crt.sh
*.adsafeprotected.com Amazon	`2020-08-19` - `2021-09-18`	a year	crt.sh
beagle.prod.tda.link Amazon	`2020-04-06` - `2021-05-06`	a year	crt.sh
*.opecloud.com Amazon	`2020-07-30` - `2021-08-31`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
s12.wac.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2019-02-07` - `2021-03-17`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
pexus.prod.tda.link Let's Encrypt Authority X3	`2020-08-06` - `2020-11-04`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
cdn.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-05` - `2021-03-06`	a year	crt.sh
zuba.prod.tda.link Let's Encrypt Authority X3	`2020-09-05` - `2020-12-04`	3 months	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
event.invibes.com COMODO RSA Domain Validation Secure Server CA	`2018-11-02` - `2020-11-16`	2 years	crt.sh
*.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2019-11-01` - `2020-12-01`	a year	crt.sh
s6.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-10-09` - `2020-11-09`	2 years	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-30` - `2021-01-30`	a year	crt.sh
paid.invibes.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-13` - `2022-05-07`	2 years	crt.sh

This page contains 12 frames:

Primary Page: http://5.187.56.63/
Frame ID: F34208CC32AE8566ABDFE5B39AC3AF5F
Requests: 223 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=http%3A%2F%2F5.187.56.63
Frame ID: BDB22F14565C223F091E68EF6719CCF5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: A3F4F644F7569A2102AAE8A14F99B9C4
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqOBrR2QBpRoTh-idmFovEteIpwK4Tlb8KjyUC8m_QZ9jsFeDKrEOTgLwZ6KbwJGXSqUwNpXAxCJk6zoyedRXYJCr1t72GrQfW7ZVKzk_TGOePYO-8kGLgbdaFIXeRf5N1ZXHA8pV1WgAG0Ck7Nay8LPg7g2RF8gP321p3XPul69W5yb-RVPdFq5CebsiZBcLYy3RmkNI01_JS3CFVsndSpCTNH6WBsew4GRyIMrRI3yxAY3CxLvPDgbwxAQ3zfz5F5qMIewsME19PGshjrIOCO3Xfd7yKLCYdFA53Qw&sig=Cg0ArKJSzCw1Ey8HMOz_EAE&urlfix=1&adurl=
Frame ID: 280B9CAB02040C281086DC644AEA63CA
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 77688B188922E962514F438010680771
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 92D61A7CDB6FB5971E3BD35AD30DA707
Requests: 1 HTTP requests in this frame

Frame: http://pixel.adsafeprotected.com/jload?anId=930546&campId=994x250&pubId=4554380394&chanId=21611370443&placementId=5482119049&pubCreative=138321150286&pubOrder=2734869073&cb=41742337&adsafe_par&impId=eb20f5e9-fe61-11ea-b058-02c790015d1e
Frame ID: 5D014140D5562A17A5CC12B063F57DD9
Requests: 2 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1211841CFA02A206CB14AA5D05A0A7AA
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 502B3660C5DFC3FFE1435635F59AE343
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/8203429/1600336020194/EDR_Chai_994x250_17Sept/index.html
Frame ID: 3CA650736BD8C5F4FA1243E9DDADCB1C
Requests: 1 HTTP requests in this frame

Frame: http://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: 1C297E9711AB059EF2996B146918131B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html
Frame ID: 42392D9F8B7B2185654BCDDD5A3DBFCF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers expires /19 Nov 1978/i

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

240
Requests

37 %
HTTPS

39 %
IPv6

32
Domains

59
Subdomains

52
IPs

9
Countries

3542 kB
Transfer

6161 kB
Size

1
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://abo.bilan.ch/tamstorefront/my-account
Title: Gérer mon abonnement

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MagazineBilan

Search URL Search Domain Scan URL

URL: https://twitter.com/bilanmagazine

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/bilan

Search URL Search Domain Scan URL

URL: http://epaper.bilan.ch/
Title: Epaper

Search URL Search Domain Scan URL

URL: http://www.bilan.ch/bourse
Title: Bourse

Search URL Search Domain Scan URL

URL: http://femmesleaders.ch/
Title: Femmes Leaders

Search URL Search Domain Scan URL

URL: http://www.bilan.ch/offres-dabonnements
Title: Abonnez vousà Bilan

Search URL Search Domain Scan URL

URL: http://www.bilan.ch/tag/brexit
Title: Brexit

Search URL Search Domain Scan URL

URL: http://www.bilan.ch/tag/energie
Title: Energie

Search URL Search Domain Scan URL

URL: https://plus.google.com/100250854475572764590/about

Search URL Search Domain Scan URL

URL: http://www.lematin.ch/
Title: Le Matin

Search URL Search Domain Scan URL

URL: http://www.lematindimanche.ch/
Title: Le Matin Dimanche

Search URL Search Domain Scan URL

URL: http://www.24heures.ch/
Title: 24heures

Search URL Search Domain Scan URL

URL: http://www.tdg.ch/
Title: Tribune de Genève

Search URL Search Domain Scan URL

URL: http://www.femina.ch/
Title: Femina

Search URL Search Domain Scan URL

URL: http://www.bilan.ch/content/conditions-generales-utilisation
Title: Conditions générales

Search URL Search Domain Scan URL

URL: http://www.bilan.ch/formulaire-de-contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.tamedia.ch/fr/marques/details/bilan
Title: Publicité

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

http://www.bilan.ch/sites/default/files/styles/odyssee_teaser__desktop/public/webdoc.jpg?version=1600950708 HTTP 301
https://www.bilan.ch/sites/default/files/styles/odyssee_teaser__desktop/public/webdoc.jpg?version=1600950708

Request Chain 112

http://assets.pinterest.com/js/pinit.js HTTP 307
https://assets.pinterest.com/js/pinit.js

Request Chain 118

http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 124

http://www.googletagmanager.com/gtm.js?id=GTM-NMX72D HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-NMX72D

Request Chain 142

http://k.r66net.com/GetNativeLink HTTP 302
https://static.r66net.com/script_s1/native9.5.js

Request Chain 154

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 155

http://connect.facebook.net/fr_FR/all.js HTTP 307
https://connect.facebook.net/fr_FR/all.js

Request Chain 157

http://bilan.wemfbox.ch/cgi-bin/ivw/CP/HOME?r=&d=66775.48676985168&x=1600x1200 HTTP 302
http://bilan.wemfbox.ch/blank.gif

Request Chain 162

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1658573682&utmhn=5.187.56.63&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Bilan%20%7C%20La%20r%C3%A9f%C3%A9rence%20suisse%20de%20l%27%C3%A9conomie%2C%20finance%2C%20immobilier%2C%20entreprises&utmhid=85062630&utmr=-&utmp=%2F&utmht=1600950709698&utmac=UA-25168856-1&utmcc=__utma%3D37670948.1517168362.1600950710.1600950710.1600950710.1%3B%2B__utmz%3D37670948.1600950710.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1581458460&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1658573682&utmhn=5.187.56.63&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Bilan%20%7C%20La%20r%C3%A9f%C3%A9rence%20suisse%20de%20l%27%C3%A9conomie%2C%20finance%2C%20immobilier%2C%20entreprises&utmhid=85062630&utmr=-&utmp=%2F&utmht=1600950709698&utmac=UA-25168856-1&utmcc=__utma%3D37670948.1517168362.1600950710.1600950710.1600950710.1%3B%2B__utmz%3D37670948.1600950710.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1581458460&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25168856-1&cid=1517168362.1600950710&jid=1581458460&_v=5.7.2&z=1658573682

Request Chain 167

https://secure.adnxs.com/getuid?https://pexus.prod.tda.link/v1/create/$UID/f705d4c4da428d8bdba3a142338f2f20/http%253A%252F%252F5.187.56.63%252F HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpexus.prod.tda.link%2Fv1%2Fcreate%2F%24UID%2Ff705d4c4da428d8bdba3a142338f2f20%2Fhttp%25253A%25252F%25252F5.187.56.63%25252F HTTP 302
https://pexus.prod.tda.link/v1/create/7466566853891906677/f705d4c4da428d8bdba3a142338f2f20/http%3A%2F%2F5.187.56.63%2F

Request Chain 168

https://tagger.opecloud.com/goldbach/v2/custom-no-tagger?type=tasync&taid=f705d4c4da428d8bdba3a142338f2f20 HTTP 302
https://tagger.opecloud.com/goldbach/v2/custom-no-tagger?type=tasync&taid=f705d4c4da428d8bdba3a142338f2f20&trackability-redirect=true HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Ftagger.opecloud.com%2Fappnexus%2Fpbfs.gif%3Fsource%3Dgoldbach%26state%3D2-pUp4FFXO0YvwOfYIwGiLWf%252BtgrLndtpTEw%253D%253D%26puid%3D%24UID HTTP 302
https://tagger.opecloud.com/appnexus/pbfs.gif?source=goldbach&state=2-pUp4FFXO0YvwOfYIwGiLWf%2BtgrLndtpTEw%3D%3D&puid=7466566853891906677 HTTP 302
https://cm.g.doubleclick.net/pixel?region=dbm&google_nid=1plusx_dmp&google_cm&state=2-WwDC5bRRCwAiXxpEGj4%2BwLox2sAWsRrpBw%3D%3D&source=goldbach HTTP 302
https://cm.g.doubleclick.net/pixel?region=dbm&google_nid=1plusx_dmp&google_cm=&state=2-WwDC5bRRCwAiXxpEGj4%2BwLox2sAWsRrpBw%3D%3D&source=goldbach&google_tc= HTTP 302
https://tagger.opecloud.com/dbm/opecs.gif?region=dbm&state=2-WwDC5bRRCwAiXxpEGj4%2BwLox2sAWsRrpBw%3D%3D&source=goldbach&google_gid=CAESEPHKF89BxLASi0_Os8Ht5Bs&google_cver=1 HTTP 302
https://sync.sharethis.com/opx?rurl=https%3A%2F%2Ftagger.opecloud.com%2Fsharethis%2Fpbfs.gif%3Fsource%3Dgoldbach%26state%3D2-Td4PgdJdmpWKp4bK9%252BTWZZcfuGMYiIPqVw%253D%253D%26puid%3D

Request Chain 205

https://pixel.adsafeprotected.com/rfw/st/478291/47859056/skeleton.js?adsafe_url=http%3A%2F%2F5.187.56.63%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:ed466e64-7066-2404-d41a-93ac75a13e7f,c:peuIzv,sl:inView,em:true,fr:true,mn:app31ie,pt:1-5-15,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,nbld:0,fm:sbvA1Mx+11|12|13|14*.478291-47859056|141|142|151|152|161|162|163|17,idMap:14*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:101,oid:eb84c09c-fe61-11ea-b77b-06cc0da90f4d,v:19.8.130,sp:1,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

240 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
5.187.56.63/ 79 KB
22 KB 8353ms
8339ms Document
text/html 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.9
Resource Hash: 9e624535f718a559e16f5df9a7e66f3b3d985f31f420cf90ae87ae684fc8bc75

Request headers

Host: 5.187.56.63
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.4.6 (Ubuntu)
Date: Thu, 24 Sep 2020 12:31:48 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.9-1ubuntu4.9
X-Drupal-Cache: MISS
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Content-Language: fr
X-UA-Compatible: IE=edge,chrome=1
X-Generator: Drupal 7 (http://drupal.org)
Link: <http://5.187.56.63/>; rel="canonical",<http://5.187.56.63/>; rel="shortlink"
X-Backend-Container: c9783d20c1b8
Content-Encoding: gzip

GET
H/1.1 200
OK system.base.css
5.187.56.63/modules/system/ 5 KB
6 KB 48ms
32ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/modules/system/system.base.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: bf6028e15a460586c16adb0210d268374501f60ecf36f11e554e2ffd089c636b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:48 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:55 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97b-1534"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5428
Expires: Sat, 24 Oct 2020 12:31:48 GMT

GET
H/1.1 200
OK comment.css
5.187.56.63/modules/comment/ 184 B
535 B 76ms
48ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/modules/comment/comment.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: dd1c7822082e5d2cda6242df595462dffc97bfb4ec52b3dd9af2a9abb27bca82

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:48 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:34 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b2-b8"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 184
Expires: Sat, 24 Oct 2020 12:31:48 GMT

GET
H/1.1 200
OK ctools.css
5.187.56.63/sites/all/modules/contrib/ctools/css/ 509 B
861 B 76ms
48ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/ctools/css/ctools.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 596cb5efcea1a31463ea879d1830c58058ecb10823d09b03ff6e72722593c6d1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:48 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:36 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b4-1fd"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 509
Expires: Sat, 24 Oct 2020 12:31:48 GMT

GET
H/1.1 200
OK normalize.css
5.187.56.63/sites/all/themes/bilannew/css/ 19 KB
20 KB 76ms
48ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/normalize.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 4cdbb39c2403a62d6b6866ac1812b9e3fa9c4890f955fee48debc0162621882e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:48 GMT
Last-Modified: Mon, 30 Oct 2017 12:52:39 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59f72097-4cb2"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19634
Expires: Sat, 24 Oct 2020 12:31:48 GMT

GET
H/1.1 200
OK font.css
5.187.56.63/sites/default/files/fontyourface/ 249 B
600 B 74ms
47ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/default/files/fontyourface/font.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 62345672ef32d4e4c84da518c76da9c211ea4c9f89d3c7a11ddaf2eb6c3a579d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:48 GMT
Last-Modified: Tue, 19 May 2015 08:18:49 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "555af1e9-f9"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 249
Expires: Sat, 24 Oct 2020 12:31:48 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 8 KB
1 KB 30ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:800,regular|Open+Sans+Condensed:300&subset=latin-ext

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96387c7ded58309dcdfd08767009afd54d43e484551b9f331684237045de9e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 24 Sep 2020 12:31:48 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Thu, 24 Sep 2020 12:31:48 GMT

GET
H/1.1 200
OK matchMedia.js Show response
5.187.56.63/sites/all/themes/bilannew/js/ 971 B
1 KB 282ms
31ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/js/matchMedia.js
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: b6b9f0c1e0397a2ee66ea891142f7b9d17ae612805a50c1ce059ff7cd698f73f

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97c-3cb"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 971
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK css3-mediaqueries.js Show response
5.187.56.63/sites/all/themes/bilannew/js/ 16 KB
16 KB 287ms
33ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/js/css3-mediaqueries.js
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 9bb8c145723c9d3d978a354564a9350df5dd30f2c6a0ba75daaafa394a0f4a0c

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97c-3e92"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16018
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK jquery-1.6.4.min.js Show response
5.187.56.63/sites/all/themes/bilannew/js/ 90 KB
90 KB 288ms
34ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/js/jquery-1.6.4.min.js?v=1.6
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 951d6bae39eb172f57a88bd686f7a921cf060fd21f59648f0d20b6a8f98fc5a5

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97c-16615"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91669
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK jquery.once.js Show response
5.187.56.63/misc/ 3 KB
3 KB 286ms
32ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/misc/jquery.once.js?v=1.2
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:34 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b2-b9e"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2974
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK drupal.js Show response
5.187.56.63/misc/ 16 KB
17 KB 317ms
35ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/misc/drupal.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: ab29fc25c427a9b892875636a38cdcc27de97b17e8d23c0b2d5a09fb3b589474

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:55 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97b-419d"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16797
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK fb.js Show response
5.187.56.63/sites/all/modules/contrib/fb/ 15 KB
15 KB 318ms
35ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/fb/fb.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 9dc15c9237ce1b413a74264baa4cf011e93d898666e140a54c727a5684265814

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:55 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97b-3bd2"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15314
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK admin_devel.js Show response
5.187.56.63/sites/all/modules/contrib/admin_menu/admin_devel/ 982 B
1 KB 320ms
33ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/admin_menu/admin_devel/admin_devel.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: f4561a4ca61ea5d2f456a36665b1dbdd583ce113bd6040cd3c847f2654f738e2

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:36 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b4-3d6"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 982
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK fr_TJ2-21xMgKuq4b_Yw8ylt-kP0udawkQzCKikAqnGRJE.js Show response
5.187.56.63/sites/default/files/languages/ 9 KB
9 KB 323ms
32ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/default/files/languages/fr_TJ2-21xMgKuq4b_Yw8ylt-kP0udawkQzCKikAqnGRJE.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 4c9dbedb5c4c80abaae1bfd8c3cca5b7e90fd2e75ac2443308a8a402a9c64491

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Nov 2017 14:55:45 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59f9e071-2261"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8801
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK fbconnect.js Show response
5.187.56.63/sites/all/modules/contrib/fbconnect/ 8 KB
8 KB 326ms
32ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/fbconnect/fbconnect.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: b027444fa971caf8b3244a9f93bb928224b593b04c268949002c7929159de113

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:36 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b4-1f57"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8023
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK tamedia_newhomepage.js Show response
5.187.56.63/sites/all/modules/custom/tamedia_newhomepage/ 2 KB
2 KB 349ms
31ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/custom/tamedia_newhomepage/tamedia_newhomepage.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: e0d0395fc9d3a1f6c1e749e5eeaa29c3ac8d2d83a6b979e33c4594b834881e56

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97c-649"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1609
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK in.js Show response
platform.linkedin.com/ 181 KB
55 KB 21ms
5ms Script
text/javascript 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.linkedin.com/in.js?async=true
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: Play /
Resource Hash: 5f0dd0fa7ad02b68fdacc938dfa1a1e1fc61d07f688e9b503c8bee84d16d88f9

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-LI-UUID: 3c36wx22NxZA3Z/nRisAAA==
Date: Thu, 24 Sep 2020 12:31:48 GMT
Content-Encoding: gzip
X-CDN-CLIENT-IP-VERSION: IPV6
Server: Play
X-Li-Pop: prod-esv5
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Connection: keep-alive
X-LI-Proto: http/1.1
Content-Length: 55598
X-CDN: AKAM
X-Li-Fabric: prod-lor1
Expires: Thu, 24 Sep 2020 12:53:51 GMT

GET
H/1.1 200
OK twitter_button.js Show response
5.187.56.63/sites/all/modules/contrib/service_links/js/ 550 B
918 B 349ms
31ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/service_links/js/twitter_button.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 3eb091621ce3db9073798548130c3e40c035dd27858aecd9aa48f95ab3df983b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97c-226"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 550
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK google_plus_one.js Show response
5.187.56.63/sites/all/modules/contrib/service_links/js/ 1 KB
2 KB 351ms
31ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/service_links/js/google_plus_one.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: a9425bf58095739ac9220679ea79198ab6917a0c9cb1be466241370af2b91022

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:36 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b4-55f"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1375
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK googleanalytics.js Show response
5.187.56.63/sites/all/modules/contrib/google_analytics/ 3 KB
4 KB 358ms
32ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/google_analytics/googleanalytics.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 4da045456b8ace9bcd3f4b9fdbd20c279c465b748a5531ebbe05d7f453c0af5d

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:55 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97b-d53"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3411
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK facebook_share.js Show response
5.187.56.63/sites/all/modules/contrib/service_links/js/ 1 KB
2 KB 357ms
31ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/service_links/js/facebook_share.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: c2ab66d101b0849e72774e3df7976216b15ab51b87a8615cd8c623a1bd97a8ea

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:36 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b4-54d"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1357
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK linkedin_share_button.js Show response
5.187.56.63/sites/all/modules/contrib/service_links/js/ 963 B
1 KB 380ms
31ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/service_links/js/linkedin_share_button.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: f71db38fdd60f6dd4d70d48a7ebdf62030aadd226604d4d6efe13e89e024b77e

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:36 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b4-3c3"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 963
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK jquery.flexslider-min.js Show response
5.187.56.63/sites/all/libraries/flexslider/ 21 KB
21 KB 383ms
35ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/libraries/flexslider/jquery.flexslider-min.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:55 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97b-53ae"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21422
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK klass.min.js Show response
5.187.56.63/sites/all/libraries/photoswipe/lib/ 1 KB
2 KB 381ms
31ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/libraries/photoswipe/lib/klass.min.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 4f81ee19dd33fdd9156ec3b66c95e0efe005bbaa0b3cd27da92d9e4acc61db52

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:35 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b3-4b0"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1200
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK code.photoswipe.jquery-3.0.5.min.js Show response
5.187.56.63/sites/all/libraries/photoswipe/ 75 KB
76 KB 387ms
34ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/libraries/photoswipe/code.photoswipe.jquery-3.0.5.min.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 82003098565636ab958aed975f57a730a9f6114bcefaeb3a3d21a2b9e07c3aa9

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:35 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b3-12d46"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77126
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK CFInstall.min.js Show response
5.187.56.63/sites/all/themes/bilannew/js/ 4 KB
4 KB 390ms
32ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/js/CFInstall.min.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: cdde1b3594a86dbefb8f4c68dbd2a152b5af0ad57a9a5ae492dcad693769fb27

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97c-e0e"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3598
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK fastclick.js Show response
5.187.56.63/sites/all/themes/bilannew/js/ 11 KB
12 KB 392ms
33ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/js/fastclick.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 94bdc44e57c77dc3a02d7a3d14059f4a7d67d1d141a623acfa5c3513017a9795

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97c-2dd9"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11737
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK enquire.min.js Show response
5.187.56.63/sites/all/themes/bilannew/js/ 3 KB
3 KB 411ms
31ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/js/enquire.min.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 852cc61172072aab1725a467072e483626ff97aa4bc84175badb1a93268598b9

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97c-a1a"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2586
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK ads.js Show response
5.187.56.63/sites/all/themes/bilannew/js/ 1 KB
1 KB 412ms
31ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/js/ads.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: a64ef1405411700c82222c062ac5acd66573635ad9978d16824945fdf648bfa0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 22 Nov 2017 09:35:34 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5a1544e6-401"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1025
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK device.min.js Show response
5.187.56.63/sites/all/themes/bilannew/js/ 3 KB
4 KB 416ms
31ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/js/device.min.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 1b5c7a13ae84c74a93a18a23eca7a8ba5654a9282bb936bbd8f3f280cfa7dfe6

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97c-d72"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3442
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK scriptnew.js Show response
5.187.56.63/sites/all/themes/bilannew/js/ 2 KB
3 KB 421ms
31ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/js/scriptnew.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 0171cc6aa23901dbbd53223a7c3f8b5a43bd9ddcf3c34f01a464d04748be20d9

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Fri, 23 Sep 2016 14:48:24 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "57e540b8-95f"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2399
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK SocialShare.js Show response
5.187.56.63/sites/all/themes/bilannew/js/ 21 KB
22 KB 423ms
33ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/js/SocialShare.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: a0a2356ab4ecca2a4a174e53d6b9c4690e4bfd07bd24fe3bb6bcd337d4b412cc

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Tue, 10 Jan 2017 13:22:18 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5874e00a-55b7"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21943
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK fixto.min.js Show response
5.187.56.63/sites/all/themes/bilannew/js/ 9 KB
9 KB 423ms
32ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/js/fixto.min.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 65018b34848eb6741d45d2b003c3aeec4c8456d9c4da4d680593c1af935c190b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Tue, 05 Jul 2016 07:57:51 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "577b687f-225e"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8798
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK jquery.ba-resize.min.js Show response
5.187.56.63/sites/all/themes/bilannew/js/ 1 KB
1 KB 441ms
31ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/js/jquery.ba-resize.min.js
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: c81f8531af91e475374160a85fc008bfd60e39c24fb03c98e85fc498cab535b1

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97c-44a"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1098
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 52 KB
18 KB 54ms
39ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js?t=732182929

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b846e3256bfb4b9904c071001321ec879ee871621dea0343f6ee87003df8374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "642 / 937 of 1000 / last-modified: 1600945841"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 17783
X-XSS-Protection: 0
Expires: Thu, 24 Sep 2020 12:31:49 GMT

GET
H/1.1 200
OK bilan.js Show response
tdn.da-services.ch/current/ 183 KB
58 KB 66ms
34ms Script
application/javascript 143.204.215.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://tdn.da-services.ch/current/bilan.js
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 143.204.215.110 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-110.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b9cbf26c51756e96056a34ebc26f54f39ed030cd740218997ed3e9cbee1b1cdc

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:12:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Sep 2020 12:23:52 GMT
Server: AmazonS3
Age: 1141
ETag: "6a524447bb6e29fc8e1218df66a21802"
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=utf-8
Via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 59157
X-Amz-Cf-Id: -gwCKTHl9qpwzLgp7jDuLpszpF80f1ssq0N7cSmRcGE5U5DB4H1Eaw==

GET
H/1.1 200
OK placement.js Show response
5.187.56.63/sites/all/themes/bilannew/js/ 12 KB
12 KB 443ms
32ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/js/placement.js?v1
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 8912192116f0edc9ff079644bce439d62a4281f346fb50f8a82bbea8114ede93

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Fri, 02 Feb 2018 08:40:28 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5a7423fc-2eb7"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11959
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK uber_eats_image_8.jpg
5.187.56.63/sites/default/files/styles/full__desktop/public/story/1073931/ 64 KB
64 KB 48ms
38ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/full__desktop/public/story/1073931/uber_eats_image_8.jpg?itok=zMnsq6mT
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 9307b97f740d9e4c37efda95e0723040d61b1b62b1fcec19e33830bc3a1e0e79

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Tue, 06 Nov 2018 17:27:16 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5be1cef4-10048"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65608

GET
H/1.1 200
OK bitcoinneigehdmnb.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073613/ 10 KB
11 KB 45ms
35ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073613/bitcoinneigehdmnb.jpg?itok=_D4ib1XN
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 110d19eacf821d79321e5173aee2fd2482fb549213183bb08a99a4465bc6b1c2

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 22 Oct 2018 19:08:48 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5bce2040-29af"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10671

GET
H/1.1 200
OK photo_2awerhar.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073615/ 18 KB
18 KB 43ms
34ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073615/photo_2awerhar.jpg?itok=4ErR_qIw
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: d30b98191efdb8888f03dfa599c41269a0e4a04a6c90d7c3c2e33e37e7017ad2

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 22 Oct 2018 19:12:34 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5bce2122-4761"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18273

GET
H/1.1 200
OK 8991487.image_.jpeg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073853/ 22 KB
22 KB 45ms
35ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073853/8991487.image_.jpeg?itok=smirv0IG
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 5cbbd141da99c666fe92409c3b650fa641af1296b93668bd80a246a404f8a825

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Fri, 02 Nov 2018 14:49:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5bdc63f9-576f"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22383

GET
H/1.1 200
OK dji_osmo2.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1072757/ 11 KB
11 KB 36ms
34ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1072757/dji_osmo2.jpg?itok=PkZru7jm
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: c7970725379a1ed295ccda35880bad25467bd8c7aaf5db0630b38078ba6d4a80

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Sun, 16 Sep 2018 12:42:58 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5b9e4fd2-2bda"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11226

GET
H/1.1 200
OK dumont_0.jpg
5.187.56.63/sites/default/files/styles/teaser__desktop/public/ 9 KB
10 KB 33ms
32ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/teaser__desktop/public/dumont_0.jpg?itok=hgDD9I-2
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: c1ad19c22f61c4aefbcaacd4f83436e37d2036708e1ca20f73b8fcba7af80194

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 29 Mar 2017 09:56:53 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "58db84e5-2539"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9529

GET
H/1.1 200
OK meyersteven_blog.jpg
5.187.56.63/sites/default/files/styles/teaser__desktop/public/ 6 KB
6 KB 34ms
33ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/teaser__desktop/public/meyersteven_blog.jpg?itok=Dd5Go8DC
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 291feae463ef68618515309bf72a1056117824378a0f9bc36772696dee89caa5

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 13 Sep 2017 13:04:46 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59b92cee-168f"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5775

GET
H/1.1 200
OK suzanne_hraba-renevey_0.jpg
5.187.56.63/sites/default/files/styles/teaser__desktop/public/ 5 KB
5 KB 32ms
31ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/teaser__desktop/public/suzanne_hraba-renevey_0.jpg?itok=QiDqlwbQ
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93724ea639c2a93df83c9924448bbaba20ba10d48990233bbb39b14df51adab9

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Thu, 30 Mar 2017 09:30:35 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "58dcd03b-1203"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4611

GET
H/1.1 200
OK emploi_tech-pixabay.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073951/ 16 KB
16 KB 33ms
33ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073951/emploi_tech-pixabay.jpg?itok=GmtgDC0d
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 8c061157f3f59743b80ee1e55c77f808c4034b67f538f23dcc67433fc50dd228

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Thu, 08 Nov 2018 07:52:48 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5be3eb50-3eef"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16111

GET
H/1.1 200
OK sunrise-keystone.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073949/ 13 KB
13 KB 32ms
32ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073949/sunrise-keystone.jpg?itok=rPtQz6uc
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: a10b5a8d53e9173fad201914d98a5dac42c1d72c381f81323da632f173e99b7c

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Thu, 08 Nov 2018 07:09:49 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5be3e13d-334c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13132

GET
H/1.1 200
OK ubs-usa-reuters.jpeg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073947/ 19 KB
19 KB 34ms
33ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073947/ubs-usa-reuters.jpeg?itok=J-6EdGK5
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: f7610f32aa570979f562c28b29b95db132ce5139ab645ff5281e340eeb24c828

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Thu, 08 Nov 2018 06:57:17 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5be3de4d-4cba"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19642

GET
H/1.1 200
OK tong_ren_tang.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073945/ 33 KB
33 KB 35ms
34ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073945/tong_ren_tang.jpg?itok=fSpB4Txz
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 399fd41b4edff964767c04138526a8c2b0ea1fb7467ed7bc8ca0a55de2443931

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Thu, 08 Nov 2018 06:42:51 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5be3daeb-8258"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33368

GET
H/1.1

404
Not Found

webdoc.jpg
www.bilan.ch/sites/default/files/styles/odyssee_teaser__desktop/public/
Redirect Chain

http://www.bilan.ch/sites/default/files/styles/odyssee_teaser__desktop/public/webdoc.jpg?version=1600950708
https://www.bilan.ch/sites/default/files/styles/odyssee_teaser__desktop/public/webdoc.jpg?version=1600950708

0
0

439ms
291ms

Image
text/html

151.252.10.121
NEXTHOP

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bilan.ch/sites/default/files/styles/odyssee_teaser__desktop/public/webdoc.jpg?version=1600950708
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.252.10.121 Oslo, Norway, ASN49788 (NEXTHOP, NO),
Reverse DNS: a-cre.tamedia.ch
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location: https://www.bilan.ch/sites/default/files/styles/odyssee_teaser__desktop/public/webdoc.jpg?version=1600950708
Date: Thu, 24 Sep 2020 12:31:49 GMT
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK log.js Show response
u.heatmap.it/ 27 KB
11 KB 53ms
38ms Script
application/x-javascript 46.105.202.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://u.heatmap.it/log.js
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 79c79d9039382cd34e2e9aa463f85c160d3890c688941fc6837cc2cf81919643

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 07:44:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Jun 2020 07:05:45 GMT
X-CDN-Pop-IP: 137.74.120.32/27
X-Cacheable: Matched cache
Vary: Accept-Encoding
X-IPLB-Instance: 32129
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: max-age=604800
X-CDN-Pop: sbg
Accept-Ranges: bytes
Content-Length: 10998
X-Request-ID: 7438340
Expires: Thu, 24 Sep 2020 08:44:04 GMT

GET
H/1.1 200
OK prum.min.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 35ms
28ms Script
application/javascript 2606:4700:10::6814:15ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rum-static.pingdom.net/prum.min.js
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 2606:4700:10::6814:15ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0054cb907bee526169a8718932e3949ed5d5c6468342cf4daa7bd052c77b38c

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 13 May 2020 13:49:07 GMT
Server: cloudflare
Age: 4798
ETag: W/"5ebbfad3-1880"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5d7c864e3a360eab-FRA
cf-request-id: 0561b244e600000eab719ef200000001

GET
H/1.1 200
OK system.messages.css
5.187.56.63/modules/system/ 961 B
1 KB 68ms
47ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/modules/system/system.messages.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: d0bbad771a8a5ac5f9446791109693aeca1d676d44ced48f8514857f7d3e6fd0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:48 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:35 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b3-3c1"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 961
Expires: Sat, 24 Oct 2020 12:31:48 GMT

GET
H/1.1 200
OK system.theme.css
5.187.56.63/modules/system/ 4 KB
4 KB 72ms
31ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/modules/system/system.theme.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: ff7750952a601dbf03688b01a2eced6e5671a8335393eb063201bb732f12c99a

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:48 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:35 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b3-e7f"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3711
Expires: Sat, 24 Oct 2020 12:31:48 GMT

GET
H/1.1 200
OK date.css
5.187.56.63/sites/all/modules/contrib/date/date_api/ 4 KB
4 KB 102ms
32ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/date/date_api/date.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 1dbc835b3f505cbcddf95fc329ba74416a6247867c722a8c083d47641a64a0f4

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:55 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97b-e95"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3733
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK datepicker.1.7.css
5.187.56.63/sites/all/modules/contrib/date/date_popup/themes/ 4 KB
4 KB 103ms
33ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/date/date_popup/themes/datepicker.1.7.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 2260eb1cffb528a8fadcc8aa8c8f436593e0c2b8ec7540f690c8290ad6096bf9

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:36 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b4-e8a"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3722
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK date_repeat_field.css
5.187.56.63/sites/all/modules/contrib/date/date_repeat_field/ 2 KB
3 KB 102ms
32ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/date/date_repeat_field/date_repeat_field.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: e3e880b171c00f7bc1cf208443b8dbb707c29d9736f35b07945ab6e8b8db8795

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:36 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b4-8f6"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2294
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK field.css
5.187.56.63/sites/all/modules/contrib/fences/ 457 B
809 B 101ms
31ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/fences/field.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 18ccaf807271688bbdfeab3a885e9339cbbf70de1f6f7c1be532370bfd36d221

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:36 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b4-1c9"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 457
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK node.css
5.187.56.63/modules/node/ 144 B
495 B 103ms
31ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/modules/node/node.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 4569fbfef2a73b2369d1e070a2ce3511f5a8c6a22a7cd6d61baf4982e75a21ee

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:34 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b2-90"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 144
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK poll.css
5.187.56.63/modules/poll/ 809 B
1 KB 113ms
30ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/modules/poll/poll.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 339f934d19697dada0e0fbc9c0fcbec7d4b25aee42520fa15cb27334e8cc617b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:34 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b2-329"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 809
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK user.css
5.187.56.63/modules/user/ 2 KB
2 KB 135ms
31ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/modules/user/user.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 63eeb9baf46a801bccb55ef3c1a60610e820d57f90814480a393a0ec8edb36a3

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:35 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b3-723"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1827
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK webform_pager.css
5.187.56.63/sites/all/modules/contrib/webform_pager/css/ 1 KB
2 KB 136ms
32ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/webform_pager/css/webform_pager.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 0c2ee587326344778fe7763d4d279fe5609ced8ee971968b7b996af8d4609ced

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:37 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b5-558"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1368
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK views.css
5.187.56.63/sites/all/modules/contrib/views/css/ 707 B
1 KB 137ms
32ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/views/css/views.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 0dd53ceca07de8b1b2c16d9fee7a1d33dc90bc462a24abd38b2b9da7b8d27bc2

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:37 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b5-2c3"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 707
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK fbconnect.css
5.187.56.63/sites/all/modules/contrib/fbconnect/ 1 KB
2 KB 137ms
33ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/fbconnect/fbconnect.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: d167d9827030a1e20cea805c76a3416ad83061e65684ca3ed05a9c93b5625cca

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:36 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b4-578"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1400
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK panels.css
5.187.56.63/sites/all/modules/contrib/panels/css/ 843 B
1 KB 135ms
31ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/modules/contrib/panels/css/panels.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: af400fc3600c1a1da35fbd012ad788f40a68d31ada8ebf2e8a84bc9d5e9fa603

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:36 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b4-34b"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 843
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK sl_sprites.css
5.187.56.63/sites/default/files/ 626 B
978 B 143ms
30ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/default/files/sl_sprites.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 068b733c8dc8a8344c5d16a7a2c6087bce5fa7a6b4d05398b189c57e5276fd06

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Tue, 29 Nov 2016 15:49:29 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "583da389-272"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 626
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK flexslider.css
5.187.56.63/sites/all/libraries/flexslider/ 4 KB
4 KB 169ms
31ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/libraries/flexslider/flexslider.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: d622f228812e8abba2a271adcded587ae3c3c9525b5349f2eb22625e1e7c4744

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:35 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b3-f04"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3844
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK photoswipe.css
5.187.56.63/sites/all/libraries/photoswipe/ 4 KB
4 KB 170ms
31ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/libraries/photoswipe/photoswipe.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 37d82f1024d93cfe2e90b9de4beb0f08778e6aeb9e1479ac465f2afd57808365

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:44:35 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed8b3-e4b"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3659
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK anonymous.css
5.187.56.63/sites/all/themes/bilannew/css/ 66 B
416 B 171ms
32ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/anonymous.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 3660a99d88add1131c80b896102f66d41bf68624896e53e721ff8d8709d9429b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97c-42"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK wireframes.css
5.187.56.63/sites/all/themes/bilannew/css/ 3 KB
3 KB 170ms
32ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/wireframes.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 8ead80b1fc14c5147010bcdf6e9b3cfe0c5396e4525e894be7bfa101648bbc4b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 30 Oct 2017 12:52:37 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59f72095-a2b"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2603
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK responsive-sidebars.css
5.187.56.63/sites/all/themes/bilannew/css/layouts/ 26 KB
27 KB 172ms
33ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/layouts/responsive-sidebars.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 53f86ce47213f91beb0fdb718a114345daa2aa8db9ce72aa861f5d69c5380e9c

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 30 Oct 2017 12:52:33 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59f72091-69eb"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27115
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK tabs.css
5.187.56.63/sites/all/themes/bilannew/css/ 5 KB
6 KB 175ms
31ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/tabs.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 01930af554cfa47329916293264c86983bec2ce8243135624d23069859ddeda9

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 30 Oct 2017 12:52:38 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59f72096-1583"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5507
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK pages.css
5.187.56.63/sites/all/themes/bilannew/css/ 66 KB
66 KB 205ms
33ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/pages.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 9e72b4b672dd0bf17b5047a715fa68424360ec5f89f9aa0849979363ca5f84b4

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 30 Oct 2017 12:52:31 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59f7208f-106c3"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67267
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK blocks.css
5.187.56.63/sites/all/themes/bilannew/css/ 5 KB
6 KB 204ms
33ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/blocks.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 61113688d241c38b05a23132c7e306fe36a2d1a4758ae645dc2191114bc320b7

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 30 Oct 2017 12:52:32 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59f72090-14b8"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5304
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK navigation.css
5.187.56.63/sites/all/themes/bilannew/css/ 9 KB
9 KB 205ms
33ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/navigation.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 4be61592f76593200440c3421678edab585bb2609bffc4212033c99699c32efa

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 30 Oct 2017 12:52:32 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59f72090-2293"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8851
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK views-styles.css
5.187.56.63/sites/all/themes/bilannew/css/ 3 KB
4 KB 203ms
31ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/views-styles.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: a499b1ff1fd2d3208de908b41e3192c91b0fd3303f9c7a2014f7f6c6786d5b25

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 30 Oct 2017 12:52:30 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59f7208e-d0e"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3342
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK nodes.css
5.187.56.63/sites/all/themes/bilannew/css/ 144 KB
145 KB 208ms
33ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/nodes.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 12c87ec664ec38ac62588243911e5c724f8ca38c39d32268a1720cf6aa0f9eae

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 30 Oct 2017 12:52:38 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59f72096-240f7"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 147703
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK comments.css
5.187.56.63/sites/all/themes/bilannew/css/ 5 KB
5 KB 211ms
31ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/comments.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 491078a322f95023a81170887789413a8739a8899d4b012784bd0b02ad048560

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 30 Oct 2017 12:52:39 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59f72097-13bc"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5052
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK forms.css
5.187.56.63/sites/all/themes/bilannew/css/ 12 KB
12 KB 239ms
33ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/forms.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 4140f57734221f565c801fb4643ec4b4b454eccb10fbdf9117acc6ea4c6ca24b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 30 Oct 2017 12:52:38 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59f72096-2f6e"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12142
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK fields.css
5.187.56.63/sites/all/themes/bilannew/css/ 3 KB
3 KB 238ms
32ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/fields.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: ad16a692a0cf57c7ea52b76a8a682f747e91a94fa9bbac233558e5fac20bcba7

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 30 Oct 2017 12:52:37 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59f72095-bf3"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3059
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK print.css
5.187.56.63/sites/all/themes/bilannew/css/ 4 KB
5 KB 238ms
32ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/print.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 88d512cc40ee5cc37b04b6691d193e920f2e1cd81fbac69ef0842b993d3049d8

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 30 Oct 2017 12:52:38 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59f72096-10a4"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4260
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK add2home.css
5.187.56.63/sites/all/themes/bilannew/css/ 5 KB
5 KB 242ms
31ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/add2home.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: c9c00ced5ab6492068e85cee58e9ed1157b9bc1a8bbd201eeedbd45d7842dc34

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97c-140b"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5131
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK jquery-ui-1.9.1.custom.min.css
5.187.56.63/sites/all/themes/bilannew/css/ 27 KB
27 KB 269ms
33ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/jquery-ui-1.9.1.custom.min.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: ab876d1286eab69197cdcb877e1d9d7fc3651746a657edd329ee8fb537298e83

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97c-6aaa"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27306
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK bilannew.css
5.187.56.63/sites/all/themes/bilannew/css/ 379 KB
379 KB 271ms
32ms Stylesheet
text/css 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: c50c5d69990f54337566b87532705a92b4ffb368165edcdd65b32afa01eee10c

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 30 Oct 2017 12:52:32 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59f72090-5ea19"
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 387609
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK capecranbouteilles.png
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073891/teaser/ 135 KB
135 KB 34ms
33ms Image
image/png 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073891/teaser/capecranbouteilles.png?itok=YYsBD_gM
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 157d4898f4e6bbadbd2b1f0ee93ac1a06ba76de7568ec9e86dcb49bf752f458a

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 05 Nov 2018 07:49:16 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5bdff5fc-21b9d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138141

GET
H/1.1 200
OK adition.js Show response
imagesrv.adition.com/js/ 29 KB
9 KB 54ms
40ms Script
application/javascript 217.79.188.59
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: http://imagesrv.adition.com/js/adition.js
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 217.79.188.59 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 670e771fc712c606c8cfa04a9118b193afd0d5378b539d3a72e9a973eaad2087

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Aug 2020 14:15:52 GMT
ETag: "1759501300"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 8763

GET
H/1.1 200
OK js Show response
ad1.adfarm1.adition.com/ 1 KB
1 KB 67ms
43ms Script
application/x-javascript 217.79.188.2
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: http://ad1.adfarm1.adition.com/js?wp_id=2674635
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 217.79.188.2 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad1.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: cc211921e314f293043154a7902f3da41f2f00c7e0d2d48881336a8f0c00996f

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 14:31:49 +0200
Content-Encoding: gzip
Server: ADITIONSERVER v1.0
Transfer-Encoding: chunked
P3P: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Cache-Control: max-age=600
Connection: keep-alive
Content-Type: application/x-javascript
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK shutterstock_534464614_modif.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073197/ 16 KB
17 KB 33ms
32ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073197/shutterstock_534464614_modif.jpg?itok=_NrzOZhZ
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 40fd49cc47327c7da9ed5b7583c2e61898285a1e79b30c6080f3e832eada573b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Tue, 02 Oct 2018 23:12:53 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5bb3fb75-411d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16669

GET
H/1.1 200
OK femmes_leaders382.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073869/ 17 KB
17 KB 33ms
32ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073869/femmes_leaders382.jpg?itok=ELpSpvhA
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 3c5e5359c27a373b46a55d683211e79fad98df01c9a1ba203d7f75e794d73c2d

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 05 Nov 2018 09:30:59 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5be00dd3-44c2"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17602

GET
H/1.1 200
OK 1.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073399/ 12 KB
12 KB 33ms
32ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073399/1.jpg?itok=T-bVGqEZ
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 084755d3447197524373d3dd7ef6b9329eb1c681877f0218191adc746e09a4ca

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Fri, 12 Oct 2018 10:36:05 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5bc07915-307a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12410

GET
H/1.1 200
OK prixnobel.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073315/ 23 KB
24 KB 33ms
33ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073315/prixnobel.jpg?itok=wcmS9_wh
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: cdfe1a33ff2907533cff360284da7953ae95bfd9d8eec933212154e28822ce7f

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 08 Oct 2018 12:15:09 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5bbb4a4d-5daa"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23978

GET
H/1.1 200
OK myret_pic_profil.png
5.187.56.63/sites/default/files/styles/teaser__desktop/public/ 50 KB
51 KB 32ms
32ms Image
image/png 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/teaser__desktop/public/myret_pic_profil.png?itok=XWiOSzZo
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 5548ea321932671fba2a5aa9a912d3f4a073727c9885c33d6b2e00413b1e3950

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 29 Mar 2017 09:34:23 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "58db7f9f-c953"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51539

GET
H/1.1 200
OK radonbernard2nb_web_0.jpg
5.187.56.63/sites/default/files/styles/teaser__desktop/public/ 4 KB
5 KB 32ms
32ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/teaser__desktop/public/radonbernard2nb_web_0.jpg?itok=EcGb_LCe
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 4db995ceedbf2d625887e4ff319546ef3c4f462059b8b2ead92368f60c94ee4f

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 29 Mar 2017 13:08:05 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "58dbb1b5-11b5"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4533

GET
H/1.1 200
OK levy_paul-edgar.jpg
5.187.56.63/sites/default/files/styles/teaser__desktop/public/ 5 KB
5 KB 32ms
31ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/teaser__desktop/public/levy_paul-edgar.jpg?itok=G8SvrS9b
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: f5eed12d4c265df78b87b39e4f4ed7561f35e69104cd58f2ae3e730ef63dd0e8

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Tue, 03 Oct 2017 14:49:51 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "59d3a38f-142e"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5166

GET
H/1.1 200
OK alexnb5.jpg
5.187.56.63/sites/default/files/styles/teaser__desktop/public/ 8 KB
8 KB 32ms
31ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/teaser__desktop/public/alexnb5.jpg?itok=kvFIvGt9
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 9c1b821b526015a86120b9adb87d4dbd03431772ce5fc122c69e71716610e4f6

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Sat, 09 Jun 2018 11:01:25 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5b1bb385-20b1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8369

GET
H/1.1 200
OK giussoni_olivia.jpeg
5.187.56.63/sites/default/files/styles/teaser__desktop/public/ 7 KB
7 KB 32ms
32ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/teaser__desktop/public/giussoni_olivia.jpeg?itok=GL0O2PHa
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 4e31c3ec3e18944be035086f9153437df43726b0090bd0bd1a7658224ed7b2f6

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Tue, 06 Mar 2018 06:44:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5a9e38e8-1a25"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6693

GET
H/1.1 200
OK img_2075.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073301/ 19 KB
19 KB 33ms
33ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073301/img_2075.jpg?itok=8sf88dz_
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: e40f5ac3fe7b072cd1ecb3acbfe6a7e5f7010bc96caed07614f82e43e388262d

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Sun, 07 Oct 2018 20:41:12 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5bba6f68-4a3a"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19002

GET
H/1.1 200
OK camille-vial-youtube-mirabaud.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073923/ 9 KB
9 KB 36ms
31ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073923/camille-vial-youtube-mirabaud.jpg?itok=YhAesO_Y
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 8a78502c1755dd4429d21d4feb9ae6f8b71c7d0a566131249946cc091d6e6679

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Tue, 06 Nov 2018 11:12:37 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5be17725-2477"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9335

GET
H/1.1 200
OK vignette.png
files.newsnetz.ch/_nn/bilan/ 51 KB
51 KB 187ms
154ms Image
image/png 89.187.169.37
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://files.newsnetz.ch/_nn/bilan/vignette.png

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

HTTP/1.1

Server

89.187.169.37 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-89-187-169-37.cdn77.com

Software

BunnyCDN-DE1-601 /

Resource Hash

07b6825d504bbcb7f5a47193a9087ff5cdcb897dd2dc48673eff98e3791cc35b

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
CDN-EdgeStorageId: 565
Age: 0
CDN-CachedAt: 2020-09-24 14:31:49
CDN-PullZone: 119638
Connection: keep-alive
Content-Length: 51774
Access-Control-Allow-Origin: *
Last-Modified: Mon, 21 Mar 2016 15:01:06 GMT
Server: BunnyCDN-DE1-601
Strict-Transport-Security: max-age=60
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/png
CDN-Cache: MISS
CDN-Uid: b7c9ba0d-477f-47aa-a744-9ebfddf2293b
Cache-Control: max-age=300, stale-while-revalidate = 86400, stale-if-error = 86400
Access-Control-Allow-Credentials: true
CDN-RequestId: b9234bb7a87152dd0e225a091ce91a76
CDN-RequestCountryCode: FR
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 24 Sep 2020 15:29:43 GMT

GET
H/1.1 200
OK mcim01919046_karsten-ottenberg.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1072729/ 10 KB
10 KB 33ms
32ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1072729/mcim01919046_karsten-ottenberg.jpg?itok=sldz2AGm
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 3b85d4fbeeb7120f556a12dc8d9aa1adff5bb8233704b200d97f885845fceaa1

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Sat, 15 Sep 2018 11:23:40 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5b9cebbc-28ab"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10411

GET
H/1.1 200
OK softbankhdewvrght.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1072753/ 15 KB
16 KB 33ms
32ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1072753/softbankhdewvrght.jpg?itok=gMXURsbs
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 7bf5d5ccf83173c8ca3e08c81fe049a266a90098069bc26687ad33e068cca6f4

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Sun, 16 Sep 2018 12:02:22 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5b9e464e-3d84"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15748

GET
H/1.1 200
OK temenos-keystone.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073911/ 18 KB
18 KB 33ms
33ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073911/temenos-keystone.jpg?itok=ArBIIhcr
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 60f7dce94edb5f624ba3bf46aec3acaef9aebc2d37fb8d7780b24b8f64c2774c

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 05 Nov 2018 15:59:50 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5be068f6-469d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18077

GET
H/1.1 200
OK tyBdrbKfQ1E.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/media-youtube/ 8 KB
8 KB 32ms
32ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/media-youtube/tyBdrbKfQ1E.jpg?itok=prXY4iYm
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: f9ed847a3d541ce0fc72ca4a1b534f700f91bc344457651de28b640b20308f33

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 15 Oct 2018 13:29:12 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5bc49628-205f"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8287

GET
H/1.1 200
OK youtubeurs.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073311/teaser/ 16 KB
16 KB 32ms
32ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073311/teaser/youtubeurs.jpg?itok=K91u5tGz
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 68f705da98a99fe833d6bc6be7b0b9835edaf4c0a0747148939975ef10264ea2

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 08 Oct 2018 07:19:40 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5bbb050c-40e2"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16610

GET
H/1.1 200
OK capture_decran_2018-08-30_a_07.38.09.png
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1072383/teaser/ 95 KB
96 KB 33ms
32ms Image
image/png 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1072383/teaser/capture_decran_2018-08-30_a_07.38.09.png?itok=wRW1XNxW
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 5496b611dc9148eed30b7c3842e272c707d8ccb5509d4baa4bcee1f1fb7e53ba

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Thu, 30 Aug 2018 05:39:33 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5b878315-17d74"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97652

GET
H/1.1 200
OK breitling_dr.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073941/ 19 KB
19 KB 34ms
34ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073941/breitling_dr.jpg?itok=SqJeovwg
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 71504ef894c61c298b3ee7237468401b39e1eaf81a4a2a8bc9bf25ec00ff96b4

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 07 Nov 2018 16:13:45 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5be30f39-4a5d"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19037

GET
H/1.1 200
OK lausannepalacekeystone.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073697/ 23 KB
23 KB 33ms
33ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073697/lausannepalacekeystone.jpg?itok=KBehkl3n
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 43ac1352adfe09f2db7fbf679d4a5b9f51de454ccbfd8bc1b711c66dd0e8151e

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 24 Oct 2018 15:20:11 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5bd08dab-5cdb"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23771

GET
H/1.1 200
OK baselworld2-keystone.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073455/ 22 KB
22 KB 33ms
33ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073455/baselworld2-keystone.jpg?itok=eRrBM1jW
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 5c2096fb64c613c33e93d3a728e97d5ee382c4ee7881d2e0d3e0aa3cf881597b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Tue, 16 Oct 2018 08:42:44 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5bc5a484-5610"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22032

GET
H/1.1 200
OK vendanges-dr.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073795/ 27 KB
27 KB 34ms
33ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1073795/vendanges-dr.jpg?itok=KY5MrPXr
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 13edc0568104c15fd912199d31159f54c8ce5f9c5900966c706e255c799a48ed

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Tue, 30 Oct 2018 08:03:00 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5bd81034-6ae5"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27365

GET
H/1.1 200
OK vignes-keystone.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1072343/ 23 KB
24 KB 37ms
36ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1072343/vignes-keystone.jpg?itok=Bjxa0yrW
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: cfd881273ab0599b6688b4fb0514346ef7b1f5a9cf239175f449da2231093d63

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Tue, 28 Aug 2018 15:31:05 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5b856ab9-5d72"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23922

GET
H/1.1 200
OK denz2.jpg
5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1071228/ 20 KB
21 KB 33ms
33ms Image
image/jpeg 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/default/files/styles/excusive__desktop/public/story/1071228/denz2.jpg?itok=TrOcjPH9
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: a710429ac7e565b94b501cb96ee62c2261197d6d76cf414f9cf2462fc877fe10

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Fri, 06 Jul 2018 08:43:57 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5b3f2bcd-51ad"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20909

GET
H/1.1 200
OK script.js Show response
5.187.56.63/sites/all/themes/bilannew/js/ 27 KB
28 KB 47ms
36ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/all/themes/bilannew/js/script.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: b1e142370aa1c9210e06245d89ffce8b56444de631e84faf293b48af45ae2325

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Tue, 30 May 2017 08:04:01 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "592d2771-6dac"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28076
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H2

200

pinit.js Show response
assets.pinterest.com/js/
Redirect Chain

http://assets.pinterest.com/js/pinit.js
https://assets.pinterest.com/js/pinit.js

361 B
431 B

23ms
6ms

Script
application/javascript

2a02:26f0:6c00:283::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:283::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
status: 200
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=105
accept-ranges: bytes
content-length: 203
access-control-expose-headers: X-CDN

Redirect headers

Location: https://assets.pinterest.com/js/pinit.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK survey.js Show response
bilan.wemfbox.ch/2004/01/ 7 B
424 B 113ms
44ms Script
application/javascript 212.47.171.67
LIBERTYGLOBAL Lib...

General

Check archive.org

Show headers Download Go to

Full URL: http://bilan.wemfbox.ch/2004/01/survey.js
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 212.47.171.67 , Switzerland, ASN6830 (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding, aka AORTA), AT),
Reverse DNS
Software: s2.51.1 /
Resource Hash: 4e233a3a613ff1b208f6e54673b5be56f4f9d549dc52d3de994f425bc06a4609

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Thu, 24 Sep 2020 11:00:01 GMT
Server: s2.51.1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7
Content-Type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 12 KB
947 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/sites/all/themes/bilannew/css/pages.css?qh5w01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6876c16e0cc93e18768cdd11ed2a63d316f059b26ae6a08237895921e528f697

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/pages.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 12:29:42 GMT
server: ESF
date: Thu, 24 Sep 2020 12:31:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Sep 2020 12:31:49 GMT

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:800,regular|Open+Sans+Condensed:300&subset=latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://5.187.56.63
Referer: http://fonts.googleapis.com/css?family=Open+Sans:800,regular|Open+Sans+Condensed:300&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 18:26:45 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:09:28 GMT
Server: sffe
Age: 151504
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9132
X-XSS-Protection: 0
Expires: Wed, 22 Sep 2021 18:26:45 GMT

GET
H/1.1 200
OK ga.js Show response
5.187.56.63/sites/default/files/googleanalytics/ 45 KB
46 KB 34ms
34ms Script
application/x-javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/sites/default/files/googleanalytics/ga.js?qh5w01
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 18 Apr 2018 06:11:23 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "5ad6e18b-b4c2"
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46274
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
H/1.1 200
OK controltag Show response
cdn.krxd.net/ 16 KB
5 KB 146ms
130ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.krxd.net/controltag?confid=KWRts6JV
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d0e18ce3035d36857c609cb49eff0ae1d1898765d79b504a3721b31042434715

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
Date: Thu, 24 Sep 2020 12:31:49 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 0
X-Cache: MISS, MISS, HIT
X-App-Cache: HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4712
X-Served-By: config-service-a002-ash-prod.krxd.net, cache-bwi5133-BWI, cache-hhn4026-HHN
X-Response-Time: 1
X-Do-Esi: esi
X-Timer: S1600950710.549645,VS0,VE91
ETag: "95d7f19ca6a388b4350e88a2d55c388ecef16fe0"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=1200
Accept-Ranges: bytes
X-Age: 0
X-Cache-Hits: 0, 0, 1

GET
H2

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

http://securepubads.g.doubleclick.net/tag/js/gpt.js
https://securepubads.g.doubleclick.net/tag/js/gpt.js

52 KB
17 KB

57ms
56ms

Script
text/javascript

172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

4f1197f77238dce7d081a43b7e33c21c7ee63d9bbce0cbd2b8da1785115010e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "642 / 381 of 1000 / last-modified: 1600945960"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17601
x-xss-protection: 0
expires: Thu, 24 Sep 2020 12:31:49 GMT

Redirect headers

Date: Thu, 24 Sep 2020 12:04:19 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 1650
Content-Type: text/html; charset=UTF-8
Location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control: public, max-age=1800
Content-Length: 249
X-XSS-Protection: 0
Expires: Thu, 24 Sep 2020 12:34:19 GMT

GET
H/1.1 200
OK / Show response
weather.da-services.ch/ 864 B
642 B 124ms
29ms XHR
application/json 35.156.63.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weather.da-services.ch/
Requested by: Host: tdn.da-services.ch
URL: http://tdn.da-services.ch/current/bilan.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.63.21 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-63-21.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.1 / Express
Resource Hash: 9f386d4d3589210ecbe7ec755e1bedc18e40324e473d1bf4df6163b4b12d37fe

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Content-Encoding: gzip
Server: nginx/1.14.1
X-Powered-By: Express
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 313

GET
H2 200 prebid3.6.0.js Show response
tdn.da-services.ch/libs/ 135 KB
52 KB 80ms
29ms Script
application/javascript 143.204.215.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tdn.da-services.ch/libs/prebid3.6.0.js
Requested by: Host: tdn.da-services.ch
URL: http://tdn.da-services.ch/current/bilan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.110 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-110.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: de2b6f2f43c98d0e66a02bcc6da59121858840859d091e0d215ae85bb9124146

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 17 Sep 2020 10:22:37 GMT
content-encoding: gzip
age: 612553
x-cache: Hit from cloudfront
status: 200
content-length: 53111
last-modified: Tue, 11 Feb 2020 08:46:37 GMT
server: AmazonS3
etag: "cffd9b4f4f87858166c772a3bc77e446"
content-type: application/javascript; charset=utf-8
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf567.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: 7xlNze9gEsInfSHwTbHRYjsD79OxZlC6OAQ8xGii19s2uW_lTVxlzQ==
expires: Wed, 10 Feb 2021 08:46:31 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 111ms
36ms Script
application/javascript 99.86.243.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: tdn.da-services.ch
URL: http://tdn.da-services.ch/current/bilan.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.25 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-25.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 18:28:44 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 08 Jul 2020 20:34:30 GMT
Server: AmazonS3
Age: 151386
ETag: W/"a8663f72a1dbe614b19f167a59af368d"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: yB1iRoXsoamIoIFi9wtmujsvArmoD3gKFDVbjHyKKbbib46NUeb3NA==

GET
H2 200 beagle.min.js Show response
beagle.prod.tda.link/scripts/bilan/ 13 KB
6 KB 131ms
37ms Script
application/javascript 13.35.43.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beagle.prod.tda.link/scripts/bilan/beagle.min.js
Requested by: Host: tdn.da-services.ch
URL: http://tdn.da-services.ch/current/bilan.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.43.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-43-129.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d51453f8c67401baea07d081615a2e9c802ad6f666d23fd61ceaf96bc181a71f

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 00:58:23 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 11:42:19 GMT
server: AmazonS3
age: 41607
etag: W/"2577562c598846f0aa94c7c1ead2ffec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=90000
x-amz-cf-pop: MXP64-C1
x-amz-cf-id: EIR0c5bzIykqD2z1q1UZp0iae4yzE1XP9y3Yl6mR0bhcdRpEs3MHug==
via: 1.1 c60d08323363c4861c206b74cb68eeb1.cloudfront.net (CloudFront)

GET
H2 204 optout Show response
tagger.opecloud.com/goldbach/v2/tagger/ 0
329 B 95ms
28ms XHR
text/plain 3.126.112.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagger.opecloud.com/goldbach/v2/tagger/optout
Requested by: Host: tdn.da-services.ch
URL: http://tdn.da-services.ch/current/bilan.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.112.135 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-112-135.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 12:31:49 GMT
status: 204
vary: Origin
p3p: CP="ADMa OUR IND DSP NON COR"
access-control-allow-origin: http://5.187.56.63
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2

200

gtm.js Show response
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-NMX72D
https://www.googletagmanager.com/gtm.js?id=GTM-NMX72D

118 KB
39 KB

35ms
35ms

Script
application/javascript

2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NMX72D

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88db58a7ffaee9c238329d26ef87f85de67c0acdf3572ffa7e68624937909874

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:49 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39462
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Sep 2020 12:31:49 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-NMX72D
Date: Thu, 24 Sep 2020 12:31:49 GMT
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ 700 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40b287cd4cb83d6ff3d007e7e9ffc56c7753c21bfb69ee9976afd8f0abd9c544

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 204 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbd5cd8bbfd3ebc0e54ec612aa750a5459d884a936f6d853b0d24948702e8ba3

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 440 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a1642b43e44246c77f13c5f67f41b12b6b60568c8c9aead57de23578b8e24c9

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 263 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f59028e19a39f887f4f3655cd44631af144638c111cecea68f5d9a96b96d943f

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4c40b1f7d0a51143058d06b901f61020d4d6fbcb576e97c2380662106875e08

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e42b70ba670efbef99f7fca308fed36f00d180185ba45aecb6dfe1bed2bc04a1

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 500
Internal Server Error GetCustomFirst.ashx
epaper.tamedia.ch/ 0
0 14814ms
14799ms Image
text/html 145.234.241.155
TAMEDIA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://epaper.tamedia.ch/GetCustomFirst.ashx?product=Bilan&edition=Bilan&width=110
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
Protocol: HTTP/1.1
Server: 145.234.241.155 Zurich, Switzerland, ASN206567 (TAMEDIA-AS, CH),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 433 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e0bae781528a9ee0bfa5867ab6a7e9eb3304ff864d31268957706c48cb60fac

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 126 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e457a1f5c855a40b853c0f8f6421db58c3e7b443444389e3ac1cb128bb02fc97

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/navigation.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 971 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d809ff33dbedea976423639f3d43504b61d9e882e5e65f617ee786b18855cc4c

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK icons.svg
5.187.56.63/sites/all/themes/bilannew/images/icons/ 62 KB
63 KB 35ms
35ms Image
image/svg+xml 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/all/themes/bilannew/images/icons/icons.svg
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 2e3a1a4fb83631af20b1939f1a86f1098ac8572ba9cd69c1d83974a9c4b52346

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97c-f956"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63830

GET
DATA 200
OK truncated
/ 814 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 828be7018fe99ca3ba8c2d44bb2db3469c8b7dcfd22d4b040ff58d5830e3d7b0

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://5.187.56.63
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 18:22:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 151766
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Wed, 22 Sep 2021 18:22:23 GMT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:800,regular|Open+Sans+Condensed:300&subset=latin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://5.187.56.63
Referer: http://fonts.googleapis.com/css?family=Open+Sans:800,regular|Open+Sans+Condensed:300&subset=latin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 18:42:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:09:44 GMT
Server: sffe
Age: 150548
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9192
X-XSS-Protection: 0
Expires: Wed, 22 Sep 2021 18:42:41 GMT

GET
H/1.1 200
OK banner Show response
ad1.adfarm1.adition.com/ 938 B
1 KB 30ms
30ms Script
text/javascript 217.79.188.2
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: http://ad1.adfarm1.adition.com/banner?sid=2674635&adjsver=3&fvers=&iframe=0&ref=&os=5&browser=11&userid=0&wi=463386964&ac=1&screen_res=6&prf[_tcf_enabled]=0&prf[_tcf_pp_personal]=0&wpt=J&clickurl=
Requested by: Host: ad1.adfarm1.adition.com
URL: http://ad1.adfarm1.adition.com/js?wp_id=2674635
Protocol: HTTP/1.1
Server: 217.79.188.2 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ad1.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: e971016f98abb48687f5b4f7b3cc18136c635673363ea0d3df42d3b4bad19c9c

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 14:31:49 +0200
Content-Encoding: gzip
Server: ADITIONSERVER v1.0
Transfer-Encoding: chunked
P3P: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl_2020091601.js Show response
securepubads.g.doubleclick.net/gpt/ 263 KB
92 KB 58ms
57ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js?t=732182929

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

3be81ab15cc2905d3ef54418cd0fa664e85d19c4a5550e28b071a39bd1316070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Sep 2020 08:40:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94378
x-xss-protection: 0
expires: Thu, 24 Sep 2020 12:31:49 GMT

GET
H/1.1 204
No Content 5.187.56.63.js Show response
u.heatmap.it/conf/ 0
296 B 49ms
48ms Script
text/javascript 46.105.202.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://u.heatmap.it/conf/5.187.56.63.js
Requested by: Host: u.heatmap.it
URL: http://u.heatmap.it/log.js
Protocol: HTTP/1.1
Server: 46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
X-Cacheable: Cacheable
X-CDN-Pop-IP: 137.74.120.0/27
X-IPLB-Instance: 32129
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=60
X-CDN-Pop: sbg
X-Request-ID: 139134448
Expires: Thu, 24 Sep 2020 12:36:50 GMT

GET
H2

200

native9.5.js Show response
static.r66net.com/script_s1/
Redirect Chain

http://k.r66net.com/GetNativeLink
https://static.r66net.com/script_s1/native9.5.js

81 KB
29 KB

116ms
23ms

Script
application/javascript

68.232.35.125
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.r66net.com/script_s1/native9.5.js
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.125 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4191) /
Resource Hash: 90342ff21dc9939bda4652c7ecf43e11bf40b0b95cd1d0e835086e544776d6e8

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:49 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 09:00:47 GMT
server: ECS (fcn/4191)
age: 98709
status: 200
etag: "5f61d43f-1457b"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800, public, no-transform
accept-ranges: bytes
content-length: 29292
expires: Thu, 01 Oct 2020 12:31:49 GMT

Redirect headers

Location: https://static.r66net.com/script_s1/native9.5.js
Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:49 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: -1
Content-Length: 165
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK padlock-square.png
5.187.56.63/sites/all/themes/bilannew/images/ 720 B
1 KB 31ms
31ms Image
image/png 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/sites/all/themes/bilannew/images/padlock-square.png
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/sites/all/themes/bilannew/css/pages.css?qh5w01
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 18c5fe0a5601b8289632c4b923c3d4903c36970bd625dae39731747771f5637f

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/pages.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Wed, 01 Jun 2016 12:47:56 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
ETag: "574ed97c-2d0"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 720
Expires: Sat, 24 Oct 2020 12:31:49 GMT

GET
DATA 200
OK truncated
/ 260 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bce2fefd1ddbd333378401368b02836f4f7aaf6a3a170654fc83a9c7989386f

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 632 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bdfbf9cdd5c9c10eb942c97af96a5fd954a09f831e61a4877e35ae47f8a93fb

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 373 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43dd2cacf58db0c875a23f9fd544f8500099633465eccfd2cc03207db1734c63

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 697 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b4021d453b39137a6e8d37f0d4bcaa4e3f1a59ac723b14015a1938165b5c81a

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK icone.png
files.newsnetz.ch/_nn/bilan/ 6 KB
6 KB 4901ms
4886ms Image
image/png 89.187.169.37
CDN77

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://files.newsnetz.ch/_nn/bilan/icone.png

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01

Protocol

HTTP/1.1

Server

89.187.169.37 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),

Reverse DNS

unn-89-187-169-37.cdn77.com

Software

BunnyCDN-DE1-601 /

Resource Hash

bbde3ff5fed56039f99b945ee83a75a032ab48a644b2711216846c2842ee373d

Security Headers

Name	Value
Strict-Transport-Security	max-age=60

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:54 GMT
CDN-EdgeStorageId: 601
Age: 0
CDN-CachedAt: 2020-09-24 14:31:54
CDN-PullZone: 119638
Connection: keep-alive
Content-Length: 5664
Access-Control-Allow-Origin: *
Last-Modified: Mon, 21 Mar 2016 15:46:32 GMT
Server: BunnyCDN-DE1-601
Strict-Transport-Security: max-age=60
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/png
CDN-Cache: MISS
CDN-Uid: b7c9ba0d-477f-47aa-a744-9ebfddf2293b
Cache-Control: max-age=300, stale-while-revalidate = 86400, stale-if-error = 86400
Access-Control-Allow-Credentials: true
CDN-RequestId: d68883f6bfb10cca466c6b3d1acc8437
CDN-RequestCountryCode: FR
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 24 Sep 2020 15:32:48 GMT

GET
DATA 200
OK truncated
/ 475 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ac461d1a2eeaa200087f5fb445efcf5273aa1537c0864d498e0c5c7cd7d81a3

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 500
Internal Server Error GetCustomFirst.ashx
epaper.tamedia.ch/ 0
0 14738ms
14724ms Image
text/html 145.234.241.155
TAMEDIA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://epaper.tamedia.ch/GetCustomFirst.ashx?product=Bilan&edition=Bilan&width=200
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
Protocol: HTTP/1.1
Server: 145.234.241.155 Zurich, Switzerland, ASN206567 (TAMEDIA-AS, CH),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47b616d30999c5e634bec5c793355b249afe190f45740969551b69ca3e206557

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 105 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf38e36e83c03851ef6ad378a251217256a9a42547beea0d57fcbb8031241034

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/navigation.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 564 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab17cb7c7169d4b5a2dab9184812166bc873f3b9a07b1064da3fe31ad060effe

Request headers

Referer: http://5.187.56.63/sites/all/themes/bilannew/css/bilannew.css?qh5w01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

6ms
5ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

81d6078e66f24f09358cda9a85554f79d39bb9c6f19ccb56c3e82dee5411872e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 7jyqx4lp6bJ09amf5tGRdQ==
status: 200
cross-origin-resource-policy: cross-origin
expires: Thu, 24 Sep 2020 12:50:58 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1776
etag: "34d12f8a3a4749054c4110feb1c4a853"
x-fb-debug: K9JkGwsZufR7XYFNcL0k0HF5Fn+GNvwwZq4zBAr7YLO3p+uX+i3/YMN8PKDQux5JYQmTK6lp3Fh0bk9mzbjcug==
x-fb-trip-id: 664085054
x-fb-content-md5: 26e3390f39c3c1c8b6bf36b42fa3430b
date: Thu, 24 Sep 2020 12:31:49 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS

GET
H2

200

all.js Show response
connect.facebook.net/fr_FR/
Redirect Chain

http://connect.facebook.net/fr_FR/all.js
https://connect.facebook.net/fr_FR/all.js

3 KB
2 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/all.js

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

298d2de740f2359821ab89f152c7f1c09c08037ea9bb1d99022c8924cf63a791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Vo57slsT5LH3058OtqIAjA==
status: 200
cross-origin-resource-policy: cross-origin
expires: Thu, 24 Sep 2020 12:40:52 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
etag: "6054a3d43a8cb523a40cb7e5f9996abd"
x-fb-debug: 4GQYkpXMU35mEX8ngpFIoZ6O8C8aSlhW7APBzc6ClBkDBAkV+KIPTUJ4a4xK7aTB/A3NvHj6iMKIeD3XH15JmQ==
x-fb-trip-id: 664085054
x-fb-content-md5: abe8ff609d6070556b4b0db74f69fd1e
date: Thu, 24 Sep 2020 12:31:49 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/fr_FR/all.js
Non-Authoritative-Reason: HSTS

POST
H/1.1 200
OK jstats.php Show response
5.187.56.63/ 13 B
332 B 64ms
64ms XHR
text/javascript 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to

Full URL: http://5.187.56.63/jstats.php
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/sites/all/themes/bilannew/js/jquery-1.6.4.min.js?v=1.6
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.9
Resource Hash: 1a01974678aaba9e960f271a176e0088814f8aeb6c03c3d87603ff1e17bb4006

Request headers

Accept: */*
Referer: http://5.187.56.63/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Server: nginx/1.4.6 (Ubuntu)
X-Backend-Container: c9783d20c1b8
X-Powered-By: PHP/5.5.9-1ubuntu4.9
Content-Type: text/javascript; charset=utf-8
Cache-Control: must-revalidate
Connection: keep-alive
Content-Length: 13
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H/1.1

200
OK

blank.gif
bilan.wemfbox.ch/
Redirect Chain

http://bilan.wemfbox.ch/cgi-bin/ivw/CP/HOME?r=&d=66775.48676985168&x=1600x1200
http://bilan.wemfbox.ch/blank.gif

43 B
426 B

29ms
29ms

Image
image/gif

212.47.171.67
LIBERTYGLOBAL Lib...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bilan.wemfbox.ch/blank.gif
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 212.47.171.67 , Switzerland, ASN6830 (LIBERTYGLOBAL Liberty Global (formerly UPC Broadband Holding, aka AORTA), AT),
Reverse DNS
Software: s2.51.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: s2.51.1
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Last-Modified: Thu, 24 Sep 2020 12:31:49 GMT
Server: s2.51.1
Transfer-Encoding: chunked
Content-Type: text/html
Location: /blank.gif
Cache-Control: max-age=0, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
Expires: Tue, 22 Aug 2000 15:05:01 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 14ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://platform.twitter.com/widgets.js?_=1600950709659
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/sites/all/themes/bilannew/js/jquery-1.6.4.min.js?v=1.6
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40AD) /
Resource Hash: a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Sep 2020 20:40:54 GMT
Server: ECS (fcn/40AD)
Age: 217
Etag: "a58136137a93f33c1d165df7d4d973f8+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28881

GET
H2 200 plusone.js Show response
apis.google.com/js/ 49 KB
19 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/sites/all/themes/bilannew/js/jquery-1.6.4.min.js?v=1.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f2c340d4d321d330481d603dedfbe6a1cc533ff6e604edbcb4fc86a15d2fb8f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W3G6OvdLtFmu9FiiLmrQeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "925673017275770fc136d24fdea72590"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-W3G6OvdLtFmu9FiiLmrQeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 24 Sep 2020 12:31:49 GMT

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 69 KB
19 KB 8ms
8ms Script
application/javascript 2a02:26f0:6c00:283::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.1992740313920307
Requested by: Host: assets.pinterest.com
URL: http://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:283::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: e2abf908a6fecb708af1f845e267abbbe2d830ac89aeb8386088705e234704bb

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
status: 200
etag: "bf1e61646bf2db5735507d1a0f76d5ed"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=35
accept-ranges: bytes
content-length: 19131
access-control-expose-headers: X-CDN

GET
H/1.1 200
OK controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727 Show response
cdn.krxd.net/ctjs/ 249 KB
80 KB 28ms
26ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Requested by: Host: cdn.krxd.net
URL: http://cdn.krxd.net/controltag?confid=KWRts6JV
Protocol: HTTP/1.1
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-CDN-Backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
Date: Thu, 24 Sep 2020 12:31:49 GMT
Content-Encoding: gzip
Age: 17012076
x-amz-server-side-encryption: AES256
X-Cache: HIT
Connection: keep-alive
Content-Length: 81295
X-Served-By: cache-hhn4026-HHN
Last-Modified: Wed, 11 Mar 2020 14:15:55 GMT
X-Timer: S1600950710.776057,VS0,VE0
ETag: "e4cdf7ad64ebac73f207c1ce55cc1727"
Content-Type: application/javascript
Via: 1.1 varnish
Expires: Sat, 09 Mar 2030 14:15:54 GMT
Cache-Control: public, max-age=315360000
Accept-Ranges: bytes
X-Cache-Hits: 57958

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1658573682&utmhn=5.187.56.63&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Bilan%20%...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1658573682&utmhn=5.187.56.63&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Bilan%20...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25168856-1&cid=1517168362.1600950710&jid=1581458460&_v=5.7.2&z=1658573682

35 B
112 B

16ms
14ms

Image
image/gif

2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25168856-1&cid=1517168362.1600950710&jid=1581458460&_v=5.7.2&z=1658573682

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 24 Sep 2020 12:31:49 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Sep 2020 12:31:49 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25168856-1&cid=1517168362.1600950710&jid=1581458460&_v=5.7.2&z=1658573682
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 371
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 194 KB
59 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=a0436dd0e50f12064cc2f4e3fcec2f40&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

04415bd40349c8c9a02e642d14005fe68b6468f500ddc7cd596e118ee5f7ae66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://5.187.56.63
Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: D/gIe4Nd9vYy8/FZ32wL8g==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 59856
etag: "5b4eb9f285e80bb9fee381cf18f0ae9b"
x-fb-debug: gFCRA+VYW7E6z4gisypHhQ/L0Z9RFLQtJ6WCJtvUss8hxKFtfDjzX/Lx+c03WeHHepUL1erMXFTBaSvAbKfTpg==
x-fb-trip-id: 664085054
x-fb-content-md5: d7529858f858e536d4ac67259f063e6b
x-frame-options: DENY
date: Thu, 24 Sep 2020 12:31:49 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Fri, 24 Sep 2021 08:25:26 GMT

GET
H/1.1 200
OK pub Show response
pixel.adsafeprotected.com/services/ 1 KB
2 KB 72ms
56ms XHR
application/json 63.34.216.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://pixel.adsafeprotected.com/services/pub?anId=930546&slot=%7Bid:myFakeSlot,ss:%5B0.0%5D,p:myFakeSlot,t:display%7D&slot=%7Bid:tatm-bilan_test_wideboard,ss:%5B300.250,320.50,320.64,320.160,320.416,728.90,970.250,994.118,994.250,994.500,994.501,994.502%5D,p:46753895/fr-bilan.ch/inside-full-top/front,t:display%7D&slot=%7Bid:tatm-inside-full-economie,ss:%5B300.250,320.50,320.64,320.160,320.416,336.280,640.400,728.90,970.250,994.118,994.250%5D,p:46753895/fr-bilan.ch/inside-full-economie/front,t:display%7D&slot=%7Bid:tatm-inside-full-finance,ss:%5B300.250,320.50,320.64,320.160,320.416,336.280,640.400,728.90,970.250,994.118,994.250%5D,p:46753895/fr-bilan.ch/inside-full-finance/front,t:display%7D&slot=%7Bid:tatm-inside-full-entreprises,ss:%5B300.250,320.50,320.64,320.160,320.416,336.280,640.400,728.90,970.250,994.118,994.250%5D,p:46753895/fr-bilan.ch/inside-full-entreprises/front,t:display%7D&slot=%7Bid:tatm-inside-full-techno,ss:%5B300.250,320.50,320.64,320.160,320.416,336.280,640.400,728.90,970.250,994.118,994.250%5D,p:46753895/fr-bilan.ch/inside-full-techno/front,t:display%7D&slot=%7Bid:tatm-inside-full-luxe,ss:%5B300.250,320.50,320.64,320.160,320.416,336.280,640.400,728.90,970.250,994.118,994.250%5D,p:46753895/fr-bilan.ch/inside-full-luxe/front,t:display%7D&slot=%7Bid:tatm-outside-left,ss:%5B160.600,160.601,245.770,300.600,300.601%5D,p:46753895/fr-bilan.ch/outside-left/front,t:display%7D&slot=%7Bid:tatm-outside-right,ss:%5B160.600,245.770,300.600,500.1000%5D,p:46753895/fr-bilan.ch/outside-right/front,t:display%7D&slot=%7Bid:tatm-inside-full-pos1,ss:%5B300.250,300.600,320.50,320.64,320.160,320.416,336.280,728.90,960.800,970.250,994.118,994.250%5D,p:46753895/fr-bilan.ch/inside-full-pos1/front,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=8a4f92e8-fd13-766d-f978-033302929740&url=http%253A%252F%252F5.187.56.63%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: HTTP/1.1
Server: 63.34.216.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-216-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3055afce25f08e1e6b8ed259392ae6c654629aca534e61e969ff75fb7214fd11

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:49 GMT
X-Server-Name: app02.ie.303net.net
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: http://5.187.56.63
Access-Control-Expose-Headers: X-Server-Name
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Server: nginx

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: SWI0DLPBKq1xXSj7CyM/0Db4qmNpLwVNiTuo9VvOWFEdilS67tf2+C8v781LBVgZ5wt5+0JIjikqG+FLmZJyyA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 24 Sep 2020 12:31:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html
platform.twitter.com/widgets/ Frame BDB2 0
0 26ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=http%3A%2F%2F5.187.56.63
Requested by: Host: platform.twitter.com
URL: http://platform.twitter.com/widgets.js?_=1600950709659
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4187) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://5.187.56.63/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://5.187.56.63/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 743496
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 24 Sep 2020 12:31:49 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Tue, 01 Sep 2020 17:58:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4187)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H2

200

http%3A%2F%2F5.187.56.63%2F
pexus.prod.tda.link/v1/create/7466566853891906677/f705d4c4da428d8bdba3a142338f2f20/
Redirect Chain

https://secure.adnxs.com/getuid?https://pexus.prod.tda.link/v1/create/$UID/f705d4c4da428d8bdba3a142338f2f20/http%253A%252F%252F5.187.56.63%252F
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpexus.prod.tda.link%2Fv1%2Fcreate%2F%24UID%2Ff705d4c4da428d8bdba3a142338f2f20%2Fhttp%25253A%25252F%25252F5.187.56.63%25252F
https://pexus.prod.tda.link/v1/create/7466566853891906677/f705d4c4da428d8bdba3a142338f2f20/http%3A%2F%2F5.187.56.63%2F

2 B
251 B

94ms
29ms

Image
text/plain

18.194.220.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pexus.prod.tda.link/v1/create/7466566853891906677/f705d4c4da428d8bdba3a142338f2f20/http%3A%2F%2F5.187.56.63%2F

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.220.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-220-116.eu-central-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:50 GMT
server: nginx/1.17.10
status: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Requested-With, Origin
content-length: 2

Redirect headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:49 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 731.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.38:80
AN-X-Request-Uuid: f50a778d-fbc3-45f5-b15f-5ef976592407
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pexus.prod.tda.link/v1/create/7466566853891906677/f705d4c4da428d8bdba3a142338f2f20/http%3A%2F%2F5.187.56.63%2F
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

opx
sync.sharethis.com/
Redirect Chain

https://tagger.opecloud.com/goldbach/v2/custom-no-tagger?type=tasync&taid=f705d4c4da428d8bdba3a142338f2f20
https://tagger.opecloud.com/goldbach/v2/custom-no-tagger?type=tasync&taid=f705d4c4da428d8bdba3a142338f2f20&trackability-redirect=true
https://secure.adnxs.com/getuid?https%3A%2F%2Ftagger.opecloud.com%2Fappnexus%2Fpbfs.gif%3Fsource%3Dgoldbach%26state%3D2-pUp4FFXO0YvwOfYIwGiLWf%252BtgrLndtpTEw%253D%253D%26puid%3D%24UID
https://tagger.opecloud.com/appnexus/pbfs.gif?source=goldbach&state=2-pUp4FFXO0YvwOfYIwGiLWf%2BtgrLndtpTEw%3D%3D&puid=7466566853891906677
https://cm.g.doubleclick.net/pixel?region=dbm&google_nid=1plusx_dmp&google_cm&state=2-WwDC5bRRCwAiXxpEGj4%2BwLox2sAWsRrpBw%3D%3D&source=goldbach
https://cm.g.doubleclick.net/pixel?region=dbm&google_nid=1plusx_dmp&google_cm=&state=2-WwDC5bRRCwAiXxpEGj4%2BwLox2sAWsRrpBw%3D%3D&source=goldbach&google_tc=
https://tagger.opecloud.com/dbm/opecs.gif?region=dbm&state=2-WwDC5bRRCwAiXxpEGj4%2BwLox2sAWsRrpBw%3D%3D&source=goldbach&google_gid=CAESEPHKF89BxLASi0_Os8Ht5Bs&google_cver=1
https://sync.sharethis.com/opx?rurl=https%3A%2F%2Ftagger.opecloud.com%2Fsharethis%2Fpbfs.gif%3Fsource%3Dgoldbach%26state%3D2-Td4PgdJdmpWKp4bK9%252BTWZZcfuGMYiIPqVw%253D%253D%26puid%3D

42 B
167 B

113ms
28ms

Image
image/gif

3.127.132.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.sharethis.com/opx?rurl=https%3A%2F%2Ftagger.opecloud.com%2Fsharethis%2Fpbfs.gif%3Fsource%3Dgoldbach%26state%3D2-Td4PgdJdmpWKp4bK9%252BTWZZcfuGMYiIPqVw%253D%253D%26puid%3D
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.132.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-132-197.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:50 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 24 Sep 2020 12:31:50 GMT
content-encoding: gzip
status: 302
vary: Accept-Encoding
location: https://sync.sharethis.com/opx?rurl=https%3A%2F%2Ftagger.opecloud.com%2Fsharethis%2Fpbfs.gif%3Fsource%3Dgoldbach%26state%3D2-Td4PgdJdmpWKp4bK9%252BTWZZcfuGMYiIPqVw%253D%253D%26puid%3D
cache-control: no-cache, no-store, must-revalidate
content-length: 20
expires: 0

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.rMJI4WR09CY.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCPRb_B1g8z3qIwl7l27GWLe47nxIA/ 137 KB
48 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.rMJI4WR09CY.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCPRb_B1g8z3qIwl7l27GWLe47nxIA/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5754a78fea82bb52d068d3c64de5ab9ae7ed70de719090407bb2ade232a5b7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 19:45:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Sep 2020 19:28:50 GMT
server: sffe
age: 60354
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49024
x-xss-protection: 0
expires: Thu, 23 Sep 2021 19:45:55 GMT

GET
H2 200 199812707450378 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/199812707450378?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a5deff45596a591f49bbe15fdf9d87fe7d221dc41abbc46fab3f953338df321

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 134842
x-xss-protection: 0
pragma: public
x-fb-debug: SySfm6uQnMnOjcY4gPxJ69WGK46B+WCbvQ0PKylzDA/8g+7n+4uHryhj/qz2gL7cDTpYUpRvLbxLlwCq95bnfg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 24 Sep 2020 12:31:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 26ms
25ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=432906663441736&input_token&origin=1&redirect_uri=http%3A%2F%2F5.187.56.63%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=a0436dd0e50f12064cc2f4e3fcec2f40&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
pragma: no-cache
x-fb-debug: Y5ra+5r/iono0fNELtVlT+7LAg4dMRuMr3Yg5E8gF3AjMtxTprFGMGWXH6n3ahaetwIJn+RaMfNciv5WCoR7nQ==
fb-s: unknown
cache-control: private, no-cache, no-store, must-revalidate
date: Thu, 24 Sep 2020 12:31:49 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://5.187.56.63
access-control-expose-headers: fb-s
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame A3F4 0
0 85ms
28ms Document
text/html 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: http://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cdn.krxd.net
:scheme: https
:path: /partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://5.187.56.63/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://5.187.56.63/

Response headers

status: 200
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Thu, 24 Sep 2020 12:31:49 GMT
via: 1.1 varnish
age: 39445473
x-served-by: cache-hhn4054-HHN
x-cache: HIT
x-cache-hits: 1331455
x-timer: S1600950710.971889,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H2 200 /
www.facebook.com/tr/ 44 B
242 B 8ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=199812707450378&ev=PageView&dl=http%3A%2F%2F5.187.56.63%2F&rl=&if=false&ts=1600950709937&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=29&it=1600950709870&coo=false&rqm=GET

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 24 Sep 2020 12:31:49 GMT

POST
H2 200 page.json Show response
zuba.prod.tda.link/v1/dakt2/ 3 B
211 B 28ms
28ms XHR
application/json 18.194.220.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://zuba.prod.tda.link/v1/dakt2/page.json

Requested by

Host: beagle.prod.tda.link
URL: https://beagle.prod.tda.link/scripts/bilan/beagle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.220.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-220-116.eu-central-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 24 Sep 2020 12:31:50 GMT
server: nginx/1.17.10
status: 200
vary: Origin
content-type: application/json; utf-8
access-control-allow-origin: http://5.187.56.63
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 3

OPTIONS
H2 200 page.json
zuba.prod.tda.link/v1/dakt2/ Frame 0
0 97ms
27ms Other 18.194.220.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://zuba.prod.tda.link/v1/dakt2/page.json

Protocol

Server

18.194.220.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-220-116.eu-central-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://5.187.56.63
Sec-Fetch-Mode: cors

Response headers

status: 200
server: nginx/1.17.10
date: Thu, 24 Sep 2020 12:31:50 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: http://5.187.56.63
access-control-max-age: 1728000
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 be7d9a40-d3d2-456f-a3c6-0aa6f4898c19 Show response
consumer.krxd.net/consent/get/ 235 B
427 B 107ms
51ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/be7d9a40-d3d2-456f-a3c6-0aa6f4898c19?idt=device&dt=kxcookie&callback=Krux.ns.tamedia.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: http://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8deacbf90ee1a4e546a72788e65506c2f9bf92e7fb8c05b86c78fd85044da344

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:50 GMT
content-encoding: gzip
age: 0
x-served-by: consumer-a008-dub-prod.krxd.net, cache-hhn4083-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1600950710.064833,VS0,VE25
content-length: 188
via: 1.1 varnish
x-cache-hits: 0, 0

GET
H2 200 native5.0.css
static.r66net.com/Content/ 7 KB
2 KB 26ms
23ms Stylesheet
text/css 68.232.35.125
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.r66net.com/Content/native5.0.css
Requested by: Host: k.r66net.com
URL: http://k.r66net.com/GetNativeLink
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.125 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4191) /
Resource Hash: 0f9e1698bb38f03444c2568a8c4766ba3e1d3eeaa01fd75c78dfaacab30861d7

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:50 GMT
content-encoding: gzip
last-modified: Sat, 15 Aug 2020 12:39:04 GMT
server: ECS (fcn/4191)
age: 430656
status: 200
etag: "5f37d768-1b82"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800, public, no-transform
accept-ranges: bytes
content-length: 1992
expires: Thu, 01 Oct 2020 12:31:50 GMT

GET
H3-Q050 200 collect
stats.g.doubleclick.net/r/ 35 B
93 B 17ms
15ms Image
image/gif 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?xyzNoCache=4xytcduu

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 24 Sep 2020 12:31:50 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GetOptIn Show response
u.videostep.com/User/ 66 B
365 B 228ms
146ms Script
application/x-javascript 216.59.56.23
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://u.videostep.com/User/GetOptIn?callback=invibes.cb_6bpp697a
Requested by: Host: k.r66net.com
URL: http://k.r66net.com/GetNativeLink
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.23 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b5dd59c250b713e61b349967383976af3e809b8fe71f9e0d382325c2a63bca86

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:49 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: private
content-length: 183

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 16ms
16ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=5.187.56.63

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Sep 2020 12:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=5.187.56.63

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Sep 2020 12:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
7 KB 82ms
81ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3828981398586068&correlator=1191216362819075&output=ldjh&impl=fifs&eid=21067119%2C21066466%2C21067118%2C21067517%2C21066904%2C21067199%2C21067022&vrg=2020091601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200924&iu_parts=46753895%2Cfr-bilan.ch%2Cinside-full-top%2Cfront%2Coutside-left%2Coutside-right&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F4%2F3%2C0%2F1%2F5%2F3&prev_iu_szs=320x50%7C728x90%7C970x250%7C994x118%7C994x250%7C994x500%7C994x501%7C994x502%7C1x1%2C320x50%7C160x600%7C160x601%7C245x770%7C300x600%7C300x601%7C1x1%2C320x50%7C160x600%7C245x770%7C300x600%7C500x1000%7C1x1&fluid=height%2Cheight%2Cheight&fsbs=1%2C1%2C1&prev_scp=id%3Deb20f5e9-fe61-11ea-b058-02c790015d1e%26vw%3D40%252C50%252C60%26grm%3D40%252C50%252C60%252C70%7Cid%3Deb20f5ef-fe61-11ea-b058-02c790015d1e%26vw30%3D40%252C50%26vw%3D40%252C50%252C60%26vw05%3D40%26vw15%3D40%252C50%26grm%3D40%252C50%252C60%26vw10%3D40%252C50%7Cid%3Deb20f5f0-fe61-11ea-b058-02c790015d1e%26vw30%3D40%26vw%3D40%252C50%252C60%252C70%252C80%26vw05%3D40%252C50%252C60%252C70%252C80%26vw15%3D40%252C50%26grm%3D40%252C50%252C60%26vw10%3D40%252C50%252C60&eri=1&cust_params=pagetype%3Doverview%26orientation%3Dlandscape%26viewportwidth%3D1600%26viewportheight%3D1200%26screendensity%3D1%26weather_temp%3Dmittel%26weather%3Dregen%26weather_cluster%3Dregen%26forecast_weather%3Dgrd1bewoelkt%252Cgrd2bewoelkt%252Cgrd3bewoelkt%252Cgrd4na%252Csmd1na%252Csmd2bewoelkt%252Csmd3bewoelkt%252Csmd4bewoelkt%252Cbsd1regen%252Cbsd2regen%252Cbsd3sonnig%252Cbsd4regen%252Clud1regen%252Clud2regen%252Clud3bewoelkt%252Clud4regen%252Cvsd1bewoelkt%252Cvsd2bewoelkt%252Cvsd3na%252Cvsd4regen%252Cbed1regen%252Cbed2regen%252Cbed3sonnig%252Cbed4regen%252Ctid1regen%252Ctid2bewoelkt%252Ctid3bewoelkt%252Ctid4na%252Czhd1regen%252Czhd2regen%252Czhd3na%252Czhd4regen%252Cged1regen%252Cged2regen%252Cged3na%252Cged4na%252C%26forecast_temp%3Dgrd1kalt%252Cgrd2winterreifen%252Cgrd3winterreifen%252Cgrd4kalt%252Csmd1winterlich%252Csmd2winterlich%252Csmd3winterlich%252Csmd4winterlich%252Cbsd1kalt%252Cbsd2kalt%252Cbsd3kalt%252Cbsd4kalt%252Clud1kalt%252Clud2kalt%252Clud3kalt%252Clud4kalt%252Cvsd1kalt%252Cvsd2winterreifen%252Cvsd3kalt%252Cvsd4kalt%252Cbed1kalt%252Cbed2kalt%252Cbed3kalt%252Cbed4kalt%252Ctid1mittel%252Ctid2mittel%252Ctid3mittel%252Ctid4mittel%252Czhd1kalt%252Czhd2kalt%252Czhd3kalt%252Czhd4kalt%252Cged1kalt%252Cged2kalt%252Cged3kalt%252Cged4kalt%252C&cookie_enabled=1&bc=23&abxe=1&lmt=1600950710&dt=1600950710273&dlt=1600950708912&idt=888&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C-12245933%2C-12245933&adys=-12245933%2C-12245933%2C-12245933&adks=3448966297%2C3024447463%2C767570071&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F5.187.56.63%2F&dssz=76&icsg=4503565327029260&mso=4194304&std=0&vis=1&scr_x=0&scr_y=0&psz=994x0%7C0x-1%7C0x-1&msz=728x90%7C160x-1%7C160x-1&ga_vid=1517168362.1600950710&ga_sid=1600950710&ga_hid=85062630&ga_fc=true&fws=128%2C640%2C640&ohw=0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

9cc13e93c7fbc4803e8ae73f94de9ce2277bd127d0c37ffeb5cee65d1d347319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6844
x-xss-protection: 0
google-lineitem-id: 5482119049,5482119049,5482119049
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138321150286,138320677586,138320682581
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://5.187.56.63
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
eab1a9882a5cb9a3b6d29ce9f5bcf179.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 73ms
39ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eab1a9882a5cb9a3b6d29ce9f5bcf179.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
861 B 102ms
48ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tdn.da-services.ch
URL: https://tdn.da-services.ch/libs/prebid3.6.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:50 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.237:80
AN-X-Request-Uuid: 5710dc21-6d02-4b2f-97c3-983ca159bf11
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://5.187.56.63
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 AdContent Show response
content.videostep.com/ 2 KB
1 KB 247ms
182ms Script
application/x-javascript 216.59.56.193
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.videostep.com/AdContent?location=http%3A%2F%2F5.187.56.63%2F&vId=5a9cp0m0&width=1600&height=1200&blk=&noc=true&oi=0&lnkBrk=&kw=Magazine%2C%C3%A9conomique%2Cde%2Cr%C3%A9f%C3%A9rence%2Cen%2CSuisse%2Cactualit%C3%A9s%2Canalyses%2Copinions%2CSuivez%2Cl%27actu%2Cfinanci%C3%A8re%2Cdes%2Centreprises%2Csuisses%2Cet%2Cinternationales%2CBilan%2CLa%2Csuisse%2Cl%27%C3%A9conomie%2Cfinance%2Cimmobilier&aci=divIvbsNative&reqAdCat=2&integType=0&purposes=false%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse%2Cfalse&advs=0&callback=invibes.cb_4rsoju44
Requested by: Host: k.r66net.com
URL: http://k.r66net.com/GetNativeLink
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.193 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: / ASP.NET
Resource Hash: ee5f6c1ce22ad6bf9485f79f68d83d8c0751b2359bca13d344656e0b9ceb7723

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:49 GMT
content-encoding: gzip
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: private
content-length: 931

GET
H2 200 PvPixel
s.videostep.com/Stat/ 95 B
134 B 137ms
134ms Image
image/png 216.59.56.23
TUT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.videostep.com/Stat/PvPixel?location=http%3A%2F%2F5.187.56.63%2F&additionalInfo=5a9cp0m0%7C0%7C
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.23 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:49 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/png
status: 200
cache-control: private
content-length: 95

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 280B 0
0 61ms
60ms Fetch
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssqOBrR2QBpRoTh-idmFovEteIpwK4Tlb8KjyUC8m_QZ9jsFeDKrEOTgLwZ6KbwJGXSqUwNpXAxCJk6zoyedRXYJCr1t72GrQfW7ZVKzk_TGOePYO-8kGLgbdaFIXeRf5N1ZXHA8pV1WgAG0Ck7Nay8LPg7g2RF8gP321p3XPul69W5yb-RVPdFq5CebsiZBcLYy3RmkNI01_JS3CFVsndSpCTNH6WBsew4GRyIMrRI3yxAY3CxLvPDgbwxAQ3zfz5F5qMIewsME19PGshjrIOCO3Xfd7yKLCYdFA53Qw&sig=Cg0ArKJSzCw1Ey8HMOz_EAE&urlfix=1&adurl=

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Sep 2020 12:31:50 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 280B 5 KB
3 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8fd065d4e741b6c3f6613ac8817621fece035736d71a677dde931360f130930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:21:08 GMT
server: sffe
age: 1464
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2479
x-xss-protection: 0
expires: Thu, 24 Sep 2020 13:07:26 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/478291/47859056/ Frame 280B 45 KB
13 KB 140ms
64ms Script
application/javascript 63.34.216.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/478291/47859056/skeleton.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.216.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-216-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e83370bfc68363362fcf20cc6cc7500d33619a84d03ef235f757bfc6838c4a81

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 12:31:50 GMT
content-encoding: gzip
x-server-name: app31.ie.303net.net
status: 200
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 280B 75 KB
28 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b317742277d72c28cb24020d61cc7daecd4e51e48a68a16440d26bf1a008a129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600860702447659"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28928
x-xss-protection: 0
expires: Thu, 24 Sep 2020 12:31:50 GMT

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 7768 0
0 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://5.187.56.63/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://5.187.56.63/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Thu, 24 Sep 2020 12:13:39 GMT
expires: Fri, 24 Sep 2021 12:13:39 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1091
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 92D6 0
0 6ms
5ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://5.187.56.63/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://5.187.56.63/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Thu, 24 Sep 2020 12:13:39 GMT
expires: Fri, 24 Sep 2021 12:13:39 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1091
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3b142f2fc1b181088ebc5bd873a725bba5e4ea24b20874e7880b163f778765e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600860702447659"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27610
x-xss-protection: 0
expires: Thu, 24 Sep 2020 12:31:50 GMT

GET
H3-Q050 200 impl_v63.js Show response
www.googletagservices.com/dcm/ Frame 280B 30 KB
13 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v63.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62756d2616e4156e7f6a5524b5a6d8f64193e85f5d3b88be33cf8fe8a728d2bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 19:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Sep 2020 14:13:03 GMT
server: sffe
age: 62717
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12833
x-xss-protection: 0
expires: Thu, 23 Sep 2021 19:06:33 GMT

GET
H2 200 B24500238.280067600;dc_ver=63.176;sz=994x250;u_sd=1;dc_adk=2754632606;ord=w8epe2;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssjrAVxx_MpkqxeWu_UGCgkxsAFdIuiZcZ8M4NwXmiH... Show response
ad.doubleclick.net/ddm/adj/N449.2806608TAMEDIA/ Frame 280B 34 KB
15 KB 131ms
75ms Script
text/javascript 216.58.208.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N449.2806608TAMEDIA/B24500238.280067600;dc_ver=63.176;sz=994x250;u_sd=1;dc_adk=2754632606;ord=w8epe2;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssjrAVxx_MpkqxeWu_UGCgkxsAFdIuiZcZ8M4NwXmiH3R9uS9QEmV0Ojnc4ReydTSWafdnjjmoDQEoTQgut7V-_le_xM6mqDloiBOeBdNeMZvv55jyODqp4VCQCzwm3_MO8YuZ55zjUV7-GhqHOkF55OG0vubfiCDKpBhtuhA4ig8blgIXRfknHoI-BstFhCt18akcY7JwCwuAitfcT3E1s2q5j3nMQVeK4wodfE62PRlo01o0vDWlf7B0pgDKPuzE7FwAtjXc_OCFefuJNtLCgrtdub5Tkbw%26sig%3DCg0ArKJSzJZaEyaM4JKfEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,http%3A%2F%2F5.187.56.63%2F$0;xdt=0;crlt=4NtGKzxsDA;cmpl=4;sttr=19;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v63.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f38.1e100.net

Software

cafe /

Resource Hash

c4553b6ec30852a570f5b94ee550bffd3d3fea8080c28d4409a1036be26006ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 12:31:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15062
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_270.js Show response
s0.2mdn.net/879366/ Frame 280B 111 KB
38 KB 27ms
12ms Script
text/javascript 2a00:1450:4001:819::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_270.js

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f43d9041767ad4e3a5e6eea59eee3bedea16e48cdae144e80054b4d22c39243

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://5.187.56.63
Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 13:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83837
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38898
x-xss-protection: 0
last-modified: Mon, 06 Jul 2020 16:59:21 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Sep 2020 13:14:33 GMT

GET
H3-Q050 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20200922/r20110914/elements/html/ Frame 280B 6 KB
3 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200922/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N449.2806608TAMEDIA/B24500238.280067600;dc_ver=63.176;sz=994x250;u_sd=1;dc_adk=2754632606;ord=w8epe2;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssjrAVxx_MpkqxeWu_UGCgkxsAFdIuiZcZ8M4NwXmiH3R9uS9QEmV0Ojnc4ReydTSWafdnjjmoDQEoTQgut7V-_le_xM6mqDloiBOeBdNeMZvv55jyODqp4VCQCzwm3_MO8YuZ55zjUV7-GhqHOkF55OG0vubfiCDKpBhtuhA4ig8blgIXRfknHoI-BstFhCt18akcY7JwCwuAitfcT3E1s2q5j3nMQVeK4wodfE62PRlo01o0vDWlf7B0pgDKPuzE7FwAtjXc_OCFefuJNtLCgrtdub5Tkbw%26sig%3DCg0ArKJSzJZaEyaM4JKfEAE%26urlfix%3D1%26adurl%3D;dc_rfl=1,http%3A%2F%2F5.187.56.63%2F$0;xdt=0;crlt=4NtGKzxsDA;cmpl=4;sttr=19;prcl=s

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 23 Sep 2020 22:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50563
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 2649
x-xss-protection: 0
server: cafe
etag: 804181672847865866
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Oct 2020 22:29:07 GMT

GET
H/1.1 200
OK UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 280B 41 KB
15 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:01:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Mar 2020 20:15:00 GMT
Server: sffe
Age: 1804
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 15207
X-XSS-Protection: 0
Expires: Fri, 24 Sep 2021 12:01:46 GMT

GET
H2 200 main.gr.19.8.130.js Show response
static.adsafeprotected.com/ Frame 280B 175 KB
56 KB 19ms
8ms Script
application/javascript 2600:9000:214f:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.130.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/478291/47859056/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0191d915c103f60435b09b2db123d75448172ba345544a00526512459b4e82fd

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 16:04:06 GMT
content-encoding: gzip
age: 678465
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Wed, 16 Sep 2020 15:48:14 GMT
server: AmazonS3
etag: W/"a0f0bc329cea96757043c103a1d0d10e"
vary: Accept-Encoding
x-amz-version-id: A1DeedaP8jSgF8f.g4SHuVRoa.bJWfow
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: KG7aqtIVDHlkIJOjbRL4NrOOICdamptOqDRHx-v2wU8Z9KJ9AntDVw==

GET
H/1.1 200
OK /
5.187.56.63/ Frame 280B 64 KB
64 KB 61ms
60ms Image
text/html 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:50 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 12:31:48 GMT
Server: nginx/1.4.6 (Ubuntu)
Transfer-Encoding: chunked
X-Header: Boost HelÃ¡s Avril 1.0
Content-Type: text/html; charset=utf-8
Cache-Control: must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Tue, 13 Jun 1977 03:45:00 GMT

GET
DATA 200
OK truncated
/ Frame 280B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23697aa86682aa6e8dda8bb7945e997c2c3ae2441c799f86fe2e2aa40f9f6841

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK jload Show response
pixel.adsafeprotected.com/ Frame 5D01 46 KB
14 KB 74ms
59ms Script
application/javascript 63.34.216.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://pixel.adsafeprotected.com/jload?anId=930546&campId=994x250&pubId=4554380394&chanId=21611370443&placementId=5482119049&pubCreative=138321150286&pubOrder=2734869073&cb=41742337&adsafe_par&impId=eb20f5e9-fe61-11ea-b058-02c790015d1e
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 63.34.216.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-216-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f1d475ee87cb4b007c1d34471cc379c29e634650f5bde0b3f2165fc7742d1089

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:50 GMT
Content-Encoding: gzip
X-Server-Name: app29.ie.303net.net
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: pixel.adsafeprotected.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Server: nginx
Expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1211 0
0 8ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: tpc.googlesyndication.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://5.187.56.63/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://5.187.56.63/

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Timing-Allow-Origin: *
Content-Length: 8395
Date: Thu, 24 Sep 2020 12:25:01 GMT
Expires: Fri, 24 Sep 2021 12:25:01 GMT
Last-Modified: Tue, 03 Mar 2020 20:15:00 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 409

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 280B
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/478291/47859056/skeleton.js?adsafe_url=http%3A%2F%2F5.187.56.63%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:ed466e64-7066-2404-d41a-93ac75a13e7f,c:peuIzv,sl:inVi...
https://static.adsafeprotected.com/skeleton.js

17 B
464 B

55ms
5ms

Script
application/javascript

2600:9000:214f:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 31 Aug 2020 05:55:19 GMT
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
age: 2097392
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: mgX1KW-mPTLwH8EdiEgdIQUlgMDqJLba-m6chC7_6lv2K_WWmpQBag==

Redirect headers

pragma: no-cache
date: Thu, 24 Sep 2020 12:31:50 GMT
x-server-name: app15.ie.303net.net
status: 302
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 502B 81 KB
22 KB 51ms
49ms Script
application/javascript 2600:9000:214f:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:42:12 GMT
content-encoding: gzip
age: 2346578
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: oyJlkToSMF-NzvELapBdWCt9T_V7fTWOKLsrMq1CKyNijHQOo7wsIg==

GET
H/1.1 200
OK rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 280B 104 KB
32 KB 102ms
38ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_270.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ddc9ce690246540a10ee696070a11a6b651b0ef0f20fcdc3d44982dd31be10c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1600860714632814"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 32164
X-XSS-Protection: 0
Expires: Thu, 24 Sep 2020 12:31:50 GMT

GET
H3-Q050 200 index.html
s0.2mdn.net/8203429/1600336020194/EDR_Chai_994x250_17Sept/ Frame 3CA6 0
0 55ms
35ms Document
text/html 2a00:1450:4001:819::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8203429/1600336020194/EDR_Chai_994x250_17Sept/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_270.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /8203429/1600336020194/EDR_Chai_994x250_17Sept/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://5.187.56.63/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://5.187.56.63/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
content-length: 1882
date: Thu, 24 Sep 2020 03:36:03 GMT
expires: Fri, 25 Sep 2020 03:36:03 GMT
last-modified: Thu, 17 Sep 2020 09:47:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 32147
cache-control: public, max-age=86400
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 280B 0
54 B 80ms
58ms Other
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst7j2xRpYFMvCzYzQLKj1D_kafO5pOX-XM0iaBHac8a3ibjIi6YDaq5fdlrRieN3vkHL73Fr_Gpozwazle5KfshXeEMX2DslAp0FHBfquuhqnCPOWisPr0I-3YuvLVmZ2wHhzWaLLn7aA&sig=Cg0ArKJSzCx22RyewswfEAE&urlfix=1&omid=0&rm=1&ctpt=176&cbvp=1&cstd=172&cisv=r20200922.30091&adurl=

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 24 Sep 2020 12:31:50 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 /
log.pinterest.com/ 0
333 B 197ms
115ms Image
text/plain 151.101.36.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=u0RF6Xvuz11R&tv=2020091502&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=http%3A%2F%2F5.187.56.63%2F&viaSrc=canonical
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.36.84 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:50 GMT
via: 1.1 varnish
x-cache: MISS
status: 200
x-envoy-upstream-service-time: 3
x-cache-hits: 0
content-length: 0
x-served-by: cache-ams21055-AMS
pragma: no-cache
server: envoy
x-timer: S1600950711.890504,VS0,VE92
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid: 5398746873061588
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 517ms
163ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=478291&asId=ed466e64-7066-2404-d41a-93ac75a13e7f&tv={c:peuIB5,pingTime:-2,time:198,type:a,im:{sf:0,pom:1,prf:{bdA:3,bdZ:144,beA:201,beZ:202,mfA:280,cmA:282,inA:282,inZ:287,prA:287,prZ:294,si:301,poA:302,poZ:317,cmZ:317,mfZ:317,loA:386,loZ:388,ltA:397,ltZ:397}},sca:{dfp:{df:3,sz:994.250,dom:div}},env:{gca:true,cca:false,gca2:false},clog:[{piv:100,vs:i,r:,w:994,h:250,t:100}],es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:{i:198,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:100,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[113~100],as:[113~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:sbvA1Mx+11|12|13|14*.478291-47859056|141|142|15.478291-47859058|151|152|161|162|163|17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn,slid:[google_ads_iframe_46753895/fr-bilan.ch/inside-full-top/front_0,google_ads_iframe_46753895/fr-bilan.ch/inside-full-top/front_0__container__,tatm-bilan_test_wideboard,bilan_test_wideboard,block-block-19,page-inner,page],sinceFw:95,readyFired:true}&br=u
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:51 GMT
X-Server-Name: dt22sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK main.gr.19.8.130.js Show response
static.adsafeprotected.com/ Frame 5D01 175 KB
56 KB 61ms
6ms Script
application/javascript 2600:9000:214f:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://static.adsafeprotected.com/main.gr.19.8.130.js
Requested by: Host: pixel.adsafeprotected.com
URL: http://pixel.adsafeprotected.com/jload?anId=930546&campId=994x250&pubId=4554380394&chanId=21611370443&placementId=5482119049&pubCreative=138321150286&pubOrder=2734869073&cb=41742337&adsafe_par&impId=eb20f5e9-fe61-11ea-b058-02c790015d1e
Protocol: HTTP/1.1
Server: 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0191d915c103f60435b09b2db123d75448172ba345544a00526512459b4e82fd

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Sep 2020 16:04:06 GMT
Content-Encoding: gzip
Age: 678465
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Wed, 16 Sep 2020 15:48:14 GMT
Server: AmazonS3
ETag: W/"a0f0bc329cea96757043c103a1d0d10e"
Vary: Accept-Encoding
x-amz-version-id: A1DeedaP8jSgF8f.g4SHuVRoa.bJWfow
Via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
Cache-Control: max-age=315360000
X-Amz-Cf-Pop: FRA53-C1
Content-Type: application/javascript
X-Amz-Cf-Id: adxX7mCk58l_wmVUOn2ybvFIUi1aPd-_U5XxDmd7tk2YcBYkRuJk1g==

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 280B 0
50 B 73ms
73ms Other
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Thu, 24 Sep 2020 12:31:51 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 280B 0
44 B 69ms
69ms Image
image/gif 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk0TUkRpSQ1VKqwgqV2KkdDiEuXEg61JUv2DAoKj2l0mGgFCHCTH4d3bkyMVmAwJIZyffc0hyykPJ5Bm9j9etw5Sv7sppThWoJZ84i3vMgrHlX9UJPe47tngR5jlAa1CXMElhKeRHqrI2A4hJafh42ucLa31jrVvUpm9nWeiUgQj-ZsZEkpwwjdtax2k5JtdXJ2cOi_MzL40VzZOfrqhbk9GfO70jIlOO_LOinmNIE1O6TXcZqaiNCcDBZe9Lo0Yf2o1peFnTufWFrdJ4i7XzV0Amsdv9Cub4cxn0gx7kt&sig=Cg0ArKJSzLnP3_-kARUMEAE&urlfix=1&adurl=

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Sep 2020 12:31:51 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK /
5.187.56.63/ 64 KB
64 KB 60ms
59ms Image
text/html 5.187.56.63
CORTEX-IT-AS http...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://5.187.56.63/
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 5.187.56.63 , Switzerland, ASN199092 (CORTEX-IT-AS http://www.cortex-it.ch, CH),
Reverse DNS: 63-56-187-5.static.braincloud.ch
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 12:31:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 12:31:48 GMT
Server: nginx/1.4.6 (Ubuntu)
Transfer-Encoding: chunked
X-Header: Boost HelÃ¡s Avril 1.0
Content-Type: text/html; charset=utf-8
Cache-Control: must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Tue, 13 Jun 1977 03:45:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 7 KB
3 KB 69ms
69ms XHR
text/plain 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3828981398586068&correlator=1191216362819075&output=ldjh&impl=fifs&adsid=NT&eid=21067119%2C21066466%2C21067118%2C21067517%2C21066904%2C21067199%2C21067022&vrg=2020091601&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200924&iu_parts=46753895%2Cfr-bilan.ch%2Cinside-full-pos1%2Cfront&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50%7C300x250%7C300x600%7C320x50%7C320x64%7C320x160%7C320x416%7C336x280%7C728x90%7C960x800%7C970x250%7C994x118%7C994x250%7C1x1&fluid=height&fsbs=1&prev_scp=id%3Deb20f5f1-fe61-11ea-b058-02c790015d1e%26vw%3D40%252C50%252C60%26grm%3D40%252C50%252C60%252C70&eri=1&cust_params=pagetype%3Doverview%26orientation%3Dlandscape%26viewportwidth%3D1600%26viewportheight%3D1200%26screendensity%3D1%26weather_temp%3Dmittel%26weather%3Dregen%26weather_cluster%3Dregen%26forecast_weather%3Dgrd1bewoelkt%252Cgrd2bewoelkt%252Cgrd3bewoelkt%252Cgrd4na%252Csmd1na%252Csmd2bewoelkt%252Csmd3bewoelkt%252Csmd4bewoelkt%252Cbsd1regen%252Cbsd2regen%252Cbsd3sonnig%252Cbsd4regen%252Clud1regen%252Clud2regen%252Clud3bewoelkt%252Clud4regen%252Cvsd1bewoelkt%252Cvsd2bewoelkt%252Cvsd3na%252Cvsd4regen%252Cbed1regen%252Cbed2regen%252Cbed3sonnig%252Cbed4regen%252Ctid1regen%252Ctid2bewoelkt%252Ctid3bewoelkt%252Ctid4na%252Czhd1regen%252Czhd2regen%252Czhd3na%252Czhd4regen%252Cged1regen%252Cged2regen%252Cged3na%252Cged4na%252C%26forecast_temp%3Dgrd1kalt%252Cgrd2winterreifen%252Cgrd3winterreifen%252Cgrd4kalt%252Csmd1winterlich%252Csmd2winterlich%252Csmd3winterlich%252Csmd4winterlich%252Cbsd1kalt%252Cbsd2kalt%252Cbsd3kalt%252Cbsd4kalt%252Clud1kalt%252Clud2kalt%252Clud3kalt%252Clud4kalt%252Cvsd1kalt%252Cvsd2winterreifen%252Cvsd3kalt%252Cvsd4kalt%252Cbed1kalt%252Cbed2kalt%252Cbed3kalt%252Cbed4kalt%252Ctid1mittel%252Ctid2mittel%252Ctid3mittel%252Ctid4mittel%252Czhd1kalt%252Czhd2kalt%252Czhd3kalt%252Czhd4kalt%252Cged1kalt%252Cged2kalt%252Cged3kalt%252Cged4kalt%252C&cookie_enabled=1&bc=23&abxe=1&lmt=1600950711&dt=1600950711058&dlt=1600950708912&idt=888&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=161325084&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F5.187.56.63%2F&dssz=78&icsg=4503462425941004&mso=4194304&std=0&vis=1&scr_x=0&scr_y=0&psz=994x0&msz=300x250&psts=AGkb-H-gB1ick4XQri3vLCqsHKaN8oJUpNFh9nR_Ybok3MvZMHCApsGxPtCIhUVp3eov_jmY3jLREi9lzFuIWf50x7L1nKTLobwDa0ai%2CAGkb-H9drShBAUUt0EjG5-pmOu8oIWnSxIyCMZOqGJiQTQOm7hqeHFyn4UyrWxNooT4NVtRA0d6itLMS1RfuwFZkQQX_Bm-tUCj0bK96%2CAGkb-H8b-0wSrlRh90M73PVu-ZmvxLNIL-sWY5vE0IS367LzFU14feCE3vb3LdiLWtDMLV0gOb5ISFQRvRnxnq4kiM5k3LL68h9KTLzk&ga_vid=1517168362.1600950710&ga_sid=1600950710&ga_hid=85062630&ga_fc=true&fws=128&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

b03d7778dd9333a352fafb92833648437f069d7e9eedaede33946575e8cd2204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3460
x-xss-protection: 0
google-lineitem-id: 5482119049
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138320712989
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://5.187.56.63
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame 1C29 81 KB
22 KB 13ms
13ms Script
application/javascript 2600:9000:214f:b200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 2600:9000:214f:b200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 28 Aug 2020 08:42:12 GMT
Content-Encoding: gzip
Age: 2346579
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Last-Modified: Mon, 13 Jan 2020 23:54:54 GMT
Server: AmazonS3
ETag: W/"e456dd0e5be3c2494dd734db6c5b965c"
Vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
Via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
Cache-Control: max-age=315360000
X-Amz-Cf-Pop: FRA53-C1
Content-Type: application/javascript
X-Amz-Cf-Id: -qWlIiCv2FH5z72JliEsyX6mCHrnKwM-133Ny0S8B4MXCYNufRIf-g==

GET
H/1.1 200
OK mon
pixel.adsafeprotected.com/ 43 B
305 B 41ms
40ms Image
image/gif 63.34.216.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pixel.adsafeprotected.com/mon?anId=930546&campId=994x250&pubId=4554380394&chanId=21611370443&placementId=5482119049&pubCreative=138321150286&pubOrder=2734869073&cb=41742337&adsafe_par&impId=eb20f5e9-fe61-11ea-b058-02c790015d1e&adsafe_url=http%3A%2F%2F5.187.56.63%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:3d669e54-cc4e-3fee-a045-2f59d921b6db,c:peuIG1,sl:inView,em:true,fr:true,mn:app29ie,pt:1-5-15,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:sbvA1PK+11|12|13|14*.930546|141|142|143|144|151|1521|153|154|155|156|161|162|163|164|165|17,idMap:14*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:306,oid:eb9e3c2b-fe61-11ea-9cd5-0ae27972a930,v:19.8.130,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 63.34.216.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-216-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:51 GMT
X-Server-Name: app12.ie.303net.net
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 324ms
310ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=930546&asId=3d669e54-cc4e-3fee-a045-2f59d921b6db&tv={c:peuIG3,pingTime:-8,time:307,type:l,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:307,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:305,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[18~100],as:[18~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sbvA1PK+11|12|13|14*.930546|141|142|143|144|151|1521|153|154|155|156|161|162|163|164|165|17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn}&br=u
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:51 GMT
X-Server-Name: dt23sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
62 B 7ms
6ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?xyzNoCache=bcvz4bv5

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 07:27:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18237
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 391ms
164ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=478291&asId=ed466e64-7066-2404-d41a-93ac75a13e7f&tv={c:peuIGk,pingTime:-2.1,time:523,type:a,clog:[{piv:100,vs:i,r:,w:994,h:250,t:100}],es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:{i:523,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:100,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[438~100],as:[438~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:sbvA1Mr+11|12|13|14*.478291-47859056|141|142|15.478291-47859058|151|152|16.478291-47859058|161|162|163|17,idMap:14.3d669e54-cc4e-3fee-a045-2f59d921b6db.26_930546|14*,rmeas:1,rend:1,renddet:DIV.qs.sn,slid:[google_ads_iframe_46753895/fr-bilan.ch/inside-full-top/front_0,google_ads_iframe_46753895/fr-bilan.ch/inside-full-top/front_0__container__,tatm-bilan_test_wideboard,bilan_test_wideboard,block-block-19,page-inner,page],sinceFw:95,readyFired:true}&br=u
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:51 GMT
X-Server-Name: dt55sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 325ms
311ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=930546&asId=3d669e54-cc4e-3fee-a045-2f59d921b6db&tv={c:peuIGq,pingTime:0,time:330,type:pf,clog:[{piv:100,vs:i,r:,w:994,h:250,t:305}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:330,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:305,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[41~100],as:[41~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sbvA1Mr+11|12|13|14*.930546|141|142|143|144|151|1521|153|154|155|156|16.478291-47859058|161|162|163|164|165|17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn}&br=u
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:51 GMT
X-Server-Name: dt33sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 451ms
168ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=478291&asId=ed466e64-7066-2404-d41a-93ac75a13e7f&tv={c:peuIHr,pingTime:-10,time:592,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000002002222000022220200000222220222020002222022002222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000002220002220000022200202202220022000200222022200200022202220020222222000220000222202222202222000002002002222222222220022202200222002220202202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDEyfHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTEyMHx8TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgzLjAuNDEwMy42MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1600950711172||9c693559890dcc649217deb315916ac0||71ff54ebddb1e090fbf173d96e2342c8||4feed137a4c1e023259ff85551c468db||c6decdb10ae130fa1678da5f21beccdf||27307b0e33f44524ab44e672b1e2f61c||c2f8a36ecf4e695c56d0568dc972cae8||076d7e20703eb7f3b18a6f9e77ac36c9||1576000828}
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:51 GMT
X-Server-Name: dt55sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 327ms
313ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=930546&asId=3d669e54-cc4e-3fee-a045-2f59d921b6db&tv={c:peuIHF,pingTime:-2,time:407,type:a,im:{sf:0,pom:1,prf:{beA:188,beZ:189,mfA:473,cmA:474,inA:474,inZ:478,prA:478,prZ:487,si:494,poA:495,poZ:505,cmZ:505,mfZ:505,loA:520,loZ:522,ltA:595,ltZ:595}},sca:{dfp:{df:3,sz:994.250,dom:div}},env:{gca:true,cca:false,gca2:false},clog:[{piv:100,vs:i,r:,w:994,h:250,t:305}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:407,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:305,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[119~100],as:[119~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sbvA1Mr+11|12|13|14*.930546|141|142|143|144|151|1521|153|154|155|156|16.478291-47859058|161|162|163|164|165|17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn,slid:[google_ads_iframe_46753895/fr-bilan.ch/inside-full-top/front_0,google_ads_iframe_46753895/fr-bilan.ch/inside-full-top/front_0__container__,tatm-bilan_test_wideboard,bilan_test_wideboard,block-block-19,page-inner,page],sinceFw:100,readyFired:true}&br=u
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:51 GMT
X-Server-Name: dt44sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 326ms
312ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=930546&asId=3d669e54-cc4e-3fee-a045-2f59d921b6db&tv={c:peuIIo,time:452,type:e,env:{ar:self.0},es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:452,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:305,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[163~100],as:[163~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sbvA1Mr+11|12|13|14*.930546|141|142|143|144|151|1521|153|154|155|156|16.478291-47859058|161|162|163|164|165|17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn}&br=u
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:51 GMT
X-Server-Name: dt10sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 163ms
162ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=478291&asId=ed466e64-7066-2404-d41a-93ac75a13e7f&tv={c:peuIR2,pingTime:1,time:1187,type:p,clog:[{piv:100,vs:i,r:,w:994,h:250,t:100}],es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:{i:1187,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:100,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1102~100],as:[1102~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:456,fm:sbvA1Mr+11|12|13|14*.478291-47859056|141|142|15.478291-47859058|151|152|16.478291-47859058|161|162|163|17,idMap:14.3d669e54-cc4e-3fee-a045-2f59d921b6db.26_930546|14*,rmeas:1,rend:1,renddet:DIV.qs.sn}&br=u
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:51 GMT
X-Server-Name: dt55sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 164ms
163ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=478291&asId=ed466e64-7066-2404-d41a-93ac75a13e7f&tv={c:peuIR3,pingTime:1,time:1188,type:pf,clog:[{piv:100,vs:i,r:,w:994,h:250,t:100}],es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:{i:1188,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:100,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1103~100],as:[1103~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:456,fm:sbvA1Mr+11|12|13|14*.478291-47859056|141|142|15.478291-47859058|151|152|16.478291-47859058|161|162|163|17,idMap:14.3d669e54-cc4e-3fee-a045-2f59d921b6db.26_930546|14*,rmeas:1,rend:1,renddet:DIV.qs.sn}&br=u
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:51 GMT
X-Server-Name: dt06sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 170ms
168ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=930546&asId=3d669e54-cc4e-3fee-a045-2f59d921b6db&tv={c:peuITv,pingTime:-10,time:1141,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000002002222000022220200000222220222020002222022002222202002220222022222022222000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000002220002220000022200202202220022000200222022200200022202220020222222000220000222202222202222000002002002222222222220022202200222002220202202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDEyfHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTEyMHx8TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgzLjAuNDEwMy42MSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1600950711172||9c693559890dcc649217deb315916ac0||71ff54ebddb1e090fbf173d96e2342c8||4feed137a4c1e023259ff85551c468db||c6decdb10ae130fa1678da5f21beccdf||27307b0e33f44524ab44e672b1e2f61c||c2f8a36ecf4e695c56d0568dc972cae8||076d7e20703eb7f3b18a6f9e77ac36c9||1576000828,sca:{spg:ed466e64-7066-2404-d41a-93ac75a13e7f}}
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:52 GMT
X-Server-Name: dt10sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 280B 42 B
65 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhCb3Xhm4HrKCFXJlHwd6N0UeO8bXNHirfxhpVdQ2sYd43OrGrYT2SwXWjUdW7kxs97wDdfVc7hkg2TwfbTEHvIg&sig=Cg0ArKJSzFAK4EpvBrw0EAE&id=lidar2&mcvt=1000&p=187,303,437,1297&mtos=1000,1000,1000,1000,1078&tos=1000,0,0,0,78&v=20200923&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=34&adk=2754632606&rs=6&met=mue&la=1&cr=0&osd=0&r=v

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 12:31:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 165ms
164ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=930546&asId=3d669e54-cc4e-3fee-a045-2f59d921b6db&tv={c:peuIWA,pingTime:1,time:1332,type:p,clog:[{piv:100,vs:i,r:,w:994,h:250,t:305}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1332,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:305,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1043~100],as:[1043~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:173,fm:sbvA1Mr+11|12|13|14*.930546|141|142|143|144|151|1521|153|154|155|156|16.478291-47859058|161|162|163|164|165|17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn}&br=u
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:52 GMT
X-Server-Name: dt10sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 165ms
164ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=930546&asId=3d669e54-cc4e-3fee-a045-2f59d921b6db&tv={c:peuIWA,pingTime:1,time:1332,type:c,clog:[{piv:100,vs:i,r:,w:994,h:250,t:305}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1332,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:305,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1043~100],as:[1043~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:173,fm:sbvA1Mr+11|12|13|14*.930546|141|142|143|144|151|1521|153|154|155|156|16.478291-47859058|161|162|163|164|165|17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t}&br=u
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:52 GMT
X-Server-Name: dt44sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 163ms
163ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=930546&asId=3d669e54-cc4e-3fee-a045-2f59d921b6db&tv={c:peuIWB,pingTime:1,time:1333,type:c,clog:[{piv:100,vs:i,r:,w:994,h:250,t:305}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:1333,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:305,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[1044~100],as:[1044~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:173,fm:sbvA1Mr+11|12|13|14*.930546|141|142|143|144|151|1521|153|154|155|156|16.478291-47859058|161|162|163|164|165|17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t}&br=u
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:52 GMT
X-Server-Name: dt33sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 280B 42 B
93 B 39ms
39ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCfW7LKtzsM6zohMbfXaD49MaE0P1oKTOJxOq-XvjlSItvHTfNPZBqnMjyyg79B11SFCVh0QlKNmpnzKIRsD4Ht2zwAddo1IzZGEDQppQ&sig=Cg0ArKJSzJRMFAQIsP6NEAE&adk=3448966297&tt=-1&bs=1600%2C1200&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&p=187,303,437,1297&rxlist=1&mcvt=1009&rs=3&ht=0&tfs=526&tls=1535&mc=1&lte=-1&bas=0&bac=0&met=mue&la=1&avms=nio&niot_obs=394&niot_cbk=419&md=2&btr=0&cpmav=0&lm=2&rst=1600950710405&dlt&rpt=202&isd=0&msd=0&xdi=0&ps=1600%2C7725&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-7-11-11-0-0-0&tvt=1529&is=994%2C250&iframe_loc=http%3A%2F%2F5.187.56.63%2F&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200923

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 12:31:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
pixel.adsafeprotected.com/ 43 B
216 B 45ms
45ms Image
image/gif 63.34.216.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/?xyzNoCache=5zgrtw7z
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.216.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-216-240.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 12:31:52 GMT
x-server-name: app16.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
status: 200
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 1x1.gif
bvt.r66net.com/ 35 B
180 B 32ms
23ms Image
image/gif 68.232.35.125
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bvt.r66net.com/1x1.gif?xyzNoCache=b21zoo0j
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.125 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A3) /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:53 GMT
last-modified: Mon, 05 Mar 2018 14:39:54 GMT
server: ECS (fcn/41A3)
age: 517796
etag: "5a9d56ba-23"
status: 200
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800, public, no-transform
accept-ranges: bytes
content-length: 35
expires: Thu, 01 Oct 2020 12:31:53 GMT

GET
H2 200 1x1.gif
box.r66net.com/ 35 B
159 B 25ms
23ms Image
image/gif 68.232.35.125
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://box.r66net.com/1x1.gif?xyzNoCache=92dcliem
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.125 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A3) /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:54 GMT
last-modified: Mon, 05 Mar 2018 14:39:43 GMT
server: ECS (fcn/41A3)
age: 277597
etag: "5a9d56af-23"
status: 200
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800, public, no-transform
accept-ranges: bytes
content-length: 35
expires: Thu, 01 Oct 2020 12:31:54 GMT

GET
H2 200 1x1.gif
video.r66net.com/ 35 B
227 B 87ms
19ms Image
image/gif 68.232.34.60
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.r66net.com/1x1.gif?xyzNoCache=637vm1l6
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.34.60 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (pab/6EC8) /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:31:55 GMT
last-modified: Mon, 05 Mar 2018 14:30:33 GMT
server: ECAcc (pab/6EC8)
age: 1681830
etag: "5a9d5489-23"
x-cache: HIT
content-type: image/gif
status: 200
cache-control: max-age=2592000, public, no-transform
accept-ranges: bytes
content-length: 35
expires: Sat, 24 Oct 2020 12:31:55 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 164ms
163ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=478291&asId=ed466e64-7066-2404-d41a-93ac75a13e7f&tv={c:peuJTy,pingTime:5,time:5187,type:p,clog:[{piv:100,vs:i,r:,w:994,h:250,t:100}],es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:{i:5187,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:100,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[5102~100],as:[5102~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:167,fm:sbvA1Mr+11|12|13|14*.478291-47859056|141|142|15.478291-47859058|151|152|16.478291-47859058|161|162|163|17,idMap:14.3d669e54-cc4e-3fee-a045-2f59d921b6db.26_930546|14*,rmeas:1,rend:1,renddet:DIV.qs.sn}&br=u
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:55 GMT
X-Server-Name: dt06sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 163ms
162ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=478291&asId=ed466e64-7066-2404-d41a-93ac75a13e7f&tv={c:peuJTy,pingTime:5,time:5187,type:pf,clog:[{piv:100,vs:i,r:,w:994,h:250,t:100}],es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:{i:5187,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:100,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[5102~100],as:[5102~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:167,fm:sbvA1Mr+11|12|13|14*.478291-47859056|141|142|15.478291-47859058|151|152|16.478291-47859058|161|162|163|17,idMap:14.3d669e54-cc4e-3fee-a045-2f59d921b6db.26_930546|14*,rmeas:1,rend:1,renddet:DIV.qs.sn}&br=u
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:55 GMT
X-Server-Name: dt55sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 optout_check Show response
beacon.krxd.net/ 61 B
219 B 116ms
37ms Script
text/javascript 34.250.28.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.tamedia.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: http://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.28.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-28-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 1c54734682a022205242cec2d32d76f6d46ab39e8e1a46a0c493a6debf6cb411

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 24 Sep 2020 12:31:55 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=41 t=1600950715
content-type: text/javascript
x-served-by: beacon-n006-dub-prod.krxd.net

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 165ms
164ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=930546&asId=3d669e54-cc4e-3fee-a045-2f59d921b6db&tv={c:peuJZ5,pingTime:5,time:5331,type:p,clog:[{piv:100,vs:i,r:,w:994,h:250,t:305}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:5331,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:305,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[5042~100],as:[5042~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:168,fm:sbvA1Mr+11|12|13|14*.930546|141|142|143|144|151|1521|153|154|155|156|16.478291-47859058|161|162|163|164|165|17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn}&br=u
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: HTTP/1.1
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:31:56 GMT
X-Server-Name: dt44sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 pixel
kwebstat.videostep.com/stat/ 95 B
190 B 144ms
142ms Image
image/png 216.59.56.23
TUT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kwebstat.videostep.com/stat/pixel?xyzNoCache=78dhrvuz
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.59.56.23 , United States, ASN53334 (TUT-AS, US),
Reverse DNS: customer.ipv4.totaluptime.com
Software: / ASP.NET
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 12:31:56 GMT
x-powered-by: ASP.NET
content-type: image/png
status: 200
cache-control: no-cache, no-store, must-revalidate
content-length: 95
expires: -1

GET
H2 200 Pixel
paid.invibes.com/Redir/ 95 B
170 B 180ms
46ms Image
image/png 13.80.250.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paid.invibes.com/Redir/Pixel?xyzNoCache=7izq0o08
Requested by: Host: 5.187.56.63
URL: http://5.187.56.63/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.80.250.21 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 24 Sep 2020 12:31:57 GMT
cache-control: private
content-length: 95
content-type: image/png

GET
H2 200 dc_oe=ChMI5q2dk-aB7AIV6sARCB2NKwy0EAAYACCAz-JB;met=1;&timestamp=1600950720978;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 280B 42 B
831 B 110ms
55ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5q2dk-aB7AIV6sARCB2NKwy0EAAYACCAz-JB;met=1;&timestamp=1600950720978;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: 5.187.56.63
URL: http://5.187.56.63/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 12:32:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 event.json
zuba.prod.tda.link/v1/dakt2/ Frame 0
0 48ms
47ms Other 18.194.220.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://zuba.prod.tda.link/v1/dakt2/event.json

Protocol

Server

18.194.220.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-220-116.eu-central-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://5.187.56.63
Sec-Fetch-Mode: cors

Response headers

status: 200
server: nginx/1.17.10
date: Thu, 24 Sep 2020 12:32:04 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: http://5.187.56.63
access-control-max-age: 1728000
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 event.json Show response
zuba.prod.tda.link/v1/dakt2/ 3 B
211 B 28ms
27ms XHR
application/json 18.194.220.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://zuba.prod.tda.link/v1/dakt2/event.json

Requested by

Host: beagle.prod.tda.link
URL: https://beagle.prod.tda.link/scripts/bilan/beagle.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.220.116 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-220-116.eu-central-1.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 24 Sep 2020 12:32:04 GMT
server: nginx/1.17.10
status: 200
vary: Origin
content-type: application/json; utf-8
access-control-allow-origin: http://5.187.56.63
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 3

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020091601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a549293985247975c1f7dff29de03d9b89dd6edcc8c4062e00511c7ebdb073e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Sep 2020 12:32:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6452
x-xss-protection: 0

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 86ms
60ms XHR
text/plain 34.255.65.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://rum-collector-2.pingdom.net/img/beacon.gif?id=516c0bedabe53d3c12000000&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=1&cE=15&dLE=1&dLS=1&fS=0&hS=-1&rE=-1&rS=-1&reS=15&resS=8354&resE=8375&uEE=-1&uES=-1&dL=8357&dI=9096&dCLES=9096&dCLEE=9117&dC=23912&lES=23912&lEE=23931&s=nt&title=Bilan%20%7C%20La%20r%C3%A9f%C3%A9rence%20suisse%20de%20l%27%C3%A9conomie%2C%20finance%2C%20immobilier%2C%20entreprises&path=http%3A%2F%2F5.187.56.63%2F&ref=&sId=h36ryzrh&sST=1600950724&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: http://rum-static.pingdom.net/prum.min.js
Protocol: HTTP/1.1
Server: 34.255.65.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-65-133.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 24 Sep 2020 12:32:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 12:32:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600730918364481"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5975
x-xss-protection: 0
expires: Thu, 24 Sep 2020 12:32:04 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/216/ Frame 4239 0
0 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/216/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/216/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://5.187.56.63/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://5.187.56.63/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4674
date: Thu, 24 Sep 2020 12:00:09 GMT
expires: Fri, 24 Sep 2021 12:00:09 GMT
last-modified: Mon, 21 Sep 2020 21:29:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1915
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 41ms
40ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=216&t=2&li=gpt_2020091601&jk=3828981398586068&bg=!ysmlydFY_VO_ABACSkYCAAAAZlIAAAATCgGVUwrtrDtl1lBOqUhgdOoTNDRF228cNHdthf0g7HlxlqValhewI-8LWQkTZpgVBsgx2Voyfryn3N7y3sVeERXQcoPAqqFt3yR5el69nluMYCbrgp6wSTJtUK86j7OPDoTDcJ4e2Jr7f0oNIDd6oZo2aWkHSWGhkcnPHJa1ZV73MNk_vLYcScEQ5U7bNXHvE9VoCqse_ieJ3LMPVq_u3aK_l9LzDOh1PFEWVNNjo-aIfZUrmqroh8BGiIAw1MtoI4lOp4OR1hhMWZmDK6XPXY6ssQYoC0Qpp9ZolddZNZMsxcVCs1hGRdqFIPS-YWD7U1LJLb05_qDqojxOsXX6KjvfTVnHJmHJu4nW4yy0_YZ1FK-DP5EcqnSL8011Bz478HmjJRRlI3SqI-cxCF5YgbKTPEmpWPW01sQOjJlUpU73QO4_KXdIHQ2BQveQ-lFJt04cKCRjup8sW68WA2dExzUYU8HufINFSaapI-VNNNm1jyi37JXPFvn9OTQcHTVAr5dBctrv9hBGUxtLKgrt3GP-1skdhHdNmQGjFwQFF9AfvDS-U6cIGvEkkiPCW0SFxq2pZn3aAEc5twITxB2nX47DsmNJW30tpyCVaYNPLQ2Yq9Gl8hRa9rArTNqn0FaPFCcPAgFN8qzj6GdDx-b4Ly5YNYmvYWUyWlCsOpj5nsgLHeeXTSPuXJYNCCMHrZNolUV2lA5apH8XrUXr9KYkonmq5bau-hXPI-SJOGe9U3OK9n8ZZXtCVj9_HNbnIjymMJpBE7tRhbVpyYxW9kHf0bQxqraS0qFw17JJTqcDRMribyLuBgyJJtRVWfDrEdZuy78fDg2cbCv6UY-3genBGsRpHOmc-2dZEtY5TEY4psQtZuJbAUDTo71An7qMcectqPfTya8xbYoOLTpJK9fpcdfH6SH_qCWYdpKcpfXZ5aD5fHshPBY_NaoBs77i_wwYWcI4nStZ5pOrsVid0yT_BuLjTBj8E34_w_l7EkqC8hKQI7Kc0ePxDI5s8nYhbfbgSesewlt_aJK0W8qYrUBLuF0gjKo_1nqge9vJ2do4Jlwq1EMrYUStAlpgL5acy4ynI7oO2DCvYsUU3qiYncw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 12:32:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 165ms
164ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=478291&asId=ed466e64-7066-2404-d41a-93ac75a13e7f&tv={c:peuMuP,pingTime:15,time:15186,type:p,clog:[{piv:100,vs:i,r:,w:994,h:250,t:100}],es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:{i:15187,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:100,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[15102~100],as:[15102~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:167,fm:sbvA1Mr+11|12|13|14*.478291-47859056|141|142|15.478291-47859058|151|152|16.478291-47859058|161|162|163|17,idMap:14.3d669e54-cc4e-3fee-a045-2f59d921b6db.26_930546|14*,rmeas:1,rend:1,renddet:DIV.qs.sn}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:32:05 GMT
X-Server-Name: dt06sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 163ms
162ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=478291&asId=ed466e64-7066-2404-d41a-93ac75a13e7f&tv={c:peuMuQ,pingTime:15,time:15187,type:pf,clog:[{piv:100,vs:i,r:,w:994,h:250,t:100}],es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:{i:15187,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:100,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[15102~100],as:[15102~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:167,fm:sbvA1Mr+11|12|13|14*.478291-47859056|141|142|15.478291-47859058|151|152|16.478291-47859058|161|162|163|17,idMap:14.3d669e54-cc4e-3fee-a045-2f59d921b6db.26_930546|14*,rmeas:1,rend:1,renddet:DIV.qs.sn}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:32:05 GMT
X-Server-Name: dt55sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 165ms
164ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dt.adsafeprotected.com/dt?anId=930546&asId=3d669e54-cc4e-3fee-a045-2f59d921b6db&tv={c:peuMAn,pingTime:15,time:15331,type:p,clog:[{piv:100,vs:i,r:,w:994,h:250,t:305}],es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:15331,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:305,wc:0.0.1600.1200,ac:303.187.994.250,am:i,cc:303.187.994.250,piv:100,obst:0,th:0,reas:,bkn:{piv:[15043~100],as:[15043~994.250]}}],slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:167,fm:sbvA1Mr+11|12|13|14*.930546|141|142|143|144|151|1521|153|154|155|156|16.478291-47859058|161|162|163|164|165|17,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn}&br=u
Protocol: HTTP/1.1
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 24 Sep 2020 12:32:06 GMT
X-Server-Name: dt44sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 dc_oe=ChMI5q2dk-aB7AIV6sARCB2NKwy0EAAYACCAz-JB;met=1;&timestamp=1600950730977;eid1=2;ecn1=0;etm1=10;
ade.googlesyndication.com/ddm/activity/ Frame 280B 42 B
106 B 55ms
55ms Image
image/gif 216.58.207.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5q2dk-aB7AIV6sARCB2NKwy0EAAYACCAz-JB;met=1;&timestamp=1600950730977;eid1=2;ecn1=0;etm1=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s24-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://5.187.56.63/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 12:32:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS event.json
zuba.prod.tda.link/v1/dakt2/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: zuba.prod.tda.link
URL: https://zuba.prod.tda.link/v1/dakt2/event.json

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.krxd.net/	1970-01-19 17:01:42	Name: _kuid_ Value: Nqf5aiaj

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://5.187.56.63/sites/all/themes/bilannew/js/placement.js?v1(Line 174) Message: define target [object Object]
console-api	log	URL: http://5.187.56.63/sites/all/themes/bilannew/js/placement.js?v1(Line 180) Message: == execAdLoading ==
console-api	log	URL: http://5.187.56.63/sites/all/themes/bilannew/js/scriptnew.js?qh5w01(Line 47) Message: flexslider in
console-api	log	URL: http://tdn.da-services.ch/current/bilan.js(Line 2) Message: TATM helper removeEvent called
console-api	log	URL: http://5.187.56.63/(Line 46) Message: BackgroundAd - V: 1.33
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.4.114.js(Line 32) Message: a: 0.0029296875 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad1.adfarm1.adition.com
ade.googlesyndication.com
adservice.google.com
adservice.google.de
apis.google.com
assets.pinterest.com
beacon.krxd.net
beagle.prod.tda.link
bilan.wemfbox.ch
box.r66net.com
bvt.r66net.com
cdn.adsafeprotected.com
cdn.krxd.net
cm.g.doubleclick.net
connect.facebook.net
consumer.krxd.net
content.videostep.com
dt.adsafeprotected.com
eab1a9882a5cb9a3b6d29ce9f5bcf179.safeframe.googlesyndication.com
epaper.tamedia.ch
files.newsnetz.ch
fonts.googleapis.com
fonts.gstatic.com
googleads4.g.doubleclick.net
ib.adnxs.com
imagesrv.adition.com
k.r66net.com
kwebstat.videostep.com
log.pinterest.com
pagead2.googlesyndication.com
paid.invibes.com
pexus.prod.tda.link
pixel.adsafeprotected.com
platform.linkedin.com
platform.twitter.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s.videostep.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.r66net.com
stats.g.doubleclick.net
sync.sharethis.com
tagger.opecloud.com
tdn.da-services.ch
tpc.googlesyndication.com
u.heatmap.it
u.videostep.com
video.r66net.com
weather.da-services.ch
www.bilan.ch
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
zuba.prod.tda.link
zuba.prod.tda.link
104.244.38.20
13.35.43.129
13.80.250.21
143.204.215.110
145.234.241.155
151.101.114.133
151.101.36.84
151.252.10.121
172.217.22.2
172.217.22.98
18.194.220.116
185.33.220.241
185.33.220.244
212.47.171.67
216.58.207.34
216.58.208.38
216.58.212.162
216.59.56.193
216.59.56.23
217.79.188.2
217.79.188.59
2600:9000:214f:b200:8:48e:53c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:15ef
2a00:1450:4001:801::2001
2a00:1450:4001:802::200a
2a00:1450:4001:802::200e
2a00:1450:4001:809::2008
2a00:1450:4001:818::2002
2a00:1450:4001:818::200a
2a00:1450:4001:819::2006
2a00:1450:4001:819::200e
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::2003
2a00:1450:4001:820::200e
2a00:1450:4001:821::200e
2a00:1450:4001:824::2002
2a00:1450:4001:825::2001
2a00:1450:400c:c0c::9c
2a01:4a0:1338:28::c38a:ff0b
2a02:26f0:6c00:283::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.126.112.135
3.127.132.197
34.250.28.202
34.255.65.133
35.156.63.21
40.74.50.168
46.105.202.39
5.187.56.63
63.34.216.240
68.232.34.60
68.232.35.125
89.187.169.37
99.86.243.25
0171cc6aa23901dbbd53223a7c3f8b5a43bd9ddcf3c34f01a464d04748be20d9
0191d915c103f60435b09b2db123d75448172ba345544a00526512459b4e82fd
01930af554cfa47329916293264c86983bec2ce8243135624d23069859ddeda9
04415bd40349c8c9a02e642d14005fe68b6468f500ddc7cd596e118ee5f7ae66
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
068b733c8dc8a8344c5d16a7a2c6087bce5fa7a6b4d05398b189c57e5276fd06
07b6825d504bbcb7f5a47193a9087ff5cdcb897dd2dc48673eff98e3791cc35b
084755d3447197524373d3dd7ef6b9329eb1c681877f0218191adc746e09a4ca
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0ac461d1a2eeaa200087f5fb445efcf5273aa1537c0864d498e0c5c7cd7d81a3
0b4021d453b39137a6e8d37f0d4bcaa4e3f1a59ac723b14015a1938165b5c81a
0bce2fefd1ddbd333378401368b02836f4f7aaf6a3a170654fc83a9c7989386f
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c2ee587326344778fe7763d4d279fe5609ced8ee971968b7b996af8d4609ced
0dd53ceca07de8b1b2c16d9fee7a1d33dc90bc462a24abd38b2b9da7b8d27bc2
0ddc9ce690246540a10ee696070a11a6b651b0ef0f20fcdc3d44982dd31be10c
0f9e1698bb38f03444c2568a8c4766ba3e1d3eeaa01fd75c78dfaacab30861d7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
110d19eacf821d79321e5173aee2fd2482fb549213183bb08a99a4465bc6b1c2
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12c87ec664ec38ac62588243911e5c724f8ca38c39d32268a1720cf6aa0f9eae
13edc0568104c15fd912199d31159f54c8ce5f9c5900966c706e255c799a48ed
1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f
157d4898f4e6bbadbd2b1f0ee93ac1a06ba76de7568ec9e86dcb49bf752f458a
18c5fe0a5601b8289632c4b923c3d4903c36970bd625dae39731747771f5637f
18ccaf807271688bbdfeab3a885e9339cbbf70de1f6f7c1be532370bfd36d221
1a01974678aaba9e960f271a176e0088814f8aeb6c03c3d87603ff1e17bb4006
1b5c7a13ae84c74a93a18a23eca7a8ba5654a9282bb936bbd8f3f280cfa7dfe6
1bdfbf9cdd5c9c10eb942c97af96a5fd954a09f831e61a4877e35ae47f8a93fb
1c54734682a022205242cec2d32d76f6d46ab39e8e1a46a0c493a6debf6cb411
1dbc835b3f505cbcddf95fc329ba74416a6247867c722a8c083d47641a64a0f4
1fcdc54759ab0ead6a9c0f35707e01926c8c4e13c6ce7ad59477a81a9e4acd47
2260eb1cffb528a8fadcc8aa8c8f436593e0c2b8ec7540f690c8290ad6096bf9
23697aa86682aa6e8dda8bb7945e997c2c3ae2441c799f86fe2e2aa40f9f6841
291feae463ef68618515309bf72a1056117824378a0f9bc36772696dee89caa5
298d2de740f2359821ab89f152c7f1c09c08037ea9bb1d99022c8924cf63a791
2e3a1a4fb83631af20b1939f1a86f1098ac8572ba9cd69c1d83974a9c4b52346
3055afce25f08e1e6b8ed259392ae6c654629aca534e61e969ff75fb7214fd11
339f934d19697dada0e0fbc9c0fcbec7d4b25aee42520fa15cb27334e8cc617b
3660a99d88add1131c80b896102f66d41bf68624896e53e721ff8d8709d9429b
37d82f1024d93cfe2e90b9de4beb0f08778e6aeb9e1479ac465f2afd57808365
399fd41b4edff964767c04138526a8c2b0ea1fb7467ed7bc8ca0a55de2443931
3b85d4fbeeb7120f556a12dc8d9aa1adff5bb8233704b200d97f885845fceaa1
3be81ab15cc2905d3ef54418cd0fa664e85d19c4a5550e28b071a39bd1316070
3c5e5359c27a373b46a55d683211e79fad98df01c9a1ba203d7f75e794d73c2d
3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb
3eb091621ce3db9073798548130c3e40c035dd27858aecd9aa48f95ab3df983b
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2c340d4d321d330481d603dedfbe6a1cc533ff6e604edbcb4fc86a15d2fb8f
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
40b287cd4cb83d6ff3d007e7e9ffc56c7753c21bfb69ee9976afd8f0abd9c544
40fd49cc47327c7da9ed5b7583c2e61898285a1e79b30c6080f3e832eada573b
4140f57734221f565c801fb4643ec4b4b454eccb10fbdf9117acc6ea4c6ca24b
43ac1352adfe09f2db7fbf679d4a5b9f51de454ccbfd8bc1b711c66dd0e8151e
43dd2cacf58db0c875a23f9fd544f8500099633465eccfd2cc03207db1734c63
45185c8f6cd2f9b42e3a02b78af40edc7d61328fac3167a0490c9c69bbecaaa6
4569fbfef2a73b2369d1e070a2ce3511f5a8c6a22a7cd6d61baf4982e75a21ee
47b616d30999c5e634bec5c793355b249afe190f45740969551b69ca3e206557
491078a322f95023a81170887789413a8739a8899d4b012784bd0b02ad048560
4be61592f76593200440c3421678edab585bb2609bffc4212033c99699c32efa
4c9dbedb5c4c80abaae1bfd8c3cca5b7e90fd2e75ac2443308a8a402a9c64491
4cdbb39c2403a62d6b6866ac1812b9e3fa9c4890f955fee48debc0162621882e
4da045456b8ace9bcd3f4b9fdbd20c279c465b748a5531ebbe05d7f453c0af5d
4db995ceedbf2d625887e4ff319546ef3c4f462059b8b2ead92368f60c94ee4f
4e233a3a613ff1b208f6e54673b5be56f4f9d549dc52d3de994f425bc06a4609
4e31c3ec3e18944be035086f9153437df43726b0090bd0bd1a7658224ed7b2f6
4f1197f77238dce7d081a43b7e33c21c7ee63d9bbce0cbd2b8da1785115010e7
4f81ee19dd33fdd9156ec3b66c95e0efe005bbaa0b3cd27da92d9e4acc61db52
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53f86ce47213f91beb0fdb718a114345daa2aa8db9ce72aa861f5d69c5380e9c
54138d578ed166d5381db70b3dd14a16830233553b6e4213402bae2fdb0564b4
5496b611dc9148eed30b7c3842e272c707d8ccb5509d4baa4bcee1f1fb7e53ba
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5548ea321932671fba2a5aa9a912d3f4a073727c9885c33d6b2e00413b1e3950
5754a78fea82bb52d068d3c64de5ab9ae7ed70de719090407bb2ade232a5b7ee
596cb5efcea1a31463ea879d1830c58058ecb10823d09b03ff6e72722593c6d1
5a5deff45596a591f49bbe15fdf9d87fe7d221dc41abbc46fab3f953338df321
5b846e3256bfb4b9904c071001321ec879ee871621dea0343f6ee87003df8374
5c2096fb64c613c33e93d3a728e97d5ee382c4ee7881d2e0d3e0aa3cf881597b
5cbbd141da99c666fe92409c3b650fa641af1296b93668bd80a246a404f8a825
5f0dd0fa7ad02b68fdacc938dfa1a1e1fc61d07f688e9b503c8bee84d16d88f9
60f7dce94edb5f624ba3bf46aec3acaef9aebc2d37fb8d7780b24b8f64c2774c
61113688d241c38b05a23132c7e306fe36a2d1a4758ae645dc2191114bc320b7
62345672ef32d4e4c84da518c76da9c211ea4c9f89d3c7a11ddaf2eb6c3a579d
62756d2616e4156e7f6a5524b5a6d8f64193e85f5d3b88be33cf8fe8a728d2bd
63eeb9baf46a801bccb55ef3c1a60610e820d57f90814480a393a0ec8edb36a3
65018b34848eb6741d45d2b003c3aeec4c8456d9c4da4d680593c1af935c190b
670e771fc712c606c8cfa04a9118b193afd0d5378b539d3a72e9a973eaad2087
6876c16e0cc93e18768cdd11ed2a63d316f059b26ae6a08237895921e528f697
68f705da98a99fe833d6bc6be7b0b9835edaf4c0a0747148939975ef10264ea2
6a549293985247975c1f7dff29de03d9b89dd6edcc8c4062e00511c7ebdb073e
6e0bae781528a9ee0bfa5867ab6a7e9eb3304ff864d31268957706c48cb60fac
71504ef894c61c298b3ee7237468401b39e1eaf81a4a2a8bc9bf25ec00ff96b4
79c79d9039382cd34e2e9aa463f85c160d3890c688941fc6837cc2cf81919643
7bf5d5ccf83173c8ca3e08c81fe049a266a90098069bc26687ad33e068cca6f4
81d6078e66f24f09358cda9a85554f79d39bb9c6f19ccb56c3e82dee5411872e
82003098565636ab958aed975f57a730a9f6114bcefaeb3a3d21a2b9e07c3aa9
828be7018fe99ca3ba8c2d44bb2db3469c8b7dcfd22d4b040ff58d5830e3d7b0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852cc61172072aab1725a467072e483626ff97aa4bc84175badb1a93268598b9
88d512cc40ee5cc37b04b6691d193e920f2e1cd81fbac69ef0842b993d3049d8
88db58a7ffaee9c238329d26ef87f85de67c0acdf3572ffa7e68624937909874
8912192116f0edc9ff079644bce439d62a4281f346fb50f8a82bbea8114ede93
8a1642b43e44246c77f13c5f67f41b12b6b60568c8c9aead57de23578b8e24c9
8a78502c1755dd4429d21d4feb9ae6f8b71c7d0a566131249946cc091d6e6679
8c061157f3f59743b80ee1e55c77f808c4034b67f538f23dcc67433fc50dd228
8deacbf90ee1a4e546a72788e65506c2f9bf92e7fb8c05b86c78fd85044da344
8ead80b1fc14c5147010bcdf6e9b3cfe0c5396e4525e894be7bfa101648bbc4b
8f43d9041767ad4e3a5e6eea59eee3bedea16e48cdae144e80054b4d22c39243
90342ff21dc9939bda4652c7ecf43e11bf40b0b95cd1d0e835086e544776d6e8
9307b97f740d9e4c37efda95e0723040d61b1b62b1fcec19e33830bc3a1e0e79
93724ea639c2a93df83c9924448bbaba20ba10d48990233bbb39b14df51adab9
94bdc44e57c77dc3a02d7a3d14059f4a7d67d1d141a623acfa5c3513017a9795
951d6bae39eb172f57a88bd686f7a921cf060fd21f59648f0d20b6a8f98fc5a5
96387c7ded58309dcdfd08767009afd54d43e484551b9f331684237045de9e60
9bb8c145723c9d3d978a354564a9350df5dd30f2c6a0ba75daaafa394a0f4a0c
9c1b821b526015a86120b9adb87d4dbd03431772ce5fc122c69e71716610e4f6
9cc13e93c7fbc4803e8ae73f94de9ce2277bd127d0c37ffeb5cee65d1d347319
9dc15c9237ce1b413a74264baa4cf011e93d898666e140a54c727a5684265814
9e624535f718a559e16f5df9a7e66f3b3d985f31f420cf90ae87ae684fc8bc75
9e72b4b672dd0bf17b5047a715fa68424360ec5f89f9aa0849979363ca5f84b4
9f386d4d3589210ecbe7ec755e1bedc18e40324e473d1bf4df6163b4b12d37fe
a0054cb907bee526169a8718932e3949ed5d5c6468342cf4daa7bd052c77b38c
a0a2356ab4ecca2a4a174e53d6b9c4690e4bfd07bd24fe3bb6bcd337d4b412cc
a10b5a8d53e9173fad201914d98a5dac42c1d72c381f81323da632f173e99b7c
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a499b1ff1fd2d3208de908b41e3192c91b0fd3303f9c7a2014f7f6c6786d5b25
a64ef1405411700c82222c062ac5acd66573635ad9978d16824945fdf648bfa0
a710429ac7e565b94b501cb96ee62c2261197d6d76cf414f9cf2462fc877fe10
a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9
a9425bf58095739ac9220679ea79198ab6917a0c9cb1be466241370af2b91022
ab17cb7c7169d4b5a2dab9184812166bc873f3b9a07b1064da3fe31ad060effe
ab29fc25c427a9b892875636a38cdcc27de97b17e8d23c0b2d5a09fb3b589474
ab876d1286eab69197cdcb877e1d9d7fc3651746a657edd329ee8fb537298e83
ad16a692a0cf57c7ea52b76a8a682f747e91a94fa9bbac233558e5fac20bcba7
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96
af400fc3600c1a1da35fbd012ad788f40a68d31ada8ebf2e8a84bc9d5e9fa603
b027444fa971caf8b3244a9f93bb928224b593b04c268949002c7929159de113
b03d7778dd9333a352fafb92833648437f069d7e9eedaede33946575e8cd2204
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e142370aa1c9210e06245d89ffce8b56444de631e84faf293b48af45ae2325
b317742277d72c28cb24020d61cc7daecd4e51e48a68a16440d26bf1a008a129
b4c40b1f7d0a51143058d06b901f61020d4d6fbcb576e97c2380662106875e08
b5dd59c250b713e61b349967383976af3e809b8fe71f9e0d382325c2a63bca86
b6b9f0c1e0397a2ee66ea891142f7b9d17ae612805a50c1ce059ff7cd698f73f
b9cbf26c51756e96056a34ebc26f54f39ed030cd740218997ed3e9cbee1b1cdc
bbde3ff5fed56039f99b945ee83a75a032ab48a644b2711216846c2842ee373d
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf38e36e83c03851ef6ad378a251217256a9a42547beea0d57fcbb8031241034
bf6028e15a460586c16adb0210d268374501f60ecf36f11e554e2ffd089c636b
c1ad19c22f61c4aefbcaacd4f83436e37d2036708e1ca20f73b8fcba7af80194
c2ab66d101b0849e72774e3df7976216b15ab51b87a8615cd8c623a1bd97a8ea
c4553b6ec30852a570f5b94ee550bffd3d3fea8080c28d4409a1036be26006ce
c50c5d69990f54337566b87532705a92b4ffb368165edcdd65b32afa01eee10c
c7970725379a1ed295ccda35880bad25467bd8c7aaf5db0630b38078ba6d4a80
c81f8531af91e475374160a85fc008bfd60e39c24fb03c98e85fc498cab535b1
c8fd065d4e741b6c3f6613ac8817621fece035736d71a677dde931360f130930
c9c00ced5ab6492068e85cee58e9ed1157b9bc1a8bbd201eeedbd45d7842dc34
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbd5cd8bbfd3ebc0e54ec612aa750a5459d884a936f6d853b0d24948702e8ba3
cc211921e314f293043154a7902f3da41f2f00c7e0d2d48881336a8f0c00996f
cdde1b3594a86dbefb8f4c68dbd2a152b5af0ad57a9a5ae492dcad693769fb27
cdfe1a33ff2907533cff360284da7953ae95bfd9d8eec933212154e28822ce7f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd881273ab0599b6688b4fb0514346ef7b1f5a9cf239175f449da2231093d63
d0bbad771a8a5ac5f9446791109693aeca1d676d44ced48f8514857f7d3e6fd0
d0e18ce3035d36857c609cb49eff0ae1d1898765d79b504a3721b31042434715
d167d9827030a1e20cea805c76a3416ad83061e65684ca3ed05a9c93b5625cca
d30b98191efdb8888f03dfa599c41269a0e4a04a6c90d7c3c2e33e37e7017ad2
d3b142f2fc1b181088ebc5bd873a725bba5e4ea24b20874e7880b163f778765e
d51453f8c67401baea07d081615a2e9c802ad6f666d23fd61ceaf96bc181a71f
d622f228812e8abba2a271adcded587ae3c3c9525b5349f2eb22625e1e7c4744
d809ff33dbedea976423639f3d43504b61d9e882e5e65f617ee786b18855cc4c
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
dd1c7822082e5d2cda6242df595462dffc97bfb4ec52b3dd9af2a9abb27bca82
de2b6f2f43c98d0e66a02bcc6da59121858840859d091e0d215ae85bb9124146
e0d0395fc9d3a1f6c1e749e5eeaa29c3ac8d2d83a6b979e33c4594b834881e56
e2abf908a6fecb708af1f845e267abbbe2d830ac89aeb8386088705e234704bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e880b171c00f7bc1cf208443b8dbb707c29d9736f35b07945ab6e8b8db8795
e40f5ac3fe7b072cd1ecb3acbfe6a7e5f7010bc96caed07614f82e43e388262d
e42b70ba670efbef99f7fca308fed36f00d180185ba45aecb6dfe1bed2bc04a1
e457a1f5c855a40b853c0f8f6421db58c3e7b443444389e3ac1cb128bb02fc97
e83370bfc68363362fcf20cc6cc7500d33619a84d03ef235f757bfc6838c4a81
e971016f98abb48687f5b4f7b3cc18136c635673363ea0d3df42d3b4bad19c9c
ee5f6c1ce22ad6bf9485f79f68d83d8c0751b2359bca13d344656e0b9ceb7723
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d475ee87cb4b007c1d34471cc379c29e634650f5bde0b3f2165fc7742d1089
f4561a4ca61ea5d2f456a36665b1dbdd583ce113bd6040cd3c847f2654f738e2
f59028e19a39f887f4f3655cd44631af144638c111cecea68f5d9a96b96d943f
f5eed12d4c265df78b87b39e4f4ed7561f35e69104cd58f2ae3e730ef63dd0e8
f71db38fdd60f6dd4d70d48a7ebdf62030aadd226604d4d6efe13e89e024b77e
f7610f32aa570979f562c28b29b95db132ce5139ab645ff5281e340eeb24c828
f9ed847a3d541ce0fc72ca4a1b534f700f91bc344457651de28b640b20308f33
fa3748e2366d5ba5f4a7b6c8154809725b6bfb7843743837384c70f060b33503
ff7750952a601dbf03688b01a2eced6e5671a8335393eb063201bb732f12c99a

5.187.56.63 Open in urlscan Pro 5.187.56.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

240 Requests

37 %HTTPS

39 %IPv6

32 Domains

59 Subdomains

52 IPs

9 Countries

3542 kBTransfer

6161 kBSize

1 Cookies

19 Outgoing links

Redirected requests

240 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

5.187.56.63 Open in urlscan Pro
5.187.56.63 Public Scan

Screenshot
Live screenshot

Full Image

240
Requests

37 %
HTTPS

39 %
IPv6

32
Domains

59
Subdomains

52
IPs

9
Countries

3542 kB
Transfer

6161 kB
Size

1
Cookies

240 HTTP transactions
18 data transactions