www.glueckspost.ch Open in urlscan Pro
104.104.52.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://glueckspost.ch/
Effective URL:
https://www.glueckspost.ch/
Submission: On May 11 via automatic, source certstream-suspicious (May 11th 2022, 7:26:28 am UTC) — Scanned from DE

Summary HTTP 159 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 44 IPs in 6 countries across 28 domains to perform 159 HTTP transactions. The main IP is 104.104.52.75, located in Milan, Italy and belongs to AKAMAI-ASN1, NL. The main domain is www.glueckspost.ch.
TLS certificate: Issued by R3 on May 5th 2022. Valid for: 3 months.

This is the only time www.glueckspost.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::6815:229d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	104.104.52.75 104.104.52.75	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2600:9000:225... 2600:9000:2251:3800:1c:9a5b:a1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	108.157.4.102 108.157.4.102	16509 (AMAZON-02) (AMAZON-02)
1	18.66.2.105 18.66.2.105	16509 (AMAZON-02) (AMAZON-02)
2	34.78.251.152 34.78.251.152	15169 (GOOGLE) (GOOGLE)
5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	185.53.178.51 185.53.178.51	61969 (TEAMINTER...) (TEAMINTERNET-AS)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	52.222.250.70 52.222.250.70	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3 4	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
4	13.226.132.36 13.226.132.36	16509 (AMAZON-02) (AMAZON-02)
1	18.66.139.124 18.66.139.124	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:233... 2606:2800:233:d84b:39e5:dbd4:25cd:99d9	15133 (EDGECAST) (EDGECAST)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 7	3.33.138.253 3.33.138.253	16509 (AMAZON-02) (AMAZON-02)
4	108.138.7.14 108.138.7.14	16509 (AMAZON-02) (AMAZON-02)
5	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.196.120.117 18.196.120.117	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1	35.158.169.169 35.158.169.169	16509 (AMAZON-02) (AMAZON-02)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
1 3	52.58.169.45 52.58.169.45	16509 (AMAZON-02) (AMAZON-02)
1 6	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3	52.212.32.175 52.212.32.175	16509 (AMAZON-02) (AMAZON-02)
4 4	35.157.155.129 35.157.155.129	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
2	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
9	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2600:9000:249... 2600:9000:2491:4800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f13:800... 2600:1f13:800:7780:5169:8668:b8ea:b057	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
159	44

1 2606:4700:3034::6815:229d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

glueckspost.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 104.104.52.75 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-104-52-75.deploy.static.akamaitechnologies.com

www.glueckspost.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2251:3800:1c:9a5b:a1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.admeira.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-102.dus51.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.2.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-105.txl50.r.cloudfront.net

lib.onet.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.78.251.152 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 152.251.78.34.bc.googleusercontent.com

get.contentpass.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.contentpass.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.53.178.51 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)

ri.nuggad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.250.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-70.fra60.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.121.17 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.132.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-36.dus51.r.cloudfront.net

sgqcvfjvr.onet.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-124.fra60.r.cloudfront.net

artemis-cdn.ocdn.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:d84b:39e5:dbd4:25cd:99d9 (United States)

ASN15133 (EDGECAST, US)

aka-cdn-ns.adtech.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.33.138.253 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ae6bee98fe393bd2a.awsglobalaccelerator.com

events.ocdn.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.7.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-14.fra56.r.cloudfront.net

csr.onet.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
crcdn01.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.120.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-120-117.eu-central-1.compute.amazonaws.com

profiles.tr1.admeira.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.169.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-169-169.eu-central-1.compute.amazonaws.com

end.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.169.45 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-169-45.eu-central-1.compute.amazonaws.com

tr1.admeira.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.212.32.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-32-175.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.157.155.129 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-155-129.eu-central-1.compute.amazonaws.com

tagger.opecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.240 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ams1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:4800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f13:800:7780:5169:8668:b8ea:b057 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fabaa99cf662c6e93e6bd95cf205526a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	glueckspost.ch 1 redirects glueckspost.ch www.glueckspost.ch	2 MB
18	adnxs.com 2 redirects acdn.adnxs.com — Cisco Umbrella Rank: 596 secure.adnxs.com — Cisco Umbrella Rank: 424 ib.adnxs.com — Cisco Umbrella Rank: 240 cdn.adnxs.com — Cisco Umbrella Rank: 1420 ams1-ib.adnxs.com — Cisco Umbrella Rank: 6477	129 KB
12	adsafeprotected.com cdn.adsafeprotected.com — Cisco Umbrella Rank: 3399 pixel.adsafeprotected.com — Cisco Umbrella Rank: 548 static.adsafeprotected.com — Cisco Umbrella Rank: 552 dt.adsafeprotected.com — Cisco Umbrella Rank: 504	104 KB
11	googlesyndication.com fabaa99cf662c6e93e6bd95cf205526a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130	43 KB
9	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 92 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187	169 KB
9	onet.pl lib.onet.pl — Cisco Umbrella Rank: 46280 sgqcvfjvr.onet.pl — Cisco Umbrella Rank: 43720 csr.onet.pl — Cisco Umbrella Rank: 42906 Failed	125 KB
9	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1026	41 KB
8	ocdn.eu 1 redirects artemis-cdn.ocdn.eu — Cisco Umbrella Rank: 46648 events.ocdn.eu — Cisco Umbrella Rank: 38884	11 KB
8	admeira.ch 1 redirects cdn.admeira.ch — Cisco Umbrella Rank: 208325 profiles.tr1.admeira.ch — Cisco Umbrella Rank: 267602 tr1.admeira.ch — Cisco Umbrella Rank: 236428	115 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 7 adservice.google.com — Cisco Umbrella Rank: 74	2 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 344	109 KB
5	scorecardresearch.com 3 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 141 end.scorecardresearch.com — Cisco Umbrella Rank: 18265	4 KB
4	opecloud.com 4 redirects tagger.opecloud.com — Cisco Umbrella Rank: 3820	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5483 adservice.google.de — Cisco Umbrella Rank: 7678	2 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	14 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	198 KB
3	adnxs-simple.com acdn.adnxs-simple.com — Cisco Umbrella Rank: 2839 crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 3484	829 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 599	138 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2689 p1.parsely.com — Cisco Umbrella Rank: 2118	24 KB
2	contentpass.net get.contentpass.net — Cisco Umbrella Rank: 444380 api.contentpass.net	24 KB
2	gstatic.com fonts.gstatic.com	41 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	adtech.de aka-cdn-ns.adtech.de — Cisco Umbrella Rank: 417044
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	42 KB
1	cloudfront.net d1z2jf7jlzjs58.cloudfront.net	1 KB
1	nuggad.net ri.nuggad.net
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 110	15 KB
159	28

	Domain	Requested by
32	www.glueckspost.ch	www.glueckspost.ch
9	ams1-ib.adnxs.com	www.glueckspost.ch cdn.adnxs.com
9	tags.tiqcdn.com	www.glueckspost.ch tags.tiqcdn.com
7	events.ocdn.eu	1 redirects www.glueckspost.ch artemis-cdn.ocdn.eu sgqcvfjvr.onet.pl
6	dt.adsafeprotected.com
6	www.google.com	1 redirects www.glueckspost.ch tpc.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.glueckspost.ch
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	securepubads.g.doubleclick.net	cdn.admeira.ch securepubads.g.doubleclick.net www.glueckspost.ch
4	tagger.opecloud.com	4 redirects
4	www.facebook.com	www.glueckspost.ch connect.facebook.net
4	csr.onet.pl	sgqcvfjvr.onet.pl cdn.admeira.ch
4	sgqcvfjvr.onet.pl	lib.onet.pl
4	sb.scorecardresearch.com	3 redirects www.glueckspost.ch
4	connect.facebook.net	www.glueckspost.ch connect.facebook.net tags.tiqcdn.com
4	cdn.admeira.ch	www.glueckspost.ch cdn.admeira.ch acdn.adnxs.com acdn.adnxs-simple.com
3	ib.adnxs.com	acdn.adnxs.com
3	pixel.adsafeprotected.com	cdn.adsafeprotected.com srcdoc
3	www.google.de	www.glueckspost.ch
3	tr1.admeira.ch	1 redirects cdn.admeira.ch www.glueckspost.ch
3	googleads.g.doubleclick.net	www.googleadservices.com www.glueckspost.ch
3	www.google-analytics.com	tags.tiqcdn.com www.google-analytics.com www.glueckspost.ch
2	static.adsafeprotected.com	pixel.adsafeprotected.com srcdoc
2	crcdn01.adnxs-simple.com
2	cdn.adnxs.com	acdn.adnxs.com acdn.adnxs-simple.com
2	static.xx.fbcdn.net	www.facebook.com
2	secure.adnxs.com	2 redirects
2	acdn.adnxs.com	cdn.admeira.ch www.glueckspost.ch
2	fonts.gstatic.com	www.glueckspost.ch fonts.googleapis.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	fabaa99cf662c6e93e6bd95cf205526a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	acdn.adnxs-simple.com	www.glueckspost.ch
1	cm.g.doubleclick.net	1 redirects
1	api.contentpass.net	www.glueckspost.ch
1	p1.parsely.com	www.glueckspost.ch
1	end.scorecardresearch.com	www.glueckspost.ch
1	stats.g.doubleclick.net	www.google-analytics.com
1	profiles.tr1.admeira.ch	cdn.admeira.ch
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	aka-cdn-ns.adtech.de	get.contentpass.net
1	artemis-cdn.ocdn.eu	lib.onet.pl
1	www.googletagmanager.com	tags.tiqcdn.com
1	d1z2jf7jlzjs58.cloudfront.net	tags.tiqcdn.com
1	ri.nuggad.net	tags.tiqcdn.com
1	www.googleadservices.com	tags.tiqcdn.com
1	get.contentpass.net	tags.tiqcdn.com
1	lib.onet.pl	cdn.admeira.ch
1	cdn.adsafeprotected.com	cdn.admeira.ch
1	glueckspost.ch	1 redirects
159	52

This site contains links to these domains. Also see Links.

Domain
kleinanzeigen.glueckspost.ch
shop.glueckspost.ch
itunes.apple.com
www.admeira.ch
kundenservice.ringieraxelspringer.ch
www.beobachter.ch
www.gaultmillau.ch
www.handelszeitung.ch
www.pme.ch
www.schweizer-illustrierte.ch
www.schweizer-landliebe.ch
www.streaming.ch
www.facebook.com

Subject Issuer	Validity	Valid
production.ringieraxelspringer.ch R3	`2022-05-05` - `2022-08-03`	3 months	crt.sh
cdn.ringier-advertising.ch Amazon	`2022-01-25` - `2023-02-23`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-17` - `2022-05-18`	3 months	crt.sh
*.adsafeprotected.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
*.onet.pl GeoTrust RSA CA 2018	`2021-05-24` - `2022-06-01`	a year	crt.sh
get.contentpass.net R3	`2022-03-19` - `2022-06-17`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
ri.nuggad.net R3	`2022-04-26` - `2022-07-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.ocdn.eu GeoTrust RSA CA 2018	`2022-01-13` - `2023-01-13`	a year	crt.sh
aka-cdn.adtech.de DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-02`	a year	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
profiles.tr1.admeira.ch Go Daddy Secure Certificate Authority - G2	`2021-09-20` - `2022-10-04`	a year	crt.sh
tr1.admeira.ch Go Daddy Secure Certificate Authority - G2	`2020-03-30` - `2022-05-30`	2 years	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
api.contentpass.net R3	`2022-03-19` - `2022-06-17`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.glueckspost.ch/
Frame ID: 050D8E3008A3D0C68E251E4C6E6ACF81
Requests: 111 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df55ea72144f1a%26domain%3Dwww.glueckspost.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.glueckspost.ch%252Ff81d2e1e403c6c%26relation%3Dparent.parent&container_width=1004&href=https%3A%2F%2Fwww.facebook.com%2Fglueckspost&layout=button_count&locale=de_DE&sdk=joey&share=false&show_faces=true
Frame ID: 9CEB8FB1C400650A31966757CFC63354
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BF5CED65AEFB0764122E89781F5D7BFB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admeira.ch/adtrace/piggyback.js?publisherId=1461601&siteId=4166535&placementId=15138777&placementCode1=Glueckspost.ch_DE_Desktop_Home_MR_1&placementCode2=&auctionId=6934848844924802911&dealId=0&orderId=7143101&campaignId=52694391&lineItemId=17792306&creativeId=356230437&advertiserId=5835695&size=300x250&cb=1075338897
Frame ID: 0D0D9442FD65A1AE3F9C92DD7A2982C4
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/ast/mediation/0.41.0/mediation.js
Frame ID: D2391ACE32248439BA306A1EFC50F21E
Requests: 4 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930932&campId=300x250&pubId=Glueckspost.ch_DE&chanId=Glueckspost.ch_DE_Desktop_Home_MR_1&placementId=0&pubCreative=356230437&pubOrder=0&custom=1&custom2=&custom3=&cb=1652253983651&adsafe_par&impId=a8dfa34a-d0fb-11ec-ad44-0a6c212fcb7f
Frame ID: 5B559BF3E48563D83F749464B4082675
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=9178&pub_id=1461601
Frame ID: 63672AA5A6B63336C09F74B921B91785
Requests: 3 HTTP requests in this frame

Frame: https://cdn.admeira.ch/adtrace/mediation.js
Frame ID: 73192E231CCD31A5D5C820BAAE538DEC
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 14A5843CD6167191FDD3B1A65E1E5D12
Requests: 1 HTTP requests in this frame

Frame: https://fabaa99cf662c6e93e6bd95cf205526a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: C4D9F8E5CCDBA36B9C39D96032007509
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A5F9617A714D65702BB83BA77A0C3DFA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C8D8DB79C2765DA166AA5C96B5065991
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032204292129000/amp4ads-v0.mjs
Frame ID: D3E64EE87605DE2FD6029ED7A72340E1
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GlücksPost – Die Frauenzeitschrift für Prominenz und Unterhaltung

Page URL History Show full URLs

https://glueckspost.ch/ HTTP 301
https://www.glueckspost.ch/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

159
Requests

95 %
HTTPS

45 %
IPv6

28
Domains

52
Subdomains

44
IPs

6
Countries

4540 kB
Transfer

7835 kB
Size

21
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://kleinanzeigen.glueckspost.ch/
Title: Kleinanzeigen

Search URL Search Domain Scan URL

URL: https://shop.glueckspost.ch/buecher
Title: Bücher

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ch/app/gluckspost-emagazin/id657724776?mt=8
Title: ▸ iPad App

Search URL Search Domain Scan URL

URL: https://shop.glueckspost.ch/glueckspost-abo-print
Title: ▸ Abo bestellen

Search URL Search Domain Scan URL

URL: http://www.admeira.ch/brands/digital/glueckspost-ch
Title: Werbemöglichkeiten

Search URL Search Domain Scan URL

URL: https://kundenservice.ringieraxelspringer.ch/glueckspost
Title: Kontakt

Search URL Search Domain Scan URL

URL: http://www.beobachter.ch/
Title: Beobachter

Search URL Search Domain Scan URL

URL: https://www.gaultmillau.ch/
Title: GaultMillau

Search URL Search Domain Scan URL

URL: http://www.handelszeitung.ch/
Title: Handelszeitung

Search URL Search Domain Scan URL

URL: http://www.pme.ch/
Title: PME Magazine

Search URL Search Domain Scan URL

URL: http://www.schweizer-illustrierte.ch/
Title: Schweizer Illustrierte

Search URL Search Domain Scan URL

URL: http://www.schweizer-landliebe.ch/
Title: Schweizer Landliebe

Search URL Search Domain Scan URL

URL: https://www.streaming.ch/
Title: Streaming Magazin

Search URL Search Domain Scan URL

URL: https://www.schweizer-illustrierte.ch/style
Title: Style Magazin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/glueckspost

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://glueckspost.ch/ HTTP 301
https://www.glueckspost.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://sb.scorecardresearch.com/cs/28229342/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 70

https://events.ocdn.eu/v2/EA-5469564/me?_ac=events HTTP 302
https://events.ocdn.eu/v2/EA-5469564/me?_ac=events&_ca=1&uuid=202205110926228862106261

Request Chain 80

https://sb.scorecardresearch.com/b?c1=2&c2=28229342&mp_brand=Gl%C3%BCckspost&ns_site=glueckspost.ch&mp_v=*null&cs_fpid=1652253982645_11748699&mp_login=3&cs_it=b2&cv=3.8.0.210223&ns__t=1652253982885&ns_c=UTF-8&c7=https%3A%2F%2Fwww.glueckspost.ch%2F&c8=Gl%C3%BCcksPost%20%E2%80%93%20Die%20Frauenzeitschrift%20f%C3%BCr%20Prominenz%20und%20Unterhaltung&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=28229342&mp_brand=Gl%C3%BCckspost&ns_site=glueckspost.ch&mp_v=*null&cs_fpid=1652253982645_11748699&mp_login=3&cs_it=b2&cv=3.8.0.210223&ns__t=1652253982885&ns_c=UTF-8&c7=https%3A%2F%2Fwww.glueckspost.ch%2F&c8=Gl%C3%BCcksPost%20%E2%80%93%20Die%20Frauenzeitschrift%20f%C3%BCr%20Prominenz%20und%20Unterhaltung&c9= HTTP 302
https://end.scorecardresearch.com/b2?c1=2&c2=28229342&mp_brand=Gl%C3%BCckspost&ns_site=glueckspost.ch&mp_v=*null&cs_fpid=1652253982645_11748699&mp_login=3&cs_it=b2&cv=3.8.0.210223&ns__t=1652253982885&ns_c=UTF-8&c7=https%3A%2F%2Fwww.glueckspost.ch%2F&c8=Gl%C3%BCcksPost%20%E2%80%93%20Die%20Frauenzeitschrift%20f%C3%BCr%20Prominenz%20und%20Unterhaltung&c9=&cs_rdr_ts=1652253982&cs_rdr_uid=149ce6fcfdc4257ff1c82c61652253982

Request Chain 98

https://tr1.admeira.ch/tr1.admeira.ch/v1/pixel.gif?url=https%3A%2F%2Fwww.glueckspost.ch%2F&ref=&tz=0&screen=1600x1200x24&tref=&cmpstatus=notrequired&tcString=undefined&uspstatus=undefined&e=%5B%7B%22type%22%3A%22ids%22%2C%22lu%22%3A%22202205110926228862106261%22%7D%5D HTTP 302
https://tagger.opecloud.com/tr1.admeira.ch/pcs.gif?puid=5971c0b8-a5f8-4c52-951d-ceb55950c9b8&url=https%3A%2F%2Ftr1.admeira.ch%2Ftagger.opecloud.com%2Fpbfs.gif%3Fsource%3Dtr1.admeira.ch%26state%3D2-Z3p7hmvjDmIm2nhWy5p%252FFIluUKHO HTTP 302
https://tagger.opecloud.com/tr1.admeira.ch/pcs.gif?puid=5971c0b8-a5f8-4c52-951d-ceb55950c9b8&url=https%3A%2F%2Ftr1.admeira.ch%2Ftagger.opecloud.com%2Fpbfs.gif%3Fsource%3Dtr1.admeira.ch%26state%3D2-Z3p7hmvjDmIm2nhWy5p%252FFIluUKHO&trackability-redirect=true HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Ftagger.opecloud.com%2Fappnexus%2Fpbfs.gif%3Fsource%3Dtr1.admeira.ch%26state%3D2-%252FAl1%252F6yTmXXgQtx%252FDoleR3q3I2GkmlrlrVpZ3RePqpWbAEAiFwv9Nha0qXQm7ASP%252B4tSld4Ggg3BAedDMkjzoAZwU%252BoeQht3dIsBeHv2aETyjKfSbpcrb3ttz49aKhSNORxgOhoD3m5gm4lDhIc4R3ZuNiyuf9QSSLwM66E0REaA7r5CVmp7%26puid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ftagger.opecloud.com%252Fappnexus%252Fpbfs.gif%253Fsource%253Dtr1.admeira.ch%2526state%253D2-%25252FAl1%25252F6yTmXXgQtx%25252FDoleR3q3I2GkmlrlrVpZ3RePqpWbAEAiFwv9Nha0qXQm7ASP%25252B4tSld4Ggg3BAedDMkjzoAZwU%25252BoeQht3dIsBeHv2aETyjKfSbpcrb3ttz49aKhSNORxgOhoD3m5gm4lDhIc4R3ZuNiyuf9QSSLwM66E0REaA7r5CVmp7%2526puid%253D%2524UID HTTP 302
https://tagger.opecloud.com/appnexus/pbfs.gif?source=tr1.admeira.ch&state=2-%2FAl1%2F6yTmXXgQtx%2FDoleR3q3I2GkmlrlrVpZ3RePqpWbAEAiFwv9Nha0qXQm7ASP%2B4tSld4Ggg3BAedDMkjzoAZwU%2BoeQht3dIsBeHv2aETyjKfSbpcrb3ttz49aKhSNORxgOhoD3m5gm4lDhIc4R3ZuNiyuf9QSSLwM66E0REaA7r5CVmp7&puid=1369594100524499657 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-o4V%2FFMbyXNzuGkMKwX0kU7NKE2%2FsLOD91wxrvi97xMXvH9Wk7wk2zJA5gzACKT%2BkZYlb52XF5chWErvWGBvq91qgPvFN5e9cXHjJ4FW6B%2FdYuk8zFKza2wVl%2Fuvje%2FooA8hg2NLHQoC3fDD3ujaGhJ3x%2B5rYLeaeOgRW0%2FGxrSdXiJPxxZjf&source=tr1.admeira.ch HTTP 302
https://tagger.opecloud.com/dbm/opecs.gif?state=2-o4V%2FFMbyXNzuGkMKwX0kU7NKE2%2FsLOD91wxrvi97xMXvH9Wk7wk2zJA5gzACKT%2BkZYlb52XF5chWErvWGBvq91qgPvFN5e9cXHjJ4FW6B%2FdYuk8zFKza2wVl%2Fuvje%2FooA8hg2NLHQoC3fDD3ujaGhJ3x%2B5rYLeaeOgRW0%2FGxrSdXiJPxxZjf&source=tr1.admeira.ch&google_gid=CAESEOyEQaZTa8j5XJx3vAjCm6c&google_cver=1 HTTP 302
https://tr1.admeira.ch/tagger.opecloud.com/pbfs.gif?source=tr1.admeira.ch&state=2-Z3p7hmvjDmIm2nhWy5p%2FFIluUKHO

Request Chain 151

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

159 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.glueckspost.ch/
Redirect Chain

https://glueckspost.ch/
https://www.glueckspost.ch/

67 KB
12 KB

142ms
28ms

Document
text/html

104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b9efeda8d8c6acf37928ca23f7af178e7ae5c18f80884310453b99cad1db7ea0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=14400
content-encoding: gzip
content-length: 11738
content-type: text/html; charset=UTF-8
date: Wed, 11 May 2022 07:26:22 GMT
expires: Wed, 11 May 2022 09:53:51 GMT
grace: none
last-modified: Wed, 11 May 2022 05:19:42 GMT
referrer-policy
server: nginx
vary: Accept-Encoding
x-cache-backend: c95_web_1
x-cache-cacheable: YES
x-cache-hits: 16
x-cache-host: c95-varnish-1
x-cache-result: HIT
x-varnish: 65118158 65965660

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 70992f9b3e505a01-MXP
date: Wed, 11 May 2022 07:26:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 11 May 2022 08:26:21 GMT
location: https://www.glueckspost.ch/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5m4PIJC5XBHoHWgsOSiYleRQiP1sXQZXW49EVlSbWEeo6o%2F5DKY1Gav30IZIVFTF0brSeceWusRsA0gfExWS7iom7oXL7SIfO2Gxtomc8EKctgSIcZDcu8aIrO9MkKxmfV1iYsW7Phl1RGWa1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 lazyload.min.js Show response
www.glueckspost.ch/wp-content/plugins/w3-total-cache/pub/js/ 6 KB
3 KB 29ms
28ms Script
application/x-javascript 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.glueckspost.ch/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-result: HIT
content-length: 2356
pragma: public
referrer-policy
last-modified: Tue, 11 Jan 2022 13:31:25 GMT
server: nginx
etag: "1883-5d54e78445fd7-gzip"
vary: Accept-Encoding
x-varnish: 39429095 35672386
expires: Thu, 23 Feb 2023 15:05:47 GMT
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: application/x-javascript
x-cache-hits: 1

GET
H2 200 5cc6c.css
www.glueckspost.ch/wp-content/cache/minify/ 261 KB
37 KB 29ms
28ms Stylesheet
text/css 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.glueckspost.ch/wp-content/cache/minify/5cc6c.css
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 287a2e10466ec314a9c08efbf39f564f62ca566bbaa691d03f5e400e2c9b22f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-result: HIT
content-length: 37357
pragma: public
referrer-policy
last-modified: Tue, 22 Feb 2022 10:42:06 GMT
server: nginx
etag: "91ed-5d899000cfb80"
vary: Accept-Encoding
x-varnish: 35672626 4913063
expires: Thu, 23 Feb 2023 10:37:14 GMT
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: text/css
x-cache-hits: 6

GET
H2 200 jquery.min.js Show response
www.glueckspost.ch/wp-includes/js/jquery/ 87 KB
31 KB 48ms
47ms Script
application/x-javascript 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.glueckspost.ch/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-result: MISS
content-length: 30908
pragma: public
referrer-policy
last-modified: Tue, 11 Jan 2022 13:31:26 GMT
server: nginx
etag: "15db1-5d54e784d77f1-gzip"
vary: Accept-Encoding
x-varnish: 37327457
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: application/x-javascript
expires: Thu, 23 Feb 2023 15:08:16 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.glueckspost.ch/wp-includes/js/jquery/ 11 KB
4 KB 53ms
52ms Script
application/x-javascript 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.glueckspost.ch/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-result: MISS
content-length: 4169
pragma: public
referrer-policy
last-modified: Tue, 11 Jan 2022 13:31:26 GMT
server: nginx
etag: "2bd8-5d54e784d6851-gzip"
vary: Accept-Encoding
x-varnish: 35672630
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: application/x-javascript
expires: Thu, 23 Feb 2023 15:08:16 GMT

GET
H2 200 all.min.js Show response
www.glueckspost.ch/wp-content/themes/gluckspost/assets/ 63 KB
19 KB 53ms
53ms Script
application/x-javascript 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.glueckspost.ch/wp-content/themes/gluckspost/assets/all.min.js?ver=1.0.1
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c7a4989a61f45bf9b36402fe1e3b8ef97a7e2e7f4721548b471464f32e1936ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-result: MISS
content-length: 19392
pragma: public
referrer-policy
last-modified: Tue, 11 Jan 2022 13:31:25 GMT
server: nginx
etag: "fd7a-5d54e784af752-gzip"
vary: Accept-Encoding
x-varnish: 39429090
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: application/x-javascript
expires: Thu, 23 Feb 2023 15:08:16 GMT

GET
H2 200 wp-embed.min.js Show response
www.glueckspost.ch/wp-includes/js/ 1 KB
1 KB 54ms
54ms Script
application/x-javascript 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.glueckspost.ch/wp-includes/js/wp-embed.min.js?ver=f990e06791af061813751fba2f11a3a7
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-result: MISS
content-length: 765
pragma: public
referrer-policy
last-modified: Tue, 11 Jan 2022 13:31:26 GMT
server: nginx
etag: "592-5d54e784e0490-gzip"
vary: Accept-Encoding
x-varnish: 35672633
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: application/x-javascript
expires: Thu, 23 Feb 2023 15:08:16 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.glueckspost.ch/wp-includes/js/ 18 KB
5 KB 23ms
22ms Script
application/x-javascript 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.glueckspost.ch/wp-includes/js/wp-emoji-release.min.js?ver=f990e06791af061813751fba2f11a3a7
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-result: MISS
content-length: 4930
pragma: public
referrer-policy
last-modified: Tue, 11 Jan 2022 13:31:26 GMT
server: nginx
etag: "4705-5d54e784e0490-gzip"
vary: Accept-Encoding
x-varnish: 39429085
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: application/x-javascript
expires: Thu, 23 Feb 2023 15:08:16 GMT

GET
H2 200 loader.min.js Show response
cdn.admeira.ch/prod/tagmanager/ 511 B
837 B 53ms
7ms Script
application/javascript 2600:9000:2251:3800:1c:9a5b:a1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admeira.ch/prod/tagmanager/loader.min.js
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3800:1c:9a5b:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd693f332bb924f13069f07201c40e6e9031b1364ec1ca209f7bca22e18c2d0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 14:55:03 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
last-modified: Fri, 17 May 2019 09:36:23 GMT
server: AmazonS3
age: 59480
etag: "66a5f8e2751721045a5abfc7cf0e12c5"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
content-length: 511
x-amz-cf-id: aNoYW2-1gEwz7-T9CoU4_xMZGlUcEXT3tWyZMX81buKLSlkFPTPGyw==

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/ 38 KB
11 KB 329ms
299ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.js
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9c48ae874096f183fd7cf104056aa3e40edf2f74fa58be8d3fad7463758a0dc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 09:24:46 GMT
server: AkamaiNetStorage
etag: "3f8dff661ab2f1fea14545d514807d42:1647422686.400437"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 11271
expires: Wed, 11 May 2022 07:31:22 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0c6bb0a20d87cd24f4528e4ec8f4ebbbb863e6d9f1c1167b94f158f4ba0bc2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 xfu_0WLxV2_XKTNw6FH3yg7C.woff2
fonts.gstatic.com/s/basic/v9/ 13 KB
14 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/basic/v9/xfu_0WLxV2_XKTNw6FH3yg7C.woff2

Requested by

Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/wp-content/cache/minify/5cc6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

daf6c9f1f0192f365e6840e793c02e2a377bfa4a1202fda1550726081c302114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.glueckspost.ch/
Origin: https://www.glueckspost.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:03:52 GMT
x-content-type-options: nosniff
age: 40950
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13496
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:18:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 10 May 2023 20:03:52 GMT

GET
H2 200 devis-icon.woff
www.glueckspost.ch/wp-content/themes/gluckspost/assets/fonts/ 12 KB
12 KB 24ms
24ms Font
application/font-woff 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.glueckspost.ch/wp-content/themes/gluckspost/assets/fonts/devis-icon.woff?28770725
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/wp-content/cache/minify/5cc6c.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d647e9aa47d9d9f7be11ca33ddfd2252a4b3a907bfc92e437211d0e1c774f69a

Request headers

Referer: https://www.glueckspost.ch/wp-content/cache/minify/5cc6c.css
Origin: https://www.glueckspost.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-result: HIT
content-length: 12086
pragma: public
referrer-policy
last-modified: Tue, 11 Jan 2022 13:31:25 GMT
server: nginx
etag: "2f5c-5d54e784af752-gzip"
vary: Accept-Encoding
x-varnish: 39429097 47183869
expires: Thu, 23 Feb 2023 15:05:58 GMT
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: application/font-woff
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 037e204b336b111a84c08af22399efd6138ed114e9c541d5dc6c6d6cd6cece73

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 889defbe2b581c3a5296f9fe855ce182fb6a37ec34efa323017e4a4a9024708a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2103f98dab7e47abd92c47030caa47d0dd0595ad21446d0f396a1c1df017da7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34e0bb5c5ed1184e6452cf7562faf332af1a26e95e50e035ff0a9f7065e6df9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 sdk.js Show response
connect.facebook.net/de_DE/ 3 KB
2 KB 22ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/sdk.js

Requested by

Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8f273b6550fba96b1b83d36da56203cc4197349e3d4383665710c861de2bfbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: /iUkzRY/MVIqfcLs7aEt4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: 7EWiGrNPr4mP9eXpTGyhjoN+N2+qfFBwWuqy4zgxwIQAnooqNhx0yT3c+k+d2iNJNfQQryc8MC/S1/P/gQsfBg==
x-fb-trip-id: 2050670934
x-fb-content-md5: 9ed80a7962e4c4f4c6d526d3885a6842
x-frame-options: DENY
date: Wed, 11 May 2022 07:26:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b88204c42dde92f1238804f1c81d4b6a"
timing-allow-origin: *
expires: Wed, 11 May 2022 07:30:44 GMT

GET
H2 200 jquery.whatsapp.js Show response
www.glueckspost.ch/wp-content/themes/gluckspost/src/js/ 5 KB
2 KB 22ms
22ms Script
application/x-javascript 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.glueckspost.ch/wp-content/themes/gluckspost/src/js/jquery.whatsapp.js
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/wp-content/themes/gluckspost/assets/all.min.js?ver=1.0.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b7178882763ffff529eda8c2040bcab977aa9a893601ef7e8df884e5099dfdd6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-result: HIT
content-length: 1720
pragma: public
referrer-policy
last-modified: Tue, 11 Jan 2022 13:31:25 GMT
server: nginx
etag: "1207-5d54e784b64b2-gzip"
vary: Accept-Encoding
x-varnish: 39429099 46725925
expires: Thu, 23 Feb 2023 10:51:33 GMT
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: application/x-javascript
x-cache-hits: 4

GET
H3 200 sdk.js Show response
connect.facebook.net/de_DE/ 289 KB
83 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/de_DE/sdk.js?hash=846d196ddeef562a3e24bf25e01b667a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6a9175ad47c8cd3a27c6044c2330bdf3f9cf77e4240ad16869d64dc566253b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.glueckspost.ch/
Origin: https://www.glueckspost.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: O6kyEv8hCdfitk2qYRKHbA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84967
x-fb-rlafr: 0
x-fb-debug: UGfv7+7cIeYDU/ZGXp7WvpJTtu2tXjUb2lrXzDOBBmMpUQJRh7FgArMTAm6VAV8r25TM05B7yyJ8WtivgST5FA==
x-fb-content-md5: 9805a06e13fbb3664ee20fc132f9decc
x-frame-options: DENY
date: Wed, 11 May 2022 07:26:22 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5c837b3f278902f74c3b6f123785d8ca"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 11 May 2023 05:32:13 GMT

GET
H2 200 bx_loader.gif
www.glueckspost.ch/wp-content/themes/gluckspost/assets/images/ 8 KB
9 KB 23ms
22ms Image
image/gif 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/themes/gluckspost/assets/images/bx_loader.gif
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/wp-content/cache/minify/5cc6c.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/wp-content/cache/minify/5cc6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-hits: 1
x-cache-result: HIT
content-length: 8581
pragma: public
referrer-policy
last-modified: Tue, 11 Jan 2022 13:31:25 GMT
server: nginx
etag: "2185-5d54e784b06f2"
vary: Accept-Encoding
x-varnish: 45163081 43383309
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/gif
expires: Thu, 23 Feb 2023 15:05:58 GMT

GET
H2 200 controls.png
www.glueckspost.ch/wp-content/themes/gluckspost/assets/images/ 2 KB
2 KB 23ms
23ms Image
image/png 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/themes/gluckspost/assets/images/controls.png
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/wp-content/cache/minify/5cc6c.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4a4b9570eb17ce8aaafeb01ce9b9260647cfc5927ce05ba96e17c316eb07f326

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/wp-content/cache/minify/5cc6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-result: MISS
content-length: 1735
pragma: public
referrer-policy
last-modified: Tue, 11 Jan 2022 13:31:25 GMT
server: nginx
etag: "6c7-5d54e784b06f2"
vary: Accept-Encoding
x-varnish: 51142976
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/png
expires: Tue, 21 Mar 2023 10:34:14 GMT

GET
H2 200 atm.js Show response
cdn.admeira.ch/prod/tagmanager/glueckspost.ch_de/latest/ 397 KB
109 KB 28ms
27ms Script
application/javascript 2600:9000:2251:3800:1c:9a5b:a1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admeira.ch/prod/tagmanager/glueckspost.ch_de/latest/atm.js
Requested by: Host: cdn.admeira.ch
URL: https://cdn.admeira.ch/prod/tagmanager/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3800:1c:9a5b:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a6a411a65592da3617c651eda193d147e7451ee70229b00495ea97435bf8c14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:23 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 10:40:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
etag: W/"dab9ca1240c59f6823dac8f5542fbc3d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-id: t-71aPKgOGEWLit-X4ErJwwYQZy4IpCzcRj8t6VbujenwQJjuMQjVw==

GET
H2 200 gp_20220505_001.jpg
www.glueckspost.ch/wp-content/uploads/2022/05/ 78 KB
78 KB 26ms
25ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2022/05/gp_20220505_001.jpg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 22a15261b065aea783d2645a73e291a8e199b29ff9f46f543fa54cc35b52af61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-hits: 1
x-cache-result: HIT
content-length: 79851
pragma: public
referrer-policy
last-modified: Wed, 04 May 2022 11:40:59 GMT
server: nginx
etag: "137eb-5de2e195de8c0"
vary: Accept-Encoding
x-varnish: 62668851 62749335
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 04 May 2023 12:05:49 GMT

GET
H2 200 joel_grolimund273m-512x405.jpg
www.glueckspost.ch/wp-content/uploads/2022/05/ 168 KB
169 KB 27ms
26ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2022/05/joel_grolimund273m-512x405.jpg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e0d3fbf202fecdb1482b53e92072be46a7c6fad71d19678d4052d71ccc33bf43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-hits: 2
x-cache-result: HIT
content-length: 172233
pragma: public
referrer-policy
last-modified: Wed, 04 May 2022 14:06:41 GMT
server: nginx
etag: "2a0c9-5de30226e3e40"
vary: Accept-Encoding
x-varnish: 62672500 57551427
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 04 May 2023 14:10:14 GMT

GET
H2 200 Nicole%C2%A9Nikolaj-Georgiewneu-665x405.jpg
www.glueckspost.ch/wp-content/uploads/2022/05/ 102 KB
102 KB 48ms
47ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2022/05/Nicole%C2%A9Nikolaj-Georgiewneu-665x405.jpg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 43e5142dcd0f8c1ca42bc441b8703025957d8dcddba7a03c7b5605287ffc2767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-hits: 1
x-cache-result: HIT
content-length: 104346
pragma: public
referrer-policy
last-modified: Wed, 04 May 2022 13:54:45 GMT
server: nginx
etag: "1979a-5de2ff7c0f340"
vary: Accept-Encoding
x-varnish: 60603139 55372888
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 04 May 2023 13:56:59 GMT

GET
H2 200 GANZSEITIG_LESERANGEBOT_ZENITH_v1-1-580x405.jpg
www.glueckspost.ch/wp-content/uploads/2022/05/ 202 KB
203 KB 52ms
51ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2022/05/GANZSEITIG_LESERANGEBOT_ZENITH_v1-1-580x405.jpg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d05027f474db727261e9270dcdbbb1e324265f38d14f86242b236daadfab50ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-hits: 1
x-cache-result: HIT
content-length: 207320
pragma: public
referrer-policy
last-modified: Wed, 04 May 2022 13:00:26 GMT
server: nginx
etag: "329d8-5de2f35808e80"
vary: Accept-Encoding
x-varnish: 58267547 58267359
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 04 May 2023 13:15:31 GMT

GET
H2 200 Dongo-April-18-Close-up-1-JPG-576x405.jpg
www.glueckspost.ch/wp-content/uploads/2022/05/ 228 KB
229 KB 54ms
53ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2022/05/Dongo-April-18-Close-up-1-JPG-576x405.jpg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e0bcd9920e284bdc158735dfe3edb9866d4730baf0e85198e1b419502f8f55fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-hits: 2
x-cache-result: HIT
content-length: 233658
pragma: public
referrer-policy
last-modified: Wed, 04 May 2022 12:12:22 GMT
server: nginx
etag: "390ba-5de2e899a3580"
vary: Accept-Encoding
x-varnish: 65019741 62667910
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 04 May 2023 12:33:53 GMT

GET
H2 200 2022-17-MarcoNina_WeekaendPaar-665x405.jpg
www.glueckspost.ch/wp-content/uploads/2022/04/ 151 KB
152 KB 54ms
53ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2022/04/2022-17-MarcoNina_WeekaendPaar-665x405.jpg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 07704fd49b7646c1c460acef38d336fa431a9f6943b10974ad702ee32b98d284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-hits: 4
x-cache-result: HIT
content-length: 154703
pragma: public
referrer-policy
last-modified: Wed, 27 Apr 2022 19:50:39 GMT
server: nginx
etag: "25c4f-5dda81fa981c0"
vary: Accept-Encoding
x-varnish: 51558770 61534097
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 27 Apr 2023 19:56:52 GMT

GET
H2 200 2022-17-GES-Daniela-Bodmer_8131-665x405.jpg
www.glueckspost.ch/wp-content/uploads/2022/04/ 193 KB
193 KB 54ms
53ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2022/04/2022-17-GES-Daniela-Bodmer_8131-665x405.jpg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4bc40e77e34fd74766aa2049d5111744ddff12f27f51ef94999a1b1816dbf925

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-result: MISS
content-length: 197367
pragma: public
referrer-policy
last-modified: Wed, 27 Apr 2022 18:58:50 GMT
server: nginx
etag: "302f7-5dda76659ee80"
vary: Accept-Encoding
x-varnish: 63322016
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 27 Apr 2023 19:01:39 GMT

GET
H2 200 2022-1717_Schicksal-verbrannter-Hund-mit-neuer-Familie-665x405.jpg
www.glueckspost.ch/wp-content/uploads/2022/04/ 104 KB
104 KB 55ms
54ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2022/04/2022-1717_Schicksal-verbrannter-Hund-mit-neuer-Familie-665x405.jpg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c490df598b7f06b88e628e7d399f2ba21c4001dfa79ee84017b6b5cb95f4515b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-hits: 4
x-cache-result: HIT
content-length: 106258
pragma: public
referrer-policy
last-modified: Wed, 27 Apr 2022 18:55:45 GMT
server: nginx
etag: "19f12-5dda75b530e40"
vary: Accept-Encoding
x-varnish: 62654454 57883099
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 27 Apr 2023 18:57:19 GMT

GET
H2 200 2022-17-Roland-Eberhart-mit-Freundin-Sandra-DSC06668-4-665x405.jpg
www.glueckspost.ch/wp-content/uploads/2022/04/ 163 KB
164 KB 62ms
62ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2022/04/2022-17-Roland-Eberhart-mit-Freundin-Sandra-DSC06668-4-665x405.jpg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b8c751772cd9c31d9416b89adcb4f93de959dca9a7ec4107521c2a87a64ad7d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-result: MISS
content-length: 166805
pragma: public
referrer-policy
last-modified: Wed, 27 Apr 2022 18:07:53 GMT
server: nginx
etag: "28b95-5dda6b023d040"
vary: Accept-Encoding
x-varnish: 62989392
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 27 Apr 2023 18:09:10 GMT

GET
H2 200 gp_logo.svg
www.glueckspost.ch/wp-content/uploads/2015/06/ 6 KB
2 KB 61ms
60ms Image
image/svg+xml 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2015/06/gp_logo.svg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: da46723f3f208e54c95ea4e7e3b91b46e2b1a0ee018da0f4e9fc04c27efa495c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-result: HIT
content-length: 1813
pragma: public
referrer-policy
last-modified: Tue, 02 Jun 2015 12:05:09 GMT
server: nginx
etag: "199b-51787c0f72740-gzip"
vary: Accept-Encoding
x-varnish: 35672661 35672403
expires: Thu, 23 Feb 2023 15:05:53 GMT
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 1

GET
H2 200 joel_grolimund273m-120x75.jpg
www.glueckspost.ch/wp-content/uploads/2022/05/ 51 KB
51 KB 61ms
60ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2022/05/joel_grolimund273m-120x75.jpg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 548cc3de512d1fc0b1e89c8a9f7da97f0aff6d2f3afd0e8f646b9e048a5d64b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-result: MISS
content-length: 52183
pragma: public
referrer-policy
last-modified: Wed, 04 May 2022 14:06:41 GMT
server: nginx
etag: "cbd7-5de30226e3e40"
vary: Accept-Encoding
x-varnish: 65439588
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 04 May 2023 14:13:53 GMT

GET
H2 200 Nicole%C2%A9Nikolaj-Georgiewneu-120x75.jpg
www.glueckspost.ch/wp-content/uploads/2022/05/ 29 KB
30 KB 63ms
62ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2022/05/Nicole%C2%A9Nikolaj-Georgiewneu-120x75.jpg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b9e715a0e4aeb3cccbf40211fbae1aa95405438d9535502f4f6bad34d6d23770

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-hits: 1
x-cache-result: HIT
content-length: 29819
pragma: public
referrer-policy
last-modified: Wed, 04 May 2022 13:54:45 GMT
server: nginx
etag: "747b-5de2ff7c0f340"
vary: Accept-Encoding
x-varnish: 54214254 54214237
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 04 May 2023 13:59:34 GMT

GET
H2 200 GANZSEITIG_LESERANGEBOT_ZENITH_v1-1-120x75.jpg
www.glueckspost.ch/wp-content/uploads/2022/05/ 75 KB
76 KB 76ms
75ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2022/05/GANZSEITIG_LESERANGEBOT_ZENITH_v1-1-120x75.jpg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6234572fccff71cbba406cf7b393574e187324095b62c4872d0873eaad67c3a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-hits: 1
x-cache-result: HIT
content-length: 77040
pragma: public
referrer-policy
last-modified: Wed, 04 May 2022 13:00:26 GMT
server: nginx
etag: "12cf0-5de2f35808e80"
vary: Accept-Encoding
x-varnish: 60601194 65406775
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 04 May 2023 13:18:29 GMT

GET
H2 200 Dongo-April-18-Close-up-1-JPG-120x75.jpg
www.glueckspost.ch/wp-content/uploads/2022/05/ 49 KB
50 KB 76ms
75ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2022/05/Dongo-April-18-Close-up-1-JPG-120x75.jpg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2160ff61a25a2921d9fc797614d1e2da137aa0b42cbb880dc765b93a85b92571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-hits: 1
x-cache-result: HIT
content-length: 50347
pragma: public
referrer-policy
last-modified: Wed, 04 May 2022 12:12:22 GMT
server: nginx
etag: "c4ab-5de2e899a3580"
vary: Accept-Encoding
x-varnish: 60599955 26574505
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 04 May 2023 12:33:53 GMT

GET
H2 200 joel_grolimund273m-400x245.jpg
www.glueckspost.ch/wp-content/uploads/2022/05/ 105 KB
106 KB 78ms
78ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2022/05/joel_grolimund273m-400x245.jpg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 88b8c7c16dee388c05a50c1546c4e4b8f522aabd40e672586c0d04d805f305df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-hits: 2
x-cache-result: HIT
content-length: 108023
pragma: public
referrer-policy
last-modified: Wed, 04 May 2022 14:06:41 GMT
server: nginx
etag: "1a5f7-5de30226e3e40"
vary: Accept-Encoding
x-varnish: 61370125 65377856
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 04 May 2023 14:08:44 GMT

GET
H2 200 2022-17-GES-Daniela-Bodmer_8131-400x245.jpg
www.glueckspost.ch/wp-content/uploads/2022/04/ 92 KB
93 KB 87ms
87ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2022/04/2022-17-GES-Daniela-Bodmer_8131-400x245.jpg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 88e97a6f3f76c50d5cdd2c8c5126af17ed8e05f8d67a7a11dc19a5134048a020

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-result: MISS
content-length: 94201
pragma: public
referrer-policy
last-modified: Wed, 27 Apr 2022 18:58:50 GMT
server: nginx
etag: "16ff9-5dda76659ee80"
vary: Accept-Encoding
x-varnish: 63322022
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 27 Apr 2023 19:01:40 GMT

GET
H2 200 2021-28-BILD-Fotoservice-00112198-HighRes-400x245.jpg
www.glueckspost.ch/wp-content/uploads/2021/07/ 66 KB
67 KB 91ms
91ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2021/07/2021-28-BILD-Fotoservice-00112198-HighRes-400x245.jpg
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4dd4478f3becd5b2728480eb71e127227c7ed9a294631366a8071cff100a9377

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-hits: 1
x-cache-result: HIT
content-length: 67646
pragma: public
referrer-policy
last-modified: Wed, 14 Jul 2021 17:18:11 GMT
server: nginx
etag: "1083e-5c71889f17ac0"
vary: Accept-Encoding
x-varnish: 59630916 60595120
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 22 Apr 2023 08:48:23 GMT

GET
H2 200 online-raetsel-400x245.png
www.glueckspost.ch/wp-content/uploads/2017/12/ 121 KB
121 KB 101ms
101ms Image
image/png 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2017/12/online-raetsel-400x245.png
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e2bc1c96070df13648deeba59fe09ce84f3514f5746bb61470c8f5472771af63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-hits: 1
x-cache-result: HIT
content-length: 123798
pragma: public
referrer-policy
last-modified: Tue, 19 Dec 2017 09:48:12 GMT
server: nginx
etag: "1e396-560ae5d73cf00"
vary: Accept-Encoding
x-varnish: 37327849 40281079
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/png
expires: Thu, 23 Feb 2023 09:06:00 GMT

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 179ms
10ms Script
application/javascript 108.157.4.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: cdn.admeira.ch
URL: https://cdn.admeira.ch/prod/tagmanager/glueckspost.ch_de/latest/atm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-102.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 04 May 2022 22:51:42 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
Age: 549281
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P2
X-Amz-Cf-Id: Tp1y2eBtDChfl0JNyMDUW3KGSWHRrcueEkc0pM2LlRrxcz3QVv57Wg==

GET
H2 200 dl.boot.min.js Show response
lib.onet.pl/s.csr/build/dlApi/ 10 KB
4 KB 187ms
18ms Script
application/javascript 18.66.2.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Requested by: Host: cdn.admeira.ch
URL: https://cdn.admeira.ch/prod/tagmanager/glueckspost.ch_de/latest/atm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-105.txl50.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 6cfe44c6299d604e34a93e3d46f10ca1630d59180b81648ddc5cc686032f0cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:22:16 GMT
content-encoding: gzip
server: Ring Publishing - Accelerator
age: 246
etag: "dc21adc231f9afff0a68f7ceca6ad17c73dcda8c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 14cdaa93fde5711834987a0c179df5fa.cloudfront.net (CloudFront)
cache-control: max-age=600
x-amz-cf-pop: TXL50-P1
timing-allow-origin: *
content-length: 4080
x-amz-cf-id: KFaZ2FcneycOTwsyMcB7PC5RvgROMzO8g27Gug3N9_woy8-lMAtsJw==

GET
H2 200 now.js Show response
get.contentpass.net/ 65 KB
23 KB 77ms
19ms Script
application/javascript 34.78.251.152
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://get.contentpass.net/now.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.78.251.152 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

152.251.78.34.bc.googleusercontent.com

Software

Resource Hash

82564899aacd97976f8219ccacbefe14422ecaf576e897cb0e747b3ef47c5961

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
etag: W/"10278-doBbXE+wrDGGneR4Som0V1IFHP4"
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: dd8c4e590f7b4d6cd69aa82148d7ec3d
content-type: application/javascript; charset=utf-8

GET
H2 200 utag.2.js Show response
tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/ 32 KB
7 KB 25ms
25ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.2.js?utv=ut4.41.202108170843
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 33b0cbfd7b3d71f2f60c48b1208c0de66846710d1de6b66e23c9bfbfa1fe498d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 08:43:10 GMT
server: AkamaiNetStorage
etag: "0e9656afbe5255ff688762c3f1ede7e9:1629189790.009521"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 7151
expires: Thu, 26 May 2022 07:26:22 GMT

GET
H2 200 utag.3.js Show response
tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/ 7 KB
2 KB 24ms
23ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.3.js?utv=ut4.41.202108170843
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 92d703f0a0645397bd8435535d3ece2864dc28312d9da2b6a97d74db9ba34e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 08:43:08 GMT
server: AkamaiNetStorage
etag: "0b2dead388da0203bbc4711f6828b18f:1629189788.287716"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2281
expires: Thu, 26 May 2022 07:26:22 GMT

GET
H2 200 utag.11.js Show response
tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/ 16 KB
4 KB 24ms
24ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.11.js?utv=ut4.41.202108170843
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bc9dd4d847c6ba5d6c208ded39b607957a71ff16700c11773e23c71e2e18a113

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 08:43:11 GMT
server: AkamaiNetStorage
etag: "0a7f1f93646e37006d01a85b4b1ed415:1629189791.79113"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 4293
expires: Thu, 26 May 2022 07:26:22 GMT

GET
H2 200 utag.7.js Show response
tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/ 5 KB
2 KB 27ms
27ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.7.js?utv=ut4.41.202108170843
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: dd4ac7e658c1a9f8768fa0b6867f6cf704db90986f4955a9e6274217aec64ac8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 08:43:11 GMT
server: AkamaiNetStorage
etag: "a42d92007570a1b4ebf1508a173eeb7d:1629189791.360229"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1875
expires: Thu, 26 May 2022 07:26:22 GMT

GET
H2 200 utag.10.js Show response
tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/ 2 KB
1 KB 28ms
27ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.10.js?utv=ut4.41.202108170843
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d68acc4f35ba393b0d5228152f71d89a0c31abb68b959b00a760c6d706588c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 08:43:08 GMT
server: AkamaiNetStorage
etag: "b223c99bed145de8a3e0647b263f488f:1629189788.709945"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1117
expires: Thu, 26 May 2022 07:26:22 GMT

GET
H2 200 utag.13.js Show response
tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/ 32 KB
10 KB 29ms
29ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.13.js?utv=ut4.41.202108170843
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8682b3a6d9901764f5aecd0853eb5232f8a164aeb3b3d9131b1b9c9111bc8bc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 08:43:09 GMT
server: AkamaiNetStorage
etag: "5e2d7034298f45769fdae250a89297fa:1629189789.109728"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 9510
expires: Thu, 26 May 2022 07:26:22 GMT

GET
H2 200 utag.14.js Show response
tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/ 7 KB
3 KB 28ms
28ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.14.js?utv=ut4.41.202203160924
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1b544aafbe083491968c5f0dbd08d878728401c76d8a2a3637b3f3c2207d9564

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 09:24:46 GMT
server: AkamaiNetStorage
etag: "a8534531b9275af63124fded5b3c6043:1647422686.202234"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2598
expires: Thu, 26 May 2022 07:26:22 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 94ms
45ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14865
x-xss-protection: 0
server: cafe
etag: 2710672821686371805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 May 2022 07:26:22 GMT

GET
H/1.1 200
OK rc Show response
ri.nuggad.net/ 0
0 138ms
27ms Script
text/html 185.53.178.51
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ri.nuggad.net/rc?nuggrid=https%3A%2F%2Fwww.glueckspost.ch%2F&nuggn=1442414040&nuggsid=289572040
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.53.178.51 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4033
date: Wed, 11 May 2022 06:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 11 May 2022 08:19:09 GMT

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 48ms
6ms Script
application/javascript 52.222.250.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.10.js?utv=ut4.41.202108170843
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-70.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 11 May 2022 02:39:47 GMT
Via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
Age: 17195
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
X-Amz-Cf-Id: zOvBOrgu32TPnu_nDtlByT8ilxzDJmesqgRg1B5i64p6qf5oaz6Atw==
Expires: Thu, 12 May 2022 02:39:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 35ms
15ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-998902956

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bffdb4ef0be4ecbbd410b7d92301abe4382a34b462e27257796154cc00e82868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42490
x-xss-protection: 0
last-modified: Wed, 11 May 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 11 May 2022 07:26:22 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/28229342/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

10ms
10ms

Script
application/javascript

13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:00:53 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 1530
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: q8iEP4KLrM2atr9FhvrZGNG95R58vFHGr6-s6sF1bjhq_JfvjNubdw==

Redirect headers

location: /internal-cs/default/beacon.js
date: Wed, 11 May 2022 07:26:22 GMT
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: cjG3FBZqM9vyIqGVyICUnvQ2EvELV5LYs6dFh8IqBkP5wo0-MhObBg==
x-cache: Miss from cloudfront

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 15ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39bdc6630aad3e4c15fd07b777701feb77835acee49601873769082ebc5214b3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: zUZvsc3yNgifa1L6AoP95UFvXel+67a98lZ5Tf5R6JHSiEP/GbNShWuaD70Zbhxu0Ys2WEr7XH0C5q4D/sC+AQ==
x-frame-options: DENY
date: Wed, 11 May 2022 07:26:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 8ms
8ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=rasch/glueckspost.ch/202203160924&cb=1652253982648
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/rasch/glueckspost.ch/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Wed, 11 May 2022 07:36:22 GMT

GET
H2 200 YnVpbGQvezlza2x0MTMzfWRsQXBpL2RsLmxpYntOTWFzXzEzM30ubWluLmpz Show response
sgqcvfjvr.onet.pl/ 286 KB
90 KB 64ms
15ms Script
application/javascript 13.226.132.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0MTMzfWRsQXBpL2RsLmxpYntOTWFzXzEzM30ubWluLmpz
Requested by: Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-36.dus51.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 1c7c6e50d8d06572f628f57b7f96441ff3f76f44d177619064d5e6e0edb97e48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:22:18 GMT
content-encoding: gzip
age: 244
x-cache: Hit from cloudfront
content-length: 91135
last-modified: Wed, 04 May 2022 11:41:55 GMT
server: Ring Publishing - Accelerator
etag: "405fe3f3d937e1c2337b189b1995ca68a5248942ef40ef0bd79bc6f674ac8f8a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: SGZKbTD_6FO-smAq5nWJnVGrlvbCQuGz28lMwllK258OOANkNQXkog==

GET
H2 200 dl.aureus.min.js Show response
sgqcvfjvr.onet.pl/build/dlApi/ 2 KB
1 KB 79ms
31ms Script
application/javascript 13.226.132.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sgqcvfjvr.onet.pl/build/dlApi/dl.aureus.min.js?4&077ac16f633bc13fc61ba37e0e5dadf0
Requested by: Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-36.dus51.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: aaae4aa9532a0d29d75f501420392cf81e7e0277e6ba096053eadadcb28ba53e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:24:28 GMT
content-encoding: gzip
age: 114
x-cache: Hit from cloudfront
content-length: 950
last-modified: Wed, 04 May 2022 11:41:50 GMT
server: Ring Publishing - Accelerator
etag: "077ac16f633bc13fc61ba37e0e5dadf0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: sLIVuEQFp4NqAnuwElFK7XXJB9n68FR5kalBeI9v9HqW34z6RNqKDw==

GET
H2 200 dl.clickmap.min.js Show response
sgqcvfjvr.onet.pl/build/dlApi/ 4 KB
2 KB 80ms
31ms Script
application/javascript 13.226.132.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sgqcvfjvr.onet.pl/build/dlApi/dl.clickmap.min.js?4&0857520b1c2826048e6c581eff465aa4
Requested by: Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-36.dus51.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 7deaaf085e8703195ce7b0ab018d833323013caaf9617142dad8b197ee52f6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:24:29 GMT
content-encoding: gzip
age: 113
x-cache: Hit from cloudfront
content-length: 1611
last-modified: Wed, 04 May 2022 11:41:50 GMT
server: Ring Publishing - Accelerator
etag: "0857520b1c2826048e6c581eff465aa4"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: FUE_Hl6Zx1luv1m1kr_j8f4s_cYdDX5ouTiSrvCumfUVJkgTYVNQlA==

GET
H2 200 dl.cmp.min.js Show response
sgqcvfjvr.onet.pl/build/dlApi/ 88 KB
24 KB 69ms
37ms Script
application/javascript 13.226.132.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sgqcvfjvr.onet.pl/build/dlApi/dl.cmp.min.js?4&6b6ec3779e755ba2a818bb44483f18a2
Requested by: Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-36.dus51.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 2f3a137a37582990ecf7f9834f668db862df02846c2046fab9d9c48e99eb1650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:24:28 GMT
content-encoding: gzip
age: 114
x-cache: Hit from cloudfront
content-length: 24088
last-modified: Wed, 04 May 2022 11:41:57 GMT
server: Ring Publishing - Accelerator
etag: "6b6ec3779e755ba2a818bb44483f18a2"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 2NAxlWWzyMXYwVZ9c6COhsn9p-UeQKW8tIUgnuLX-TQy-H4KGuUCAA==

GET
H2 200 artemis.min.js Show response
artemis-cdn.ocdn.eu/0.1.8-173/ 18 KB
7 KB 47ms
6ms Script
application/javascript 18.66.139.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://artemis-cdn.ocdn.eu/0.1.8-173/artemis.min.js?36bd847b9d8c4853a2049ad78874b106
Requested by: Host: lib.onet.pl
URL: https://lib.onet.pl/s.csr/build/dlApi/dl.boot.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-124.fra60.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 2e25c974c85825866d72be3536ae53731b2c4b405ff02f1bc600cf1be06cb63a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:17:22 GMT
content-encoding: gzip
last-modified: Fri, 06 May 2022 11:42:56 GMT
server: Ring Publishing - Accelerator
age: 540
etag: "36bd847b9d8c4853a2049ad78874b106"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
cache-control: max-age=604800, public
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 6620
x-amz-cf-id: 4FBVH8Ec2d-gwPrw3sFKxStUxZ2mP-hwX8FZxrthi4ujYcaMWjydKg==

GET
H3 200 705178287001294 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 55ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/705178287001294?v=2.9.59&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e2847ec2e596f46aff5e26da66f6aab5e8cc2325b941412f91eea030b1a6f2f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: DOC6N9xD6qzNG4U7KZIFbg0Lu2NwzY1iyFkvV5NCwVtQxO3HwTxxby4ArdyXbBFm3i2B/s/n5+Rm1U9+dHUEAg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 11 May 2022 07:26:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1652253982730
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 403 ads.js
aka-cdn-ns.adtech.de/apps/431/Ad18370991St3Sz225Sq111721859V0Id2/ 0
0 198ms
41ms Script
text/html 2606:2800:233:d84b:39e5:dbd4:25cd:99d9
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aka-cdn-ns.adtech.de/apps/431/Ad18370991St3Sz225Sq111721859V0Id2/ads.js?foo=bar&adserver=
Requested by: Host: get.contentpass.net
URL: https://get.contentpass.net/now.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:d84b:39e5:dbd4:25cd:99d9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C5A) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
nel: {"report_to": "default", "max_age": 86400, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
server: ECAcc (mil/6C5A)
content-length: 345
report-to: {"group": "default", "max_age":86400, "endpoints":[{"url":"https://report.edgecast.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
content-type: text/html

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 43ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1258881101&t=pageview&_s=1&dl=https%3A%2F%2Fwww.glueckspost.ch%2F&ul=en-us&de=UTF-8&dt=Gl%C3%BCcksPost%20%E2%80%93%20Die%20Frauenzeitschrift%20f%C3%BCr%20Prominenz%20und%20Unterhaltung&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1861671164&gjid=488542578&cid=915999267.1652253983&tid=UA-8821853-1&_gid=1530458789.1652253983&_r=1&_slc=1&z=1204521900

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.glueckspost.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.glueckspost.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/glueckspost.ch/ 66 KB
23 KB 44ms
7ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/glueckspost.ch/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 842c6ac20d5a28e1268292d3b5b3db31d7e4cb5ff295106222dd304682c398ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: public
date: Wed, 11 May 2022 04:21:13 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 13:57:18 GMT
server: nginx
age: 11109
etag: W/"616ecebe-1070a"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 9XgSDNyG2vdxfDBbGZcNKLmk6ZeyuzBaIyXQS4BDXJmOpfbmEJTJnA==
expires: Thu, 12 May 2022 04:21:13 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/966699198/ 2 KB
2 KB 53ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966699198/?random=1652253982790&cv=9&fst=1652253982790&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.glueckspost.ch%2F&tiba=Gl%C3%BCcksPost%20%E2%80%93%20Die%20Frauenzeitschrift%20f%C3%BCr%20Prominenz%20und%20Unterhaltung&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

926cdfd2e2bade7f34bde4e61afd8e93944b694c7bc39ce3ac98fbaeb346257c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1047
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

me Show response
events.ocdn.eu/v2/EA-5469564/
Redirect Chain

https://events.ocdn.eu/v2/EA-5469564/me?_ac=events
https://events.ocdn.eu/v2/EA-5469564/me?_ac=events&_ca=1&uuid=202205110926228862106261

127 B
593 B

9ms
9ms

XHR
application/json

3.33.138.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ocdn.eu/v2/EA-5469564/me?_ac=events&_ca=1&uuid=202205110926228862106261
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Server: 3.33.138.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: 49817e4444cba8767315cc08d94c2e78a6e839ce2297a5ca14177dd75d4151fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
server: Ring Publishing - Accelerator
vary: Origin
access-control-allow-methods: GET, OPTIONS, POST
p3p: CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin: https://www.glueckspost.ch
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, Content-Type, DNT, Connection, User-Agent, Accept-Language, Accept-Encoding, Cache-Control, Host, Accept
content-length: 127

Redirect headers

date: Wed, 11 May 2022 07:26:22 GMT
server: Ring Publishing - Accelerator
access-control-allow-origin: https://www.glueckspost.ch
vary: Origin
access-control-allow-methods: GET, OPTIONS, POST
p3p: CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
location: /v2/EA-5469564/me?_ac=events&_ca=1&uuid=202205110926228862106261
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, DNT, Connection, User-Agent, Accept-Language, Accept-Encoding, Cache-Control, Host, Accept

GET tags
csr.onet.pl/5469564/ 0
0

GET
H2 200 me Show response
csr.onet.pl/5469564/ 237 B
818 B 46ms
23ms XHR
application/json 108.138.7.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://csr.onet.pl/5469564/me?domain=www.glueckspost.ch&ver=1
Requested by: Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0MTMzfWRsQXBpL2RsLmxpYntOTWFzXzEzM30ubWluLmpz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-14.fra56.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: ed16ba741d4101ad243e7694f907b72be75b1493a4bc920cc54c0d5060c74e2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
p3p: CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
content-length: 237
server: Ring Publishing - Accelerator
etag: "aa040b7180e755d490bb719f56ed99072f6ec7d6"
access-control-allow-methods: POST,GET
content-type: application/json
access-control-allow-origin: https://www.glueckspost.ch
cache-control: private, max-age=1800
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: WpD0Oo0xBUqF374U6RcHu4K2ZP8bE0pUmGSQvZVFI9BpfEjeCYAnBg==

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/static/0.41.0/ 89 KB
31 KB 77ms
16ms Script
application/javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/static/0.41.0/ast.js
Requested by: Host: cdn.admeira.ch
URL: https://cdn.admeira.ch/prod/tagmanager/glueckspost.ch_de/latest/atm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 20de6d868da34f858f29c591051e6a090968af31da2519ea6ea28183e41430a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 11 May 2022 07:26:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Sep 2021 17:11:39 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"61534ccb-16237"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 31390
Expires: Thu, 11 May 2023 07:26:22 GMT

GET
H2 200 me Show response
csr.onet.pl/1746213/ 255 B
836 B 36ms
22ms XHR
application/json 108.138.7.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://csr.onet.pl/1746213/me?domain=www.glueckspost.ch&ver=1
Requested by: Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0MTMzfWRsQXBpL2RsLmxpYntOTWFzXzEzM30ubWluLmpz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-14.fra56.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 9431778a303d719fb2b8fa5f66c7986a8169b4ee258ce47d712626235cdaed24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
p3p: CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
content-length: 255
server: Ring Publishing - Accelerator
etag: "bf684ade9050b9a4fb431470551f6847c1905836"
access-control-allow-methods: POST,GET
content-type: application/json
access-control-allow-origin: https://www.glueckspost.ch
cache-control: private, max-age=1800
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: D_D6X_fG75usXYhgg80nouip4r8ySjMnIZJUqzPMbxXYK5bl2-pu4w==

GET
H2 200 tags Show response
csr.onet.pl/5469564/ 11 B
590 B 374ms
360ms XHR
application/json 108.138.7.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://csr.onet.pl/5469564/tags?domain=www.glueckspost.ch&site=Glueckspostch_DE&v=1
Requested by: Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0MTMzfWRsQXBpL2RsLmxpYntOTWFzXzEzM30ubWluLmpz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-14.fra56.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: 72115774e068a807b1bc1aaa7f2df4d92038535bf0ff021c0a0cf5c3d9e6642a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:23 GMT
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
p3p: CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
content-length: 11
server: Ring Publishing - Accelerator
etag: "9d172f461dfde5816bf6231e53c44d0adf686a90"
access-control-allow-methods: POST,GET
content-type: application/json
access-control-allow-origin: https://www.glueckspost.ch
cache-control: public, max-age=1800
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: nseF2SXta6ryM4OjPlb3-hc9WgmXAyhqTo5WVN5C_B07FqFWYVl8lw==

POST
H2 200 csr.json Show response
csr.onet.pl/_s/csr-006/ 730 B
1 KB 550ms
550ms XHR
application/json 108.138.7.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://csr.onet.pl/_s/csr-006/csr.json?nid=5469564&site=Glueckspostch_DE&area=Desktop_Home&cre_format=html&systems=das&kvprver=1.0&ems_url=1&bid_rate=1&dr=https%3A%2F%2Fwww.glueckspost.ch%2F&kwrd=&kvIV=202205110726228401478668&kvseg_rand=73&kvIP=202205110726228401478668&kvcwidth=1600&kvismobile=0&kvistv=0&kvflash=0&kvhtml5c=1&kvref=glueckspost&kvismvp=0&slot0=slot&id0=2c92ee31c5c876&iusizes0=300x250&slot1=slot&id1=398d7b86192da1&iusizes1=160x600&slot2=slot&id2=4b4fb845f983bb&iusizes2=994x250,970x250,728x90&gdpr_applies=undefined&euconsent=
Requested by: Host: cdn.admeira.ch
URL: https://cdn.admeira.ch/prod/tagmanager/glueckspost.ch_de/latest/atm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-14.fra56.r.cloudfront.net
Software: Ring Publishing - Accelerator /
Resource Hash: eb7a1186dff1b2af7972871f16ea72dbfcd333a18411756987e7caf417418bc5

Request headers

Referer: https://www.glueckspost.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 11 May 2022 07:26:23 GMT
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
p3p: CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
content-length: 730
server: Ring Publishing - Accelerator
etag: "730-2de191c25ccb957b"
access-control-allow-methods: POST,GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.glueckspost.ch
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: 9wb9bVa0XQo5HqzVuDbgMroTDwqDXny5u0doLnwP5SirkpZWOTxUjA==

GET
H2 200 profile Show response
profiles.tr1.admeira.ch/api/v1/admeira/ 58 B
261 B 72ms
8ms XHR
application/json 18.196.120.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://profiles.tr1.admeira.ch/api/v1/admeira/profile?url=https%3A%2F%2Fwww.glueckspost.ch%2F
Requested by: Host: cdn.admeira.ch
URL: https://cdn.admeira.ch/prod/tagmanager/glueckspost.ch_de/latest/atm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.120.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-120-117.eu-central-1.compute.amazonaws.com
Software: akka-http/10.2.4 /
Resource Hash: 8c315c508383248e3038750c8795a1660fdbcfe6078f7b24cd56746df52a41c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: https://www.glueckspost.ch
date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: akka-http/10.2.4
cache-control: no-cache
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 21ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=705178287001294&ev=PageView&dl=https%3A%2F%2Fwww.glueckspost.ch%2F&rl=&if=false&ts=1652253982865&sw=1600&sh=1200&v=2.9.59&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1652253982864.1230430083&it=1652253982677&coo=false&tm=1&exp=p1&rqm=GET

Requested by

Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 11 May 2022 07:26:22 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8821853-1&cid=915999267.1652253983&jid=1861671164&gjid=488542578&_gid=1530458789.1652253983&_u=YEBAAAAAAAAAAC~&z=612285871

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.glueckspost.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 11 May 2022 07:26:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.glueckspost.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b2
end.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=28229342&mp_brand=Gl%C3%BCckspost&ns_site=glueckspost.ch&mp_v=*null&cs_fpid=1652253982645_11748699&mp_login=3&cs_it=b2&cv=3.8.0.210223&ns__t=1652253982885...
https://sb.scorecardresearch.com/b2?c1=2&c2=28229342&mp_brand=Gl%C3%BCckspost&ns_site=glueckspost.ch&mp_v=*null&cs_fpid=1652253982645_11748699&mp_login=3&cs_it=b2&cv=3.8.0.210223&ns__t=165225398288...
https://end.scorecardresearch.com/b2?c1=2&c2=28229342&mp_brand=Gl%C3%BCckspost&ns_site=glueckspost.ch&mp_v=*null&cs_fpid=1652253982645_11748699&mp_login=3&cs_it=b2&cv=3.8.0.210223&ns__t=16522539828...

43 B
303 B

36ms
7ms

Image
image/gif

35.158.169.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://end.scorecardresearch.com/b2?c1=2&c2=28229342&mp_brand=Gl%C3%BCckspost&ns_site=glueckspost.ch&mp_v=*null&cs_fpid=1652253982645_11748699&mp_login=3&cs_it=b2&cv=3.8.0.210223&ns__t=1652253982885&ns_c=UTF-8&c7=https%3A%2F%2Fwww.glueckspost.ch%2F&c8=Gl%C3%BCcksPost%20%E2%80%93%20Die%20Frauenzeitschrift%20f%C3%BCr%20Prominenz%20und%20Unterhaltung&c9=&cs_rdr_ts=1652253982&cs_rdr_uid=149ce6fcfdc4257ff1c82c61652253982

Requested by

Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/

Protocol

Server

35.158.169.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-169-169.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Jul 2018 07:27:02 GMT
server: nginx
etag: "5b518ec6-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
x-permitted-cross-domain-policies: master-only
accept-ranges: bytes
content-length: 43
x-xss-protection: 1; mode=block

Redirect headers

location: https://end.scorecardresearch.com/b2?c1=2&c2=28229342&mp_brand=Gl%C3%BCckspost&ns_site=glueckspost.ch&mp_v=*null&cs_fpid=1652253982645_11748699&mp_login=3&cs_it=b2&cv=3.8.0.210223&ns__t=1652253982885&ns_c=UTF-8&c7=https%3A%2F%2Fwww.glueckspost.ch%2F&c8=Gl%C3%BCcksPost%20%E2%80%93%20Die%20Frauenzeitschrift%20f%C3%BCr%20Prominenz%20und%20Unterhaltung&c9=&cs_rdr_ts=1652253982&cs_rdr_uid=149ce6fcfdc4257ff1c82c61652253982
date: Wed, 11 May 2022 07:26:22 GMT
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: 7p6kwMKhDcgqXJu7xjXFtPeyaveRN3IoA75JBXkQQG86A4FH0Om1mw==
x-cache: Miss from cloudfront

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/998902956/ 2 KB
1 KB 39ms
25ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/998902956/?random=1652253982888&cv=9&fst=1652253982888&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.glueckspost.ch%2F&tiba=Gl%C3%BCcksPost%20%E2%80%93%20Die%20Frauenzeitschrift%20f%C3%BCr%20Prominenz%20und%20Unterhaltung&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5661569bbf7c57b515e953809f29a5f5553c4816d8f9e3405885aabda55de5ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 398ms
98ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1652253982901&plid=69323918&idsite=glueckspost.ch&url=https%3A%2F%2Fwww.glueckspost.ch%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.glueckspost.ch%2F&sref=&sts=1652253982897&slts=0&title=Gl%C3%BCcksPost+%E2%80%93+Die+Frauenzeitschrift+f%C3%BCr+Prominenz+und+Unterhaltung&date=Wed+May+11+2022+07%3A26%3A22+GMT%2B0000+(GMT)&action=pageview&pvid=88290239&u=pid%3D3e8e8fb36e67a5781de3f12b68e0e465
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 11 May 2022 07:26:23 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 11-May-2022 07:26:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyMjA1MTEwOTI2MjI4ODYyMTA2MjYxIiwiZ2xvYmFsIjoiMjAyMjA1MTEwOTI2MjI4ODYyMTA2MjYxIn0sInNzbyI6e30sImV4dGVybmFsIjp7ImlkcyI6e319fSwiY29udGV4dCI6eyJ1cmwiOiJodHRwcyUzQS8vd... Show response
events.ocdn.eu/v2/EA-5469564/user/ 130 B
576 B 24ms
23ms Fetch
application/json 3.33.138.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ocdn.eu/v2/EA-5469564/user/eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyMjA1MTEwOTI2MjI4ODYyMTA2MjYxIiwiZ2xvYmFsIjoiMjAyMjA1MTEwOTI2MjI4ODYyMTA2MjYxIn0sInNzbyI6e30sImV4dGVybmFsIjp7ImlkcyI6e319fSwiY29udGV4dCI6eyJ1cmwiOiJodHRwcyUzQS8vd3d3LmdsdWVja3Nwb3N0LmNoLyJ9LCJzdGF0ZSI6eyJzY3JlZW4iOnsic2l6ZSI6IjE2MDB4MTIwMHgyNCJ9LCJ3aW5kb3ciOnsic2l6ZSI6IjE2MDB4MTIwMCJ9fSwidmVyc2lvbiI6IjAuMS44In0=
Requested by: Host: artemis-cdn.ocdn.eu
URL: https://artemis-cdn.ocdn.eu/0.1.8-173/artemis.min.js?36bd847b9d8c4853a2049ad78874b106
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.33.138.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: c3378f37bf6251a5b995c691e910b9cebe911d4c6dc84800608e076bebe22ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ats-alt: dyn
date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
server: Ring Publishing - Accelerator
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.glueckspost.ch
cache-control: no-cache
access-control-allow-credentials: true
x-ats-elapsed: 0
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Type,DNT,Host,If-Modified-Since,Origin,Range,User-Agent,X-Requested-With

GET
H2 200 tagger.js Show response
tr1.admeira.ch/tr1.admeira.ch/v1/ 965 B
841 B 47ms
10ms Script
text/javascript 52.58.169.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tr1.admeira.ch/tr1.admeira.ch/v1/tagger.js
Requested by: Host: cdn.admeira.ch
URL: https://cdn.admeira.ch/prod/tagmanager/glueckspost.ch_de/latest/atm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.169.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-169-45.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 285f72d78978baa0db3f509347c43603edb5deb514d40207ea486649f71f3cb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
cache-control: private, max-age=3600
p3p: CP="ADMa OUR IND DSP NON COR"
content-length: 498
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyMjA1MTEwOTI2MjI4ODYyMTA2MjYxIiwiZ2xvYmFsIjoiMjAyMjA1MTEwOTI2MjI4ODYyMTA2MjYxIn0sInNzbyI6e30sImV4dGVybmFsIjp7ImlkcyI6e319fSwiY29udGV4dCI6eyJ1cmwiOiJodHRwcyUzQS8vd... Show response
events.ocdn.eu/v2/EA-5469564/user/ 130 B
575 B 13ms
13ms Fetch
application/json 3.33.138.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ocdn.eu/v2/EA-5469564/user/eyJ1c2VyIjp7ImlkIjp7ImxvY2FsIjoiMjAyMjA1MTEwOTI2MjI4ODYyMTA2MjYxIiwiZ2xvYmFsIjoiMjAyMjA1MTEwOTI2MjI4ODYyMTA2MjYxIn0sInNzbyI6e30sImV4dGVybmFsIjp7ImlkcyI6e319fSwiY29udGV4dCI6eyJ1cmwiOiJodHRwcyUzQS8vd3d3LmdsdWVja3Nwb3N0LmNoLyJ9LCJzdGF0ZSI6eyJzY3JlZW4iOnsic2l6ZSI6IjE2MDB4MTIwMHgyNCJ9LCJ3aW5kb3ciOnsic2l6ZSI6IjE2MDB4MTIwMCJ9fSwidmVyc2lvbiI6IjAuMS44In0=
Requested by: Host: artemis-cdn.ocdn.eu
URL: https://artemis-cdn.ocdn.eu/0.1.8-173/artemis.min.js?36bd847b9d8c4853a2049ad78874b106
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.33.138.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: 9a0ae98ca672912888b0d28d09a94763d697c65dcccc396de4f4556aed7001fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-ats-alt: dyn
date: Wed, 11 May 2022 07:26:22 GMT
content-encoding: gzip
server: Ring Publishing - Accelerator
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.glueckspost.ch
cache-control: no-cache
access-control-allow-credentials: true
x-ats-elapsed: 0
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Cache-Control,Connection,Content-Type,DNT,Host,If-Modified-Since,Origin,Range,User-Agent,X-Requested-With

GET
H2 200 / Show response
events.ocdn.eu/v2/ 75 B
540 B 12ms
12ms XHR
application/json 3.33.138.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ocdn.eu/v2/?_et=PageView&_ac=kropka-stats&_rt=now&_gu=202205110926228862106261&_lu=202205110926228862106261&_it=82&CL=init-20220504_1341&RI=4d10a627b651e336&C1=1652253982822&IP=202205110726228166565934&CS=1600x1200x24&CW=1600x1200&DU=https%3A%2F%2Fwww.glueckspost.ch%2F&DO=&DV=glueckspostch_de&IV=202205110726228166565934&DA=Glueckspostch_DE%2Fros&NA=&SC=1&DP=0&CD=visible&DR=&RDLC=e30%3D&RT=PageView&IZ=0&IL=0&TID=EA-5469564
Requested by: Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0MTMzfWRsQXBpL2RsLmxpYntOTWFzXzEzM30ubWluLmpz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.33.138.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: 7de69cbfeaa5d87188931bb942786f32c1029b6fdb9c6b05859949f4a475948d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
server: Ring Publishing - Accelerator
vary: Origin
access-control-allow-methods: GET, OPTIONS, POST
p3p: CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin: https://www.glueckspost.ch
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, Content-Type, DNT, Connection, User-Agent, Accept-Language, Accept-Encoding, Cache-Control, Host, Accept
content-length: 75

GET
H2 200 / Show response
events.ocdn.eu/v2/ 75 B
540 B 11ms
11ms XHR
application/json 3.33.138.253
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.ocdn.eu/v2/?_et=PageView&_ac=kropka-stats&_rt=now&_gu=202205110926228862106261&_lu=202205110926228862106261&_it=82&CL=init-20220504_1341&RI=3db20627b651e348&C1=1652253982840&IP=202205110726228401478668&CS=1600x1200x24&CW=1600x1200&DU=https%3A%2F%2Fwww.glueckspost.ch%2F&DO=&DV=glueckspostch_de%2Fdesktop_home&IV=202205110726228401478668&DA=Glueckspostch_DE%2FDesktop_Home&NA=&SC=1&DP=-1&CD=visible&DR=https%3A%2F%2Fwww.glueckspost.ch%2F&RDLC=e30%3D&RT=PageView&IZ=0&IL=0&TID=EA-5469564
Requested by: Host: sgqcvfjvr.onet.pl
URL: https://sgqcvfjvr.onet.pl/YnVpbGQvezlza2x0MTMzfWRsQXBpL2RsLmxpYntOTWFzXzEzM30ubWluLmpz
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.33.138.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: 7de69cbfeaa5d87188931bb942786f32c1029b6fdb9c6b05859949f4a475948d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
server: Ring Publishing - Accelerator
vary: Origin
access-control-allow-methods: GET, OPTIONS, POST
p3p: CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin: https://www.glueckspost.ch
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Origin, Content-Type, DNT, Connection, User-Agent, Accept-Language, Accept-Encoding, Cache-Control, Host, Accept
content-length: 75

GET
H2 204 /
events.ocdn.eu/v2/ 0
401 B 11ms
11ms Image
text/plain 3.33.138.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ocdn.eu/v2/?_et=PerfEvent&_ac=kropka-monitoring&_rt=empty&_gu=202205110926228862106261&_lu=202205110926228862106261&_it=82&RT=PerfEvent&CD=visible&TR=254&TH=263&TI=445&TC=-1&TE=-1&TN=0&TD=46&TADP=1&TE1=14&DA=Glueckspostch_DE%2Fros&TVER=20220504_1341&TIFR=0&DR=&TCT=undefined&NID=5469564&TFLASH=2&TFINI=sgqcvfjvr.onet.pl&NA=&TCVCLS=0&TCVFID=null&TCVFCP=null&TCVLCP=null&RI=2ed69627b651e345&IP=202205110726228166565934&CS=1600x1200x24&CW=1600x1200&DU=https%3A%2F%2Fwww.glueckspost.ch%2F&DV=glueckspostch_de&IV=202205110726228166565934&IZ=0&IL=0&TID=EA-5469564&_ts=1652253982910
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.33.138.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ae6bee98fe393bd2a.awsglobalaccelerator.com
Software: Ring Publishing - Accelerator /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:22 GMT
server: Ring Publishing - Accelerator
vary: Origin
access-control-allow-methods: GET, OPTIONS, POST
p3p: CP="ALL DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, DNT, Connection, User-Agent, Accept-Language, Accept-Encoding, Cache-Control, Host, Accept

GET
H2 200 /
www.google.com/pagead/1p-user-list/966699198/ 42 B
548 B 42ms
20ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/966699198/?random=1652253982790&cv=9&fst=1652252400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.glueckspost.ch%2F&tiba=Gl%C3%BCcksPost%20%E2%80%93%20Die%20Frauenzeitschrift%20f%C3%BCr%20Prominenz%20und%20Unterhaltung&async=1&fmt=3&is_vtc=1&random=3782120070&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/966699198/ 42 B
548 B 42ms
20ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/966699198/?random=1652253982790&cv=9&fst=1652252400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.glueckspost.ch%2F&tiba=Gl%C3%BCcksPost%20%E2%80%93%20Die%20Frauenzeitschrift%20f%C3%BCr%20Prominenz%20und%20Unterhaltung&async=1&fmt=3&is_vtc=1&random=3782120070&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 503 B
739 B 110ms
38ms XHR
application/json 52.212.32.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=930932&slot=%7Bid:apn-ad-slot-mr1,ss:%5B300.250,1.1,1.2,1.1%5D,p:-,t:display%7D&slot=%7Bid:apn-ad-slot-hpa1,ss:%5B160.600,120.600,1.1,1.2,1.1%5D,p:-,t:display%7D&slot=%7Bid:apn-ad-slot-wb1,ss:%5B994.250,970.250,800.250,994.118,728.90,1.1,1.2,1.1%5D,p:-,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=47e8d7c1-79a2-9c65-a422-3b72672fcb27&url=https%253A%252F%252Fwww.glueckspost.ch%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.32.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-32-175.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 80eab569322e4ade12a30f0bfe04780dc547167887f14260d68eaec6893f9d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:23 GMT
x-server-name: app09.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.glueckspost.ch
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 20ms
19ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8821853-1&cid=915999267.1652253983&jid=1861671164&_u=YEBAAAAAAAAAAC~&z=1474103517

Requested by

Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8821853-1&cid=915999267.1652253983&jid=1861671164&_u=YEBAAAAAAAAAAC~&z=1474103517

Requested by

Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/998902956/ 42 B
108 B 19ms
19ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/998902956/?random=1652253982888&cv=9&fst=1652252400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.glueckspost.ch%2F&tiba=Gl%C3%BCcksPost%20%E2%80%93%20Die%20Frauenzeitschrift%20f%C3%BCr%20Prominenz%20und%20Unterhaltung&async=1&fmt=3&is_vtc=1&random=3366015524&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/998902956/ 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/998902956/?random=1652253982888&cv=9&fst=1652252400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa590&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.glueckspost.ch%2F&tiba=Gl%C3%BCcksPost%20%E2%80%93%20Die%20Frauenzeitschrift%20f%C3%BCr%20Prominenz%20und%20Unterhaltung&async=1&fmt=3&is_vtc=1&random=3366015524&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 stats
api.contentpass.net/ 35 B
292 B 88ms
26ms Image
image/gif 34.78.251.152
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.contentpass.net/stats?cpab=enabled&cpabd=0&cpabid=c1ad8791-2794-4692-880f-c280a84c4173&cpabpm=0&cpabst=0&cpfd=1&cpfm=1&cppid=744fb595&ea=cpda

Requested by

Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.78.251.152 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

152.251.78.34.bc.googleusercontent.com

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:23 GMT
x-content-type-options: nosniff
etag: W/"23-D06SndW7JWT3q5x2M44E4pKkKs4"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-length: 35
x-request-id: 327f70fe68fd32e0142c3d3c24f192f0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1258881101&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.glueckspost.ch%2F&ul=en-us&de=UTF-8&dt=Gl%C3%BCcksPost%20%E2%80%93%20Die%20Frauenzeitschrift%20f%C3%BCr%20Prominenz%20und%20Unterhaltung&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=contentpass&ea=detect-adblock&el=enabled&_u=aEBAAAABAAAAAC~&jid=&gjid=&cid=915999267.1652253983&tid=UA-8821853-1&_gid=1530458789.1652253983&z=2099891087

Requested by

Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 18:48:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45454
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pbfs.gif
tr1.admeira.ch/tagger.opecloud.com/
Redirect Chain

https://tr1.admeira.ch/tr1.admeira.ch/v1/pixel.gif?url=https%3A%2F%2Fwww.glueckspost.ch%2F&ref=&tz=0&screen=1600x1200x24&tref=&cmpstatus=notrequired&tcString=undefined&uspstatus=undefined&e=%5B%7B%...
https://tagger.opecloud.com/tr1.admeira.ch/pcs.gif?puid=5971c0b8-a5f8-4c52-951d-ceb55950c9b8&url=https%3A%2F%2Ftr1.admeira.ch%2Ftagger.opecloud.com%2Fpbfs.gif%3Fsource%3Dtr1.admeira.ch%26state%3D2-...
https://tagger.opecloud.com/tr1.admeira.ch/pcs.gif?puid=5971c0b8-a5f8-4c52-951d-ceb55950c9b8&url=https%3A%2F%2Ftr1.admeira.ch%2Ftagger.opecloud.com%2Fpbfs.gif%3Fsource%3Dtr1.admeira.ch%26state%3D2-...
https://secure.adnxs.com/getuid?https%3A%2F%2Ftagger.opecloud.com%2Fappnexus%2Fpbfs.gif%3Fsource%3Dtr1.admeira.ch%26state%3D2-%252FAl1%252F6yTmXXgQtx%252FDoleR3q3I2GkmlrlrVpZ3RePqpWbAEAiFwv9Nha0qXQ...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ftagger.opecloud.com%252Fappnexus%252Fpbfs.gif%253Fsource%253Dtr1.admeira.ch%2526state%253D2-%25252FAl1%25252F6yTmXXgQtx%25252FDoleR3q...
https://tagger.opecloud.com/appnexus/pbfs.gif?source=tr1.admeira.ch&state=2-%2FAl1%2F6yTmXXgQtx%2FDoleR3q3I2GkmlrlrVpZ3RePqpWbAEAiFwv9Nha0qXQm7ASP%2B4tSld4Ggg3BAedDMkjzoAZwU%2BoeQht3dIsBeHv2aETyjKf...
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-o4V%2FFMbyXNzuGkMKwX0kU7NKE2%2FsLOD91wxrvi97xMXvH9Wk7wk2zJA5gzACKT%2BkZYlb52XF5chWErvWGBvq91qgPvFN5e9cXHjJ4FW6B%2FdYuk8zFK...
https://tagger.opecloud.com/dbm/opecs.gif?state=2-o4V%2FFMbyXNzuGkMKwX0kU7NKE2%2FsLOD91wxrvi97xMXvH9Wk7wk2zJA5gzACKT%2BkZYlb52XF5chWErvWGBvq91qgPvFN5e9cXHjJ4FW6B%2FdYuk8zFKza2wVl%2Fuvje%2FooA8hg2NL...
https://tr1.admeira.ch/tagger.opecloud.com/pbfs.gif?source=tr1.admeira.ch&state=2-Z3p7hmvjDmIm2nhWy5p%2FFIluUKHO

35 B
211 B

9ms
8ms

Image
image/gif

52.58.169.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr1.admeira.ch/tagger.opecloud.com/pbfs.gif?source=tr1.admeira.ch&state=2-Z3p7hmvjDmIm2nhWy5p%2FFIluUKHO
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H2
Server: 52.58.169.45 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-169-45.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:23 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 51
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:23 GMT
content-encoding: gzip
vary: Accept-Encoding
location: https://tr1.admeira.ch/tagger.opecloud.com/pbfs.gif?source=tr1.admeira.ch&state=2-Z3p7hmvjDmIm2nhWy5p%2FFIluUKHO
cache-control: no-cache, no-store, must-revalidate
content-length: 20
expires: 0

GET
H3 200 like.php Show response
www.facebook.com/v2.3/plugins/ Frame 9CEB 35 KB
13 KB 75ms
67ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df55ea72144f1a%26domain%3Dwww.glueckspost.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.glueckspost.ch%252Ff81d2e1e403c6c%26relation%3Dparent.parent&container_width=1004&href=https%3A%2F%2Fwww.facebook.com%2Fglueckspost&layout=button_count&locale=de_DE&sdk=joey&share=false&show_faces=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/de_DE/sdk.js?hash=846d196ddeef562a3e24bf25e01b667a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c49e1ec0831ec82fc1785f307379da10a7244d938149de04c1b586f5824825a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.glueckspost.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Wed, 11 May 2022 07:26:23 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v7.0
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 3WtyrbCOLduUGOyC9t8F9Uq6TolHDik4h09cinoYkc3QDPpyyaLSuWQLMoX0rMLmKaK0qgsrifD2Yvbmp8dJbQ==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 horoskop-400x245.jpg
www.glueckspost.ch/wp-content/uploads/2015/05/ 88 KB
89 KB 28ms
28ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2015/05/horoskop-400x245.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 069c7f1a041945ea68cb7613877798801a5a961684122ce4fb28b3ed4098dfc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:23 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-result: MISS
content-length: 90530
pragma: public
referrer-policy
last-modified: Wed, 17 Jun 2015 16:59:30 GMT
server: nginx
etag: "161a2-518b99d434080"
vary: Accept-Encoding
x-varnish: 55124175
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 22 Apr 2023 16:03:12 GMT

GET
H2 200 GANZSEITIG_LESERANGEBOT_ZENITH_v1-1-400x245.jpg
www.glueckspost.ch/wp-content/uploads/2022/05/ 129 KB
129 KB 29ms
29ms Image
image/jpeg 104.104.52.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.glueckspost.ch/wp-content/uploads/2022/05/GANZSEITIG_LESERANGEBOT_ZENITH_v1-1-400x245.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.104.52.75 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-104-52-75.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 37c4573b84b959c29686cd07259d1b955b2a07a9de788df1af4c295dd28971dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:23 GMT
grace: none
x-cache-host: c95-varnish-1
x-cache-backend: c95_web_1
x-cache-hits: 1
x-cache-result: HIT
content-length: 131628
pragma: public
referrer-policy
last-modified: Wed, 04 May 2022 13:00:26 GMT
server: nginx
etag: "2022c-5de2f35808e80"
vary: Accept-Encoding
x-varnish: 61367884 54211696
cache-control: max-age=31536000, public
x-cache-cacheable: YES
accept-ranges: bytes
content-type: image/jpeg
expires: Thu, 04 May 2023 13:15:31 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame BF5C 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.glueckspost.ch
Referer: https://www.glueckspost.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.glueckspost.ch
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 11 May 2022 07:26:23 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 40 KB
12 KB 218ms
189ms XHR
application/json 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/static/0.41.0/ast.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

8becae9fd905b842ec8cfd48ca6298528d93e4d88a01a61348fe41531dcba967

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.glueckspost.ch/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 11 May 2022 07:26:23 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 915e18c0-4b85-49a0-b983-b66483d06a86
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.glueckspost.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 9CEB 400 B
658 B 7ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df55ea72144f1a%26domain%3Dwww.glueckspost.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.glueckspost.ch%252Ff81d2e1e403c6c%26relation%3Dparent.parent&container_width=1004&href=https%3A%2F%2Fwww.facebook.com%2Fglueckspost&layout=button_count&locale=de_DE&sdk=joey&share=false&show_faces=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:23 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 400
x-fb-rlafr: 0
x-fb-debug: eCo1pctpL48egZtoPq03UxrBRWYU/XK1RnH4ZfoJOjnYmDV30d+53WI9vqp175qo/v4BR5FbOp79B+220k+XEw==
x-fb-trip-id: 2050670934
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 07 May 2023 04:50:32 GMT

GET
H2 200 aPb06smJhNe.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yM/l/de_DE/ Frame 9CEB 524 KB
137 KB 21ms
6ms XHR
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yM/l/de_DE/aPb06smJhNe.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5411cd2007b743530719c76a60363332c61377611ae2297c69e8cd3c05622a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FYgjNhthm+Qzxzzo/cCAiw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 139793
x-fb-rlafr: 0
x-fb-debug: +qxSC9h3gTF7CPr0sjUwUa+vxTOTeplLgzWXn2/5kRxSjk3SUtmHY+CPxd0GhFKAoIMw9mLJDMXTAd85QNoEdg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 09 May 2023 17:37:45 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 9CEB 67 B
99 B 38ms
38ms Image
image/png 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1652253983418&t_start=1652253983418&t_domcontent=1652253983422&t_layout=1652253983453&t_onload=1652253983453&t_paint=1652253983453&t_creport=1652253983453&t_tti=1652253983422&lid=7096376821988927356-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df55ea72144f1a%26domain%3Dwww.glueckspost.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.glueckspost.ch%252Ff81d2e1e403c6c%26relation%3Dparent.parent&container_width=1004&href=https%3A%2F%2Fwww.facebook.com%2Fglueckspost&layout=button_count&locale=de_DE&sdk=joey&share=false&show_faces=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: bL0+eFqHHUJw+rWQmrknJCG7Eod4KYJIXTSVxeV17LWNTTSJCVbajM/sAzXKQ9mAvgq94V7T5omMq342L/8SNA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 11 May 2022 07:26:23 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 piggyback.js Show response
cdn.admeira.ch/adtrace/ Frame 0D0D 2 KB
1 KB 7ms
6ms Script
application/javascript 2600:9000:2251:3800:1c:9a5b:a1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admeira.ch/adtrace/piggyback.js?publisherId=1461601&siteId=4166535&placementId=15138777&placementCode1=Glueckspost.ch_DE_Desktop_Home_MR_1&placementCode2=&auctionId=6934848844924802911&dealId=0&orderId=7143101&campaignId=52694391&lineItemId=17792306&creativeId=356230437&advertiserId=5835695&size=300x250&cb=1075338897
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/static/0.41.0/ast.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3800:1c:9a5b:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e6a47e526989326ca5e86380a05c3fee177001124f70980b82575d2a7b80c3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 14:54:57 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 08:05:58 GMT
server: AmazonS3
age: 59487
etag: W/"df6fbc9509c4e1869ab8be5425e9f1f7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: OTLgHaO4imufh5FXfMs9bG5mXqObEytM2QxvxhKMjrynK9mmWwgUuQ==

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame 0D0D 85 KB
29 KB 33ms
6ms Script
application/x-javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/static/0.41.0/ast.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 11 May 2022 07:26:23 GMT
Content-Encoding: gzip
Age: 6560872
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29216
X-Served-By: cache-lga21974-LGA, cache-hhn4055-HHN
Access-Control-Allow-Origin: *, *
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
X-Timer: S1652253984.680142,VS0,VE0
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 386514, 5469732

GET
H/1.1 200
OK mediation.js Show response
acdn.adnxs-simple.com/ast/mediation/0.41.0/ Frame D239 22 KB
8 KB 81ms
21ms Script
application/javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/ast/mediation/0.41.0/mediation.js
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 57812aba195a00de9f60a416892d55fb1c68a0d4cafc17983616a6fe039f6562

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 11 May 2022 07:26:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Sep 2021 17:11:38 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "61534cca-576c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 7395
Expires: Thu, 12 May 2022 07:26:25 GMT

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ 0
813 B 52ms
13ms Image
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.glueckspost.ch%2F&e=wqT_3QKyCqAyBQAAAwDWAAUBCJ_K7ZMGEN-ulaaDieKeYBjJhe_Bv9LxgBMqNgkAAAkCABEJBywAABkAAABgj8IXQCEREgApEQkAMQEb9EgBZmYIQDDZ_5sHONpHQNpHSAJQpcruqQFYoexuYABoppuIAXjhjgWAAQGKAQNVU0SSAQNDSEaYAawCoAH6AagBAbABALgBAcABBMgBAtABANgBAOABAPABAPoBI0dsdWVja3Nwb3N0LmNoX0RFX0Rlc2t0b3BfSG9tZV9NUl8xigJZdWYoJ2EnLCA1ODM1Njk1LCAxNjUyMjUzOTgzKTt1ZignaScsIDcxNDMxMDEsIDE2NTIyNTM5ODMpO3VmKCdyJywgMzU2MjMwNDM3LCAxNjUyMjUzOTgzKTuSAvUDIWJWS0RPUWozbXBBWkVLWEs3cWtCR0FBZ29leHVNQU00QUVBRVNOcEhVTm5fbXdkWUFHQ1JCV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQXFnQkE3QUJBTGtCQUFBQUFBQUFBQURCQVEJCgEB2HlRRmVoZTk4OWQ3OVA5a0J5NXd1aTRuTjd6X2dBYjM5c3dQMUFRQUFBQUNZQWdDZ0FnQzFBZ0EBEAQ5QQUI8ExEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pRd01ESGdBNlV1Z0FRQWlBUUFrQVFBbUFRQndRUQGTCQEITWtFCQkBARhEWUJBRHhCAQsNARxpQVdoSDZrRhmwCC14QgWoCQEId1FVCQkBAQhNa0YBBwkBBERSLigAADIuKACoT0FGQVBBRnN2cTlDUGdGcjVma0FvSUdBME5JUm9nR0FKQUdBNWdHQUtFRwlMNEFBOEQtb0JnR3lCaVFKERQMQUFBUgEFDQEAWg0IAQEAaAEFCQFEQzRCaHcumgKZASFWQlM1OHdqNvkBKEtIc2JpQUVLQUF4CTEBbYA4NkNVRk5VekU2TkRBd01VQ2xMa25MbkM2TGljM3ZQMUURKwxBQUZrGQwARx0YAEcdGABIHRgQSGdBaVEdEHBBLi7YAu-hAeAC2N5H6gIbaHR0cHM6Ly93d3cuZzIuA_CqL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_j1pgHgAwDoAwD4AwGABACSBAYvdXQvdjOYBAKiBAwyMTcuNjQuMTUxLjOoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOOTE3OCNBTVMxOjQwMDHaBAIIAeAEAfAEpcruqQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAiU9o2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGCSEo8D_QBqsv2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADjEBkAAyAfhjgXSBw0JEToBOAjaBwYJJ0DgBwDqBwIIAPAHjm2KCAIQAA..&s=7d1ca83da1c8d514706538a71213fc8356a9c617

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 May 2022 07:26:23 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b24af543-89b8-42ec-9a64-64a38d6592be
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 5B55 47 KB
13 KB 85ms
31ms Script
application/javascript 52.212.32.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=930932&campId=300x250&pubId=Glueckspost.ch_DE&chanId=Glueckspost.ch_DE_Desktop_Home_MR_1&placementId=0&pubCreative=356230437&pubOrder=0&custom=1&custom2=&custom3=&cb=1652253983651&adsafe_par&impId=a8dfa34a-d0fb-11ec-ad44-0a6c212fcb7f
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.32.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-32-175.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7c70b2362ed9d75fd8b2323fff556ae1b0efe6791c03697e8e2adc5f2fe846b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:23 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6367 52 KB
17 KB 25ms
25ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=9178&pub_id=1461601
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.glueckspost.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 11 May 2022 07:26:23 GMT
ETag: "623de86a-cf34"
Expires: Thu, 12 May 2022 07:26:25 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame 0D0D 0
813 B 36ms
13ms Script
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.glueckspost.ch%2F&e=wqT_3QLyEKByCAAAAwDWAAUBCJ_K7ZMGEN-ulaaDieKeYBjJhe_Bv9LxgBMqNgkAAAkCABEJBywAABkAAABgj8IXQCEREgApEQkAMQEb9EgBZmYIQDDZ_5sHONpHQNpHSAJQpcruqQFYoexuYABoppuIAXjhjgWAAQGKAQNVU0SSAQNDSEaYAawCoAH6AagBAbABALgBAcABBMgBAtABANgBAOABAPABAPoBI0dsdWVja3Nwb3N0LmNoX0RFX0Rlc2t0b3BfSG9tZV9NUl8xigJZdWYoJ2EnLCA1ODM1Njk1LCAxNjUyMjUzOTgzKTt1ZignaScsIDcxNDMxMDEsIDE2NTIyNTM5ODMpO3VmKCdyJywgMzU2MjMwNDM3LCAxNjUyMjUzOTgzKTuSAvUDIWJWS0RPUWozbXBBWkVLWEs3cWtCR0FBZ29leHVNQU00QUVBRVNOcEhVTm5fbXdkWUFHQ1JCV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQXFnQkE3QUJBTGtCQUFBQUFBQUFBQURCQVEJCgEB2HlRRmVoZTk4OWQ3OVA5a0J5NXd1aTRuTjd6X2dBYjM5c3dQMUFRQUFBQUNZQWdDZ0FnQzFBZ0EBEAQ5QQUI8ExEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pRd01ESGdBNlV1Z0FRQWlBUUFrQVFBbUFRQndRUQGTCQEITWtFCQkBARhEWUJBRHhCAQsNARxpQVdoSDZrRhmwCC14QgWoCQEId1FVCQkBAQhNa0YBBwkBBERSLigAADIuKACoT0FGQVBBRnN2cTlDUGdGcjVma0FvSUdBME5JUm9nR0FKQUdBNWdHQUtFRwlMNEFBOEQtb0JnR3lCaVFKERQMQUFBUgEFDQEAWg0IAQEAaAEFCQFEQzRCaHcumgKZASFWQlM1OHdqNvkBKEtIc2JpQUVLQUF4CTEBbXw4NkNVRk5VekU2TkRBd01VQ2xMa25MbkM2TGljM3ZQMT00BEZrETcIQUFHHRgARx0YAEgdGBBIZ0FpUR0QcEEuLtgC76EB4ALY3kfqAhtodHRwczovL3d3dy5nMi4DQC_yAhEKBkFEVl9JRBIHNTgzYRwc8gISCgZDUEcBFCAIMTc3OTIzMDYBKQgFQ1AFFDA1MjY5NDM5MfICDQoIAT0YRlJFURIBMAUQHFJFTV9VU0VSBRAAEwkgRENPREUSBzEwMTQ5NjDyAhQKCAFfBRY8CEdUMTczODUz8gILCgdDUAkWHADyAhAKBUlPAW8cBzcxNDMxMDEBlwgHSU8JIWAHR1QzNjg2NPICEwoPQ1VTVE9NX01PREVMATIUAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHA0KCFNQTElUAU3wgQEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgD-PWmAeADAOgDAPgDAYAEAJIEBi91dC92M5gEAqIEDDIxNy42NC4xNTEuM6gEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA45MTc4I0FNUzE6NDAwMdoEAggB4AQB8ASlKiCIBQGYBQCgBf8RARQBwAUAyQWpZRTwP9IFCQkJDHQAANgFAeAFAeoFEwoHSUFTX2dybRIINDAsNTAsNjABFiwIcGxhdGZvcm0SB0SpKmzqBQgKA3VhYxIBMeoFHgoJcHVibGlzaGVyEhFHMjACFF9EReoFEglYZHZpbxIHdmVyeUxvd-oFFwoHc2VjdGlvbhIMDVYQX0hvbWUVLwhoYXQdLwguCgYBnPBVaWQSJGE4ZGZhMzRhLWQwZmItMTFlYy1hZDQ0LTBhNmMyMTJmY2I3ZuoFDwoHdmhlaWdodBIEMTIwMOoFFwoEcHRpZBIPYXBuLWFkLXNsb3QtbXIx6gUNoQRhZC5yAJAhCgQxcHhzEhk1dix2dyw1eCx0LDVpLDltLGJpLGg2LDZk6gUSCZYEdncuMQEAEgnvCGRyZx3AERUEbG0dFQAIBWMIdBIAFfUIYWxjHSAsHQoHdXJscGF0aBISRowDQOoFDgoGdndpZHRoEgQxNjAwJZYIcG9zJZYNcQhvZmYdUQgOCgYhyAxhdBIEwedk6gUUCghwYWdldHlwZRIIb3ZlcnZpZXfqBQ8J2HRmchIFZmFsc2XwBQH6BQQIABAAkAYAmAYAuAYAwQZJPyjwP9AGqy_aBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUgIGAAgQdAsxAZAAMgH4Y4F0gcNVZABOAjaBwYJJ0DgBwDqBwIIAPAHjm2KCAIQAA..&s=5e2815f4aa4e207277118cf585da903bf9d4f125&bdref=https%3A%2F%2Fwww.glueckspost.ch%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.glueckspost.ch%2F,https%3A%2F%2Fwww.glueckspost.ch%2F&

Requested by

Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 May 2022 07:26:23 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3ef20b0c-fee8-4247-ae66-da22f45ddab1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6367 0
741 B 32ms
32ms Script
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=9178&pub_id=1461601&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=9178&pub_id=1461601

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 May 2022 07:26:23 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 996d5d89-aa47-443f-a4c5-0e09eedbf0b9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 0D0D 0
838 B 26ms
25ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.glueckspost.ch%2F&e=wqT_3QKyCqAyBQAAAwDWAAUBCJ_K7ZMGEN-ulaaDieKeYBjJhe_Bv9LxgBMqNgkAAAkCABEJBywAABkAAABgj8IXQCEREgApEQkAMQEb9EgBZmYIQDDZ_5sHONpHQNpHSAJQpcruqQFYoexuYABoppuIAXjhjgWAAQGKAQNVU0SSAQNDSEaYAawCoAH6AagBAbABALgBAcABBMgBAtABANgBAOABAPABAPoBI0dsdWVja3Nwb3N0LmNoX0RFX0Rlc2t0b3BfSG9tZV9NUl8xigJZdWYoJ2EnLCA1ODM1Njk1LCAxNjUyMjUzOTgzKTt1ZignaScsIDcxNDMxMDEsIDE2NTIyNTM5ODMpO3VmKCdyJywgMzU2MjMwNDM3LCAxNjUyMjUzOTgzKTuSAvUDIWJWS0RPUWozbXBBWkVLWEs3cWtCR0FBZ29leHVNQU00QUVBRVNOcEhVTm5fbXdkWUFHQ1JCV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQXFnQkE3QUJBTGtCQUFBQUFBQUFBQURCQVEJCgEB2HlRRmVoZTk4OWQ3OVA5a0J5NXd1aTRuTjd6X2dBYjM5c3dQMUFRQUFBQUNZQWdDZ0FnQzFBZ0EBEAQ5QQUI8ExEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pRd01ESGdBNlV1Z0FRQWlBUUFrQVFBbUFRQndRUQGTCQEITWtFCQkBARhEWUJBRHhCAQsNARxpQVdoSDZrRhmwCC14QgWoCQEId1FVCQkBAQhNa0YBBwkBBERSLigAADIuKACoT0FGQVBBRnN2cTlDUGdGcjVma0FvSUdBME5JUm9nR0FKQUdBNWdHQUtFRwlMNEFBOEQtb0JnR3lCaVFKERQMQUFBUgEFDQEAWg0IAQEAaAEFCQFEQzRCaHcumgKZASFWQlM1OHdqNvkBKEtIc2JpQUVLQUF4CTEBbYA4NkNVRk5VekU2TkRBd01VQ2xMa25MbkM2TGljM3ZQMUURKwxBQUZrGQwARx0YAEcdGABIHRgQSGdBaVEdEHBBLi7YAu-hAeAC2N5H6gIbaHR0cHM6Ly93d3cuZzIuA_CqL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_j1pgHgAwDoAwD4AwGABACSBAYvdXQvdjOYBAKiBAwyMTcuNjQuMTUxLjOoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOOTE3OCNBTVMxOjQwMDHaBAIIAeAEAfAEpcruqQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAiU9o2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGCSEo8D_QBqsv2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADjEBkAAyAfhjgXSBw0JEToBOAjaBwYJJ0DgBwDqBwIIAPAHjm2KCAIQAA..&s=7d1ca83da1c8d514706538a71213fc8356a9c617&type=nv&nvt=5&jm=1003&sid=3731166301615215535&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=15138777&sw=1600&sh=1200&pw=1600&ph=2521&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 May 2022 07:26:23 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ec77736d-3deb-49c1-b96e-aee4415126d3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.glueckspost.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 00bfbd1a-06e1-4c50-8bf0-62a6cd6c5728.png
crcdn01.adnxs-simple.com/creative/p/9178/2022/4/28/35028817/ Frame 0D0D 817 KB
818 KB 118ms
17ms Image
image/png 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/9178/2022/4/28/35028817/00bfbd1a-06e1-4c50-8bf0-62a6cd6c5728.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 7eaebf83989a77dc9ff39772b8b872a48c86478cbe26e6b96b3266f4fdb3ce9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 11 May 2022 07:26:23 GMT
Last-Modified: Thu, 28 Apr 2022 13:18:41 GMT
Server: nginx/1.21.3
x-amz-request-id: 058e6ba9-688b-4c55-b58c-0accb3318a50
X-Clv-Request-Id: 058e6ba9-688b-4c55-b58c-0accb3318a50
ETag: "42457154a066353ed716c09323fe381a"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
X-Clv-S3-Version: 2.5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 837018
Expires: Sat, 25 Jun 2022 07:26:23 GMT

GET
H/1.1 200
OK 61bbd78e-016f-441e-a29d-d792e4722315.png
crcdn01.adnxs-simple.com/creative/p/9178/2022/4/28/35028827/ Frame 0D0D 3 KB
4 KB 117ms
16ms Image
image/png 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/9178/2022/4/28/35028827/61bbd78e-016f-441e-a29d-d792e4722315.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 301d7e71cc6c2bff6c97805698c57750eccfa99e58a2a152524db9241ef3c240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 11 May 2022 07:26:23 GMT
Last-Modified: Thu, 28 Apr 2022 13:18:59 GMT
Server: nginx/1.21.3
x-amz-request-id: d8246a6c-475c-4583-be6b-c4774cbf0584
X-Clv-Request-Id: d8246a6c-475c-4583-be6b-c4774cbf0584
ETag: "2d064c11fecbe2efccca5bbff0a2ffa7"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
X-Clv-S3-Version: 2.5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3575
Expires: Sat, 25 Jun 2022 07:26:23 GMT

GET
H/1.1 200
OK log_req
ams1-ib.adnxs.com/mediation/v2/ Frame D239 0
813 B 19ms
18ms Image
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/mediation/v2/log_req?info=MQAAAAMABQEFAQifyu2TBhCvrP7xjui6tQoY2kchNPlmmxtjKEAo4oblWzBWOABAAA..&s=741197a4fed1a1a704b158e6a7c5cfa81ed49f2d

Requested by

Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 May 2022 07:26:23 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2dfd90f2-abdf-4443-a96a-d6b8bb48a830
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 mediation.js Show response
cdn.admeira.ch/adtrace/ Frame 7319 7 KB
2 KB 7ms
7ms Script
application/javascript 2600:9000:2251:3800:1c:9a5b:a1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admeira.ch/adtrace/mediation.js
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/ast/mediation/0.41.0/mediation.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:3800:1c:9a5b:a1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b2d05aa25c4c91244f1734cdf9dde3689f9b0e9e3dde3599793d30f30aa888b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 14:55:06 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 08:56:52 GMT
server: AmazonS3
age: 59478
etag: W/"a1b962d7184906824cc0ba676bc28ae4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: 72LS6oiaB4fnMe5SF6xsFOOIDpxgCiQHzfR_POtSF9Yl83Q2GhgN1Q==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7319 81 KB
28 KB 46ms
19ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.admeira.ch
URL: https://cdn.admeira.ch/adtrace/mediation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

e85f103cf2532c50e5150c37f69cded8f2e3bc198d84b3f85773602634da6027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28362
x-xss-protection: 0
server: sffe
etag: "1211 / 517 of 1000 / last-modified: 1652220326"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 11 May 2022 07:26:23 GMT

GET
H2 200 main.gr.19.8.309.js Show response
static.adsafeprotected.com/ Frame 5B55 191 KB
61 KB 85ms
6ms Script
application/javascript 2600:9000:2491:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.309.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930932&campId=300x250&pubId=Glueckspost.ch_DE&chanId=Glueckspost.ch_DE_Desktop_Home_MR_1&placementId=0&pubCreative=356230437&pubOrder=0&custom=1&custom2=&custom3=&cb=1652253983651&adsafe_par&impId=a8dfa34a-d0fb-11ec-ad44-0a6c212fcb7f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2e24b95c962fffb41eede228d0c5c7681cf9bc3dd3ece2440412ec4246d84e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 05 May 2022 20:42:44 GMT
content-encoding: gzip
age: 470620
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 05 May 2022 17:31:51 GMT
server: AmazonS3
etag: W/"25d0c2239b60642eaeddad303e621bd4"
vary: Accept-Encoding
x-amz-version-id: mjEd7PtHn1L574wGfHZ2vjRyhTR.v7IU
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P7
content-type: application/javascript
x-amz-cf-id: VPztVsbPr6htZh6my7vm90wv3KVywYNDxWsE1HgSgsyK4TiDYJ_Vkw==

GET
H3 200 pubads_impl_2022050501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7319 368 KB
125 KB 22ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

e680f84f5a15d5113b3d271f4f26456bbdd12103f70eaaf21ab08ef68aee9753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:16:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 596
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127685
x-xss-protection: 0
last-modified: Thu, 05 May 2022 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 11 May 2023 07:16:27 GMT

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 14A5 80 KB
21 KB 7ms
6ms Script
application/javascript 2600:9000:2491:4800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:4800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
content-encoding: gzip
age: 7320500
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P7
content-type: application/javascript
x-amz-cf-id: pBHYMJmmgSc7COwKpvBasvS3rSI69VWGTuQEZrvH8Xnj5iqqwAP5ZQ==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 31ms
31ms Image
image/gif 52.212.32.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=930932&campId=300x250&pubId=Glueckspost.ch_DE&chanId=Glueckspost.ch_DE_Desktop_Home_MR_1&placementId=0&pubCreative=356230437&pubOrder=0&custom=1&custom2=&custom3=&cb=1652253983651&adsafe_par&impId=a8dfa34a-d0fb-11ec-ad44-0a6c212fcb7f&adsafe_url=https%3A%2F%2Fwww.glueckspost.ch%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:44b0303e-8b5b-cccb-cf23-ab70b6b16c1a,c:chWI0M,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-58499bf7cc-rx26g,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:991.584.300.250,am:i,cc:991.584.300.250,piv:100,obst:0,th:0,reas:,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:106,fm:t5vzkKV+11%7C12*.930932%7C121%7C122%7C131,idMap:12*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:123,oid:a94ce489-d0fb-11ec-9d7b-0278f4eff0b3,v:19.8.309,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.32.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-32-175.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:23 GMT
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 510ms
160ms Image
image/gif 2600:1f13:800:7780:5169:8668:b8ea:b057
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930932&asId=44b0303e-8b5b-cccb-cf23-ab70b6b16c1a&tv=%7Bc:chWI12,pingTime:0,time:139,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:122%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:140,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:122,wc:0.0.1600.1200,ac:991.584.300.250,am:i,cc:991.584.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B30~100%5D,as:%5B30~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:t5vzkKV+11%7C12*.930932%7C121%7C122%7C131,idMap:12*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5169:8668:b8ea:b057 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:24 GMT
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7319 107 B
792 B 38ms
17ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.glueckspost.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 May 2022 07:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7319 107 B
549 B 39ms
18ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.glueckspost.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 May 2022 07:26:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7319 50 KB
12 KB 393ms
393ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2516272100085041&correlator=390203081638801&eid=31065643&output=ldjh&gdfp_req=1&vrg=2022050501&ptt=17&impl=fifs&iu_parts=21823152020%2CGlueckspost.ch_DE%2CDesktop_Home&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=994x250%7C970x250%7C800x250%7C994x118%7C728x90%7C1x1%7C1x1&ifi=1&adks=627127390&sfv=1-0-38&ecs=20220511&fsapi=false&prev_scp=publisher%3DGlueckspost.ch_DE%26section%3DDesktop_Home%26platform%3DDesktop%26format%3DWB_1%26price%3D0.2%26pos%3D1%26pagetype%3Doverview%26admurlpath%3Dwww.glueckspost.ch&sc=1&cookie_enabled=1&cdm=www.glueckspost.ch&abxe=1&dt=1652253983951&lmt=1652253983&dlt=1652253983756&idt=174&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=lx06daoobc6l&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=2&url=https%3A%2F%2Fwww.glueckspost.ch%2F&top=https%3A%2F%2Fwww.glueckspost.ch%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=915999267.1652253983&ga_sid=1652253984&ga_hid=2057251352&ga_fc=true&btvi=-1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

10d113ba25469d41aa6510734565fb766766cb460ce51c143432644c106fcc83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11953
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.glueckspost.ch
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fabaa99cf662c6e93e6bd95cf205526a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C4D9 6 KB
4 KB 72ms
16ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fabaa99cf662c6e93e6bd95cf205526a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.glueckspost.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 11 May 2022 07:26:24 GMT
expires: Thu, 11 May 2023 07:26:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 466ms
161ms Image
image/gif 2600:1f13:800:7780:5169:8668:b8ea:b057
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930932&asId=44b0303e-8b5b-cccb-cf23-ab70b6b16c1a&tv=%7Bc:chWI1M,pingTime:-2,time:185,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:129,beZ:130,mfA:235,cmA:237,inA:237,inZ:242,prA:242,prZ:246,si:252,poA:252,poZ:265,cmZ:265,mfZ:265,loA:269,loZ:271,ltA:314,ltZ:314%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.300,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:122%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:185,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:122,wc:0.0.1600.1200,ac:991.584.300.250,am:i,cc:991.584.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B75~100%5D,as:%5B75~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:t5vzkKV+11%7C12*.930932%7C121%7C122%7C131,idMap:12*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,slid:%5Butif_apn-ad-slot-mr1_9404681d-ad9c-415a-b108-b21a6a5c373d,div_utif_apn-ad-slot-mr1,apn-ad-slot-mr1,dp-ad-3,main%5D,sinceFw:61,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5169:8668:b8ea:b057 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:24 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7319 14 KB
11 KB 42ms
20ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022050501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7341190a25babb46f77a2d79dd84938dd73d2045c050d9a3304269aaeee79649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 May 2022 07:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10610
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7319 17 KB
7 KB 58ms
37ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 11 May 2022 07:26:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A5F9 13 KB
5 KB 22ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.glueckspost.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 11 May 2022 07:13:02 GMT
expires: Thu, 11 May 2023 07:13:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C8D8 783 B
535 B 32ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b7dc5fdfa680147b7a2d8772980893ff48bbe69c2cfddbdfe90a37d41efc895a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Oa0KLxJD0vVwQXOqXSu1bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.glueckspost.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Oa0KLxJD0vVwQXOqXSu1bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 11 May 2022 07:26:24 GMT
expires: Wed, 11 May 2022 07:26:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 87D0VuGGyd8o4x1zT1VlOmQj8xrGMl1xcSeEyGhgSwY.js Show response
pagead2.googlesyndication.com/bg/ Frame A5F9 35 KB
13 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/87D0VuGGyd8o4x1zT1VlOmQj8xrGMl1xcSeEyGhgSwY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3b0f456e186c9df28e31d734f55653a6423f31ac6325d71712784c868604b06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 07:35:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13472
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 May 2023 07:35:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C8D8 0
0 49ms
47ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022050501&jk=2516272100085041&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 162ms
161ms Image
image/gif 2600:1f13:800:7780:5169:8668:b8ea:b057
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930932&asId=44b0303e-8b5b-cccb-cf23-ab70b6b16c1a&tv=%7Bc:chWI6M,pingTime:-10,time:495,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDEuMC40OTUxLjY0IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1652253984276%7C%7Ce8331fca0a46242046466b99f9d41cb4%7C%7C20974fba76ac68d3b08560343ae2118a%7C%7C2b049e6b1871f1ff06fb74b71d3fc560%7C%7Cc7e6eb3f0125fc76f4aac0ea0882105d%7C%7C49ffcf732dd26922af8f5030e2161478%7C%7C283a3970662fcdb1a167be09e5e36720%7C%7Ccf451f3785161c64cbf11f58c0fedf0f%7C%7C1629390669%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5169:8668:b8ea:b057 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:24 GMT
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A5F9 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TzXdOQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 07:26:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032204292129000/ Frame D3E6 220 KB
60 KB 50ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032204292129000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe01d4f50dbeac0bd102f282f57fd8a0683ef03c239e10097b347c2ecfa14a43

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 483535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61317
x-xss-protection: 0
server: sffe
date: Thu, 05 May 2022 17:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2b0fb0265538f0e4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 May 2023 17:07:29 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032204292129000/v0/ Frame D3E6 14 KB
6 KB 48ms
7ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032204292129000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 483535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5188
x-xss-protection: 0
server: sffe
date: Thu, 05 May 2022 17:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "176361d496ccc411"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 May 2023 17:07:29 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032204292129000/v0/ Frame D3E6 94 KB
28 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032204292129000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 483535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Thu, 05 May 2022 17:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4b15b3c971f95798"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 May 2023 17:07:29 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032204292129000/v0/ Frame D3E6 5 KB
2 KB 61ms
19ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032204292129000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 483535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1906
x-xss-protection: 0
server: sffe
date: Thu, 05 May 2022 17:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a2652581fdabc981"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 May 2023 17:07:29 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032204292129000/v0/ Frame D3E6 40 KB
13 KB 59ms
18ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032204292129000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 483535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12953
x-xss-protection: 0
server: sffe
date: Thu, 05 May 2022 17:07:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8a2450dae6a66803"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 05 May 2023 17:07:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D3E6 8 KB
1 KB 38ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 May 2022 07:24:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 11 May 2022 07:26:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 May 2022 07:26:24 GMT

GET
H3 200 de.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D3E6 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/de.png

Requested by

Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 18:59:49 GMT
x-content-type-options: nosniff
server: cafe
age: 44795
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6601037253665971276
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2958
x-xss-protection: 0
expires: Wed, 11 May 2022 18:59:49 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D3E6 295 B
319 B 7ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 11 May 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 6170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 12 May 2022 05:43:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D3E6 0
0 15ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpMuVRkLjiJueDssJ8dmCrhsHQyqCwfAO1-kmljdKcNX-5EU4rRQYan6b8FDjggwLRUb0jCPJDYVbcN8A-bQz6RyQFUQ
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D3E6 0
0 49ms
49ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyFqcH2V7YrrqPLS5lQfcjoaQD8Pj2_pplcWTxdcPm7-m6NQOEAEgifqVdWCVgoCAlAegAajfgPUCyAEBqQJrWt1WQq6xPuACAKgDAcgDCqoE-QFP0DGuXRPpWOY_SddHqJplyBHPUtZdtsbq-sVdqSXIg0KnkQnrY2UjGLmr3XHM8-mgpEGU1_P_cr8QSWwrrKGgs5cjfB3u6bJ1zPajiA5dk6fZ1gPvo5NpCd7NA9He7scN1A6Sc6L6uS47iR9s0Ed4SM74OimaaBx8vxazJDEsd6A0HKd9nE0LFqaY6XnHXY2ocx2MAJZtDx311JbchjiB-EWG9MgpZkq5C7ozX1FXV3LVQsQg8eSooV-6zsXrhlWfc_NW11ow8BrwqWa8nb4M51cSBlgnsvQFa66_49HxuRfhroM6upN6nKGDzS5mv8dTfIObItf1lMfABLul3rLjA-AEAZIFBAgEGAGSBQQIBRgEoAZmgAfAoP-KAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKuvdtIICQiA4YAQEAEYHYAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi03NTU0MDY1MzcxMjU1MzI3GODacA&sigh=YODaWmYe0OM&uach_m=[UACH]
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame D3E6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b3ecc1abc7d2f2a2805ed4ec5ff1b8121786084708d96dfee45a744d1b928ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame D3E6 28 KB
28 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.glueckspost.ch
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 22:12:07 GMT
x-content-type-options: nosniff
age: 33257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 May 2023 22:12:07 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D3E6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

54ms
54ms

Image
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.glueckspost.ch
URL: https://www.glueckspost.ch/
Protocol: H3
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Redirect headers

date: Wed, 11 May 2022 07:26:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6367 0
741 B 18ms
17ms Script
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=9178&pub_id=1461601&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=9178&pub_id=1461601

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 May 2022 07:26:24 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4fa8e99b-5e2c-41ae-afe0-e9cbee441a73
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 0D0D 0
838 B 15ms
14ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.glueckspost.ch%2F&e=wqT_3QKyCqAyBQAAAwDWAAUBCJ_K7ZMGEN-ulaaDieKeYBjJhe_Bv9LxgBMqNgkAAAkCABEJBywAABkAAABgj8IXQCEREgApEQkAMQEb9EgBZmYIQDDZ_5sHONpHQNpHSAJQpcruqQFYoexuYABoppuIAXjhjgWAAQGKAQNVU0SSAQNDSEaYAawCoAH6AagBAbABALgBAcABBMgBAtABANgBAOABAPABAPoBI0dsdWVja3Nwb3N0LmNoX0RFX0Rlc2t0b3BfSG9tZV9NUl8xigJZdWYoJ2EnLCA1ODM1Njk1LCAxNjUyMjUzOTgzKTt1ZignaScsIDcxNDMxMDEsIDE2NTIyNTM5ODMpO3VmKCdyJywgMzU2MjMwNDM3LCAxNjUyMjUzOTgzKTuSAvUDIWJWS0RPUWozbXBBWkVLWEs3cWtCR0FBZ29leHVNQU00QUVBRVNOcEhVTm5fbXdkWUFHQ1JCV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQXFnQkE3QUJBTGtCQUFBQUFBQUFBQURCQVEJCgEB2HlRRmVoZTk4OWQ3OVA5a0J5NXd1aTRuTjd6X2dBYjM5c3dQMUFRQUFBQUNZQWdDZ0FnQzFBZ0EBEAQ5QQUI8ExEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnQ0FBd0dZQXdHNkF3bEJUVk14T2pRd01ESGdBNlV1Z0FRQWlBUUFrQVFBbUFRQndRUQGTCQEITWtFCQkBARhEWUJBRHhCAQsNARxpQVdoSDZrRhmwCC14QgWoCQEId1FVCQkBAQhNa0YBBwkBBERSLigAADIuKACoT0FGQVBBRnN2cTlDUGdGcjVma0FvSUdBME5JUm9nR0FKQUdBNWdHQUtFRwlMNEFBOEQtb0JnR3lCaVFKERQMQUFBUgEFDQEAWg0IAQEAaAEFCQFEQzRCaHcumgKZASFWQlM1OHdqNvkBKEtIc2JpQUVLQUF4CTEBbYA4NkNVRk5VekU2TkRBd01VQ2xMa25MbkM2TGljM3ZQMUURKwxBQUZrGQwARx0YAEcdGABIHRgQSGdBaVEdEHBBLi7YAu-hAeAC2N5H6gIbaHR0cHM6Ly93d3cuZzIuA_CqL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA_j1pgHgAwDoAwD4AwGABACSBAYvdXQvdjOYBAKiBAwyMTcuNjQuMTUxLjOoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOOTE3OCNBTVMxOjQwMDHaBAIIAeAEAfAEpcruqQGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAiU9o2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGCSEo8D_QBqsv2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADjEBkAAyAfhjgXSBw0JEToBOAjaBwYJJ0DgBwDqBwIIAPAHjm2KCAIQAA..&s=7d1ca83da1c8d514706538a71213fc8356a9c617&type=pv&jm=1003&px=992&py=584&bw=300&bh=300&sf=0.83&sid=3731166301615215535&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=15138777&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 May 2022 07:26:24 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ae874b90-2c6f-4188-9afd-4fd7d45bf494
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.glueckspost.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7319 0
0 51ms
50ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022050501&jk=2516272100085041&bg=!7O-l76vNAAZX5TVhd-U7ACkAdvg8Wl5a2FDnbwYfLN9kHUHI5WJX3AF0Y6mvQQCI7QDBvsYpVdk9RQIAAABsUgAAAAZoAQeZAuJI8UGSG4I60PNbC91olGxuFMNMppb9XbGCYv3hi9oNftpZ_sK4DFwrQXQuJrHN14ZgYqjkkhvlaDbHUKnv8QidBLrL8LdJ3Y6VdVa6TzLnei4LfZHiR9RtoFm2aR3K7eaCcK3FJkOdtgosC3K-vWVYlZwzOuX1MS1wPmXxm77TWEnTnkS6nzDEAHS5cbxTu8pqw1rvCguyECdYIHSvJVDmFL0NjJgILsSSTrZVU-8rSptBCAgTwu__3DBsNccpT382sXWIUeSQ40IVldGVQGsDljz_MZmSQsBSDAeNUDY9sXje7u1lhVpqzL19gzepcZkvpqhDgSREMscADLJBtLqjfc72ZjWDxouPeL3Jv3lIAhiVCNM1pz66AGnymswfDXxG5A3QQ-_dzRDo6NdfBuPesQApSIiFRG5pzrLv0zKfRZHdCL2iUDNgRjZNc56p9Ea22Df-s1jwpGFtnyqRDWtc2ZnT0lrRPkigHGX8ydGUNGjZfrc2i-m6c9jtwpOeB6gyxI2spIUSRYRyM2g2OmLlx2zObnZ1lUVRI553f3w9vbalktHqxGoDpFVtKu9dRjuR_FUp0HoLZMiVWDoWiKR-OpGg09P3G1qY5pE2RQZgeblFSPD1EItX9FNUe0VR4kYVuE9H6_kCOWbdngHoYWeH4jMCdMaNXQfFOi0wDBXuOVINxvkqQsQgjkRm1W2ZQEYcsTBkE9RnfhUoqi8Nwd9bDSzkz_Mm1AY1LK0HGSlgYJtS38gPOjDS-HaIci2mMPj9t8Uws6-wujPyW_gXG569YytkEGNxsj6m3ONlmgodv6jOPskHIpeiiul7swu9IqPI-eZaZ38ZL5EzcmEn-gjPosbuqpMPxqtnJaEUPcpAytm7dwloHytQwThLwrhG8BFlQqL4xTScKxMS_c7OL5P7Xlf3l0JCmxq-Q_D2yH7yXTPwLT7yAZfpUcjI25Q-AiVJvYrXrRqtCsc3ABJzXc9jAWU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 163ms
162ms Image
image/gif 2600:1f13:800:7780:5169:8668:b8ea:b057
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930932&asId=44b0303e-8b5b-cccb-cf23-ab70b6b16c1a&tv=%7Bc:chWIhc,pingTime:1,time:1141,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:122%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1141,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:122,wc:0.0.1600.1200,ac:991.584.300.250,am:i,cc:991.584.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1031~100%5D,as:%5B1031~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:192,fm:t5vzkKV+11%7C12*.930932%7C121%7C122%7C131,idMap:12*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5169:8668:b8ea:b057 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:25 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 161ms
160ms Image
image/gif 2600:1f13:800:7780:5169:8668:b8ea:b057
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930932&asId=44b0303e-8b5b-cccb-cf23-ab70b6b16c1a&tv=%7Bc:chWIhd,pingTime:1,time:1142,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:122%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1142,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:122,wc:0.0.1600.1200,ac:991.584.300.250,am:i,cc:991.584.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1032~100%5D,as:%5B1032~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:192,fm:t5vzkKV+11%7C12*.930932%7C121%7C122%7C131,idMap:12*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5169:8668:b8ea:b057 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:25 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 162ms
161ms Image
image/gif 2600:1f13:800:7780:5169:8668:b8ea:b057
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930932&asId=44b0303e-8b5b-cccb-cf23-ab70b6b16c1a&tv=%7Bc:chWIhd,pingTime:1,time:1142,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:122%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1142,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:122,wc:0.0.1600.1200,ac:991.584.300.250,am:i,cc:991.584.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1032~100%5D,as:%5B1032~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:192,fm:t5vzkKV+11%7C12*.930932%7C121%7C122%7C131,idMap:12*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:5169:8668:b8ea:b057 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:25 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D3E6 42 B
64 B 45ms
45ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbQXjxvB-K2W9ovYb7ZCBrsCVLZTa_2nG63ErcVFCvpmKX9qBmky98ZhF86R7qAD39iRcMDEgVJddM1wsm_KIw2qZYx_auHbfdgohqBS7qjJEZKNUf1hQj2qJK&sai=AMfl-YQk7AMa-S7wYBSkmQf6W0DYKSXZ_81cphpPksbi3MlGzCy8fgfp7rzhRF6XJocKpckcJdMrhO46T7Bvuy5ziPf_GvDHLwwkZI9luuc0RaxMX1-EkLVpMT9uL1eU&sig=Cg0ArKJSzI1r-bCAdVU7EAE&cid=CAASF-RoHe83Ek8GJI45iAAJ3ZtL28SfUGYw&id=ampim&o=303,95&d=994,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=137&tls=1137&g=100&h=100&tt=1137&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=627127390

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 May 2022 07:26:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame 7319 85 KB
29 KB 7ms
6ms Script
application/x-javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/ast/mediation/0.41.0/mediation.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 11 May 2022 07:26:27 GMT
Content-Encoding: gzip
Age: 6560876
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29216
X-Served-By: cache-lga21974-LGA, cache-hhn4055-HHN
Access-Control-Allow-Origin: *, *
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
X-Timer: S1652253987.046934,VS0,VE0
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 386514, 5469747

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame D239 0
813 B 24ms
23ms Image
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.glueckspost.ch%2F&e=wqT_3QKBCvBDAQUAAAMA1gAFAQifyu2TBhCvrP7xjui6tQoYyYXvwb_S8YATKjYJNPlmmxtjKEARNPlmmxtjKEAZAAAAoJlZMEAhNPkJGwApEST0aQExAAAAwMzMH0Aw1_-bBzjaR0DaR0gCUOKG5VtYoexuYABoppuIAXjhjgWAAQGKAQNVU0SSAQNDSEaYAeIHoAH6AagBBrABALgBAcABBMgBAtABANgBAOABAPABAPoBI0dsdWVja3Nwb3N0LmNoX0RFX0Rlc2t0b3BfSG9tZV9XQl8xigI8dWYoJ2EnLCAyNTQ3MDE2LCAxNjUyMjUzOTgzKTt1ZigncicsIDE5MjQ5NjQ4MiwgMTY1MjI1Mzk4Myk7kgLlAyFvRV9iVEFpSm1ZOFJFT0tHNVZzWUFDQ2g3RzR3QURnQVFBUkkya2RRMV8tYkIxZ0FZSkVGYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRURzQUVBdVFFRDYwcThHMk1vUU1FQkEtdEt2QnRqS0VESkFkWmZ6X01hWV9nXzJRRUFBQUFBQUFEd1AtQUJBSmdDQUtBQ0FMVUNBQUFBQUwwQwUh8ElNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFib0RDVUZOVXpFNk5EQXdNZUFEcFM2SUJBQ1FCQUNZQkFIQkJBQQVPAQEIeVFRAQcJARhOZ0VBUEVFCQ0BAVRDSUJhRWZxUVhMbkM2TGljM3ZQN0VGARoJAQhEQkIdPwh5UVUJFwEBAE4yKAAAWi4oALg0QVdkdGtyd0JaR0U3UVQ0QmNpNm13R0NCZ05WVTBTSUJoQ1FCZ0dZQmdHaEJnQQFONEFBQ0JBcUFZQnNnWWtDHXQARR0MAEcdDABJHQxMdUFZS5oClQEhT1E4NGZnaUptWTg16SRvZXh1SUFRb0FEFfhUZ1FEb0pRVTFUTVRvME1EQXhRS1V1UxFRDFBBX1URDAxBQUFXHQwAWR0MAGEdDABjHQwQZUFDSkEdEGzYAu-hAeAC2N5H6gIbaHR0cHM6Ly93d3cuZ2x1Xf3w0C-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMB2AP49aYB4AMA6AMA-AMBgAQAkgQGL3V0L3YzmAQAogQMMjE3LjY0LjE1MS4zqAQAsgQQCAAQARjiByD6ASgAMAA4ArgEAMAEAMgEANIEDjkxNzgjQU1TMTo0MDAx2gQCCAHgBAHwBOKG5VuIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXO8A76BQQIABAAkAYAmAYAuAYAwQYAAAAAATEg0AarL9oGFgoQBTMdAWAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADjEBkAAyAfhjgXSBw0JETsBOAjaBwYJJ0DgBwDqBwIIAPAHjm2KCAIQAA..&s=81f141db42f285e15edc3a65fc7272350d748636

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 May 2022 07:26:27 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bcdbd7f7-72d8-4c30-993c-5d75ece6db0d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK log_resp
ams1-ib.adnxs.com/mediation/v2/ Frame D239 0
813 B 27ms
27ms Image
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/mediation/v2/log_resp?info=MQAAAAMABQEFAQifyu2TBhCvrP7xjui6tQoY2kchNPlmmxtjKEAo4oblWzBWOABAAA..&s=741197a4fed1a1a704b158e6a7c5cfa81ed49f2d&reason=0&latency=3285

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 May 2022 07:26:27 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d18694be-2b5a-4088-8a58-498fb0810929
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 7319 0
838 B 30ms
29ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.glueckspost.ch%2F&e=wqT_3QKBCvBDAQUAAAMA1gAFAQifyu2TBhCvrP7xjui6tQoYyYXvwb_S8YATKjYJNPlmmxtjKEARNPlmmxtjKEAZAAAAoJlZMEAhNPkJGwApEST0aQExAAAAwMzMH0Aw1_-bBzjaR0DaR0gCUOKG5VtYoexuYABoppuIAXjhjgWAAQGKAQNVU0SSAQNDSEaYAeIHoAH6AagBBrABALgBAMABBMgBAtABANgBAOABAPABAPoBI0dsdWVja3Nwb3N0LmNoX0RFX0Rlc2t0b3BfSG9tZV9XQl8xigI8dWYoJ2EnLCAyNTQ3MDE2LCAxNjUyMjUzOTgzKTt1ZigncicsIDE5MjQ5NjQ4MiwgMTY1MjI1Mzk4Myk7kgLlAyFvRV9iVEFpSm1ZOFJFT0tHNVZzWUFDQ2g3RzR3QURnQVFBUkkya2RRMV8tYkIxZ0FZSkVGYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRURzQUVBdVFFRDYwcThHMk1vUU1FQkEtdEt2QnRqS0VESkFkWmZ6X01hWV9nXzJRRUFBQUFBQUFEd1AtQUJBSmdDQUtBQ0FMVUNBQUFBQUwwQwUh8ElNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFib0RDVUZOVXpFNk5EQXdNZUFEcFM2SUJBQ1FCQUNZQkFIQkJBQQVPAQEIeVFRAQcJARhOZ0VBUEVFCQ0BAVRDSUJhRWZxUVhMbkM2TGljM3ZQN0VGARoJAQhEQkIdPwh5UVUJFwEBAE4yKAAAWi4oALg0QVdkdGtyd0JaR0U3UVQ0QmNpNm13R0NCZ05WVTBTSUJoQ1FCZ0dZQmdHaEJnQQFONEFBQ0JBcUFZQnNnWWtDHXQARR0MAEcdDABJHQxMdUFZS5oClQEhT1E4NGZnaUptWTg16SRvZXh1SUFRb0FEFfhUZ1FEb0pRVTFUTVRvME1EQXhRS1V1UxFRDFBBX1URDAxBQUFXHQwAWR0MAGEdDABjHQwQZUFDSkEdEGzYAu-hAeAC2N5H6gIbaHR0cHM6Ly93d3cuZ2x1Xf3w0C-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMB2AP49aYB4AMA6AMA-AMBgAQAkgQGL3V0L3YzmAQAogQMMjE3LjY0LjE1MS4zqAQAsgQQCAAQARjiByD6ASgAMAA4ArgEAMAEAMgEANIEDjkxNzgjQU1TMTo0MDAx2gQCCAHgBADwBOKG5VuIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXO8A76BQQIABAAkAYAmAYAuAYAwQYAAAAAATEg0AarL9oGFgoQBTMdAWAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADjEBkAAyAfhjgXSBw0JETsBOAjaBwYJJ0DgBwDqBwIIAPAHjm2KCAIQAA..&s=ce04d600356238b3e82dc6ad1a1dbe685144cd44&type=nv&nvt=5&jm=1003&px=303&py=95&bw=994&bh=250&sid=3731166301615215535&vd=ct~0|rr~0&sv=224&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=15138775&sw=1600&sh=1200&pw=1600&ph=2521&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 May 2022 07:26:27 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ea1dcf1d-0b6d-4835-9d87-cb355afb5656
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.glueckspost.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 7319 0
838 B 27ms
26ms Ping
text/html 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.glueckspost.ch%2F&e=wqT_3QKBCvBDAQUAAAMA1gAFAQifyu2TBhCvrP7xjui6tQoYyYXvwb_S8YATKjYJNPlmmxtjKEARNPlmmxtjKEAZAAAAoJlZMEAhNPkJGwApEST0aQExAAAAwMzMH0Aw1_-bBzjaR0DaR0gCUOKG5VtYoexuYABoppuIAXjhjgWAAQGKAQNVU0SSAQNDSEaYAeIHoAH6AagBBrABALgBAMABBMgBAtABANgBAOABAPABAPoBI0dsdWVja3Nwb3N0LmNoX0RFX0Rlc2t0b3BfSG9tZV9XQl8xigI8dWYoJ2EnLCAyNTQ3MDE2LCAxNjUyMjUzOTgzKTt1ZigncicsIDE5MjQ5NjQ4MiwgMTY1MjI1Mzk4Myk7kgLlAyFvRV9iVEFpSm1ZOFJFT0tHNVZzWUFDQ2g3RzR3QURnQVFBUkkya2RRMV8tYkIxZ0FZSkVGYUFCd0FIZ0FnQUVBaUFFQWtBRUJtQUVCb0FFQnFBRURzQUVBdVFFRDYwcThHMk1vUU1FQkEtdEt2QnRqS0VESkFkWmZ6X01hWV9nXzJRRUFBQUFBQUFEd1AtQUJBSmdDQUtBQ0FMVUNBQUFBQUwwQwUh8ElNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFib0RDVUZOVXpFNk5EQXdNZUFEcFM2SUJBQ1FCQUNZQkFIQkJBQQVPAQEIeVFRAQcJARhOZ0VBUEVFCQ0BAVRDSUJhRWZxUVhMbkM2TGljM3ZQN0VGARoJAQhEQkIdPwh5UVUJFwEBAE4yKAAAWi4oALg0QVdkdGtyd0JaR0U3UVQ0QmNpNm13R0NCZ05WVTBTSUJoQ1FCZ0dZQmdHaEJnQQFONEFBQ0JBcUFZQnNnWWtDHXQARR0MAEcdDABJHQxMdUFZS5oClQEhT1E4NGZnaUptWTg16SRvZXh1SUFRb0FEFfhUZ1FEb0pRVTFUTVRvME1EQXhRS1V1UxFRDFBBX1URDAxBQUFXHQwAWR0MAGEdDABjHQwQZUFDSkEdEGzYAu-hAeAC2N5H6gIbaHR0cHM6Ly93d3cuZ2x1Xf3w0C-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMB2AP49aYB4AMA6AMA-AMBgAQAkgQGL3V0L3YzmAQAogQMMjE3LjY0LjE1MS4zqAQAsgQQCAAQARjiByD6ASgAMAA4ArgEAMAEAMgEANIEDjkxNzgjQU1TMTo0MDAx2gQCCAHgBADwBOKG5VuIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXO8A76BQQIABAAkAYAmAYAuAYAwQYAAAAAATEg0AarL9oGFgoQBTMdAWAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADjEBkAAyAfhjgXSBw0JETsBOAjaBwYJJ0DgBwDqBwIIAPAHjm2KCAIQAA..&s=ce04d600356238b3e82dc6ad1a1dbe685144cd44&type=pv&jm=1003|1161&px=303&py=95&bw=994&bh=250&sf=1&sid=3731166301615215535&vd=ct~0|rr~5&sv=224&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=15138775&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.glueckspost.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 May 2022 07:26:28 GMT
X-Proxy-Origin: 217.64.151.3; 217.64.151.3; 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1a681161-93ea-4af0-af99-bce84f3b8a6c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.glueckspost.ch
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csr.onet.pl
URL: https://csr.onet.pl/5469564/tags?domain=www.glueckspost.ch&site=Glueckspostch_DE&v=1

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.glueckspost.ch/	1970-01-20 11:43:09	Name: cs_fpid Value: 1652253982645_11748699
.glueckspost.ch/	1970-01-20 20:28:45	Name: _ga Value: GA1.2.915999267.1652253983
.glueckspost.ch/	1970-01-20 02:59:00	Name: _gid Value: GA1.2.1530458789.1652253983
.glueckspost.ch/	1970-01-20 02:57:34	Name: _gat_tealium_0 Value: 1
.events.ocdn.eu/	1970-01-21 22:45:33	Name: ea_uuid Value: 202205110926228862106261
.glueckspost.ch/	1970-01-20 05:07:09	Name: _fbp Value: fb.1.1652253982864.1230430083
.glueckspost.ch/	1970-01-20 05:07:09	Name: _gcl_au Value: 1.1.1240346532.1652253983
.facebook.com/	1970-01-20 05:07:09	Name: fr Value: 0klmrbex4lcT4tIvS..Bie2Ue...1.0.Bie2Ue.
.scorecardresearch.com/	1970-01-20 20:14:21	Name: UID Value: 149ce6fcfdc4257ff1c82c61652253982
.glueckspost.ch/	1970-01-20 02:57:35	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.glueckspost.ch/%22%2C%22sref%22:%22%22%2C%22sts%22:1652253982897%2C%22slts%22:0}
.glueckspost.ch/	1970-01-20 12:26:57	Name: _parsely_visitor Value: {%22id%22:%22pid=3e8e8fb36e67a5781de3f12b68e0e465%22%2C%22session_count%22:1%2C%22last_session_ts%22:1652253982897}
.glueckspost.ch/	1970-01-21 22:45:33	Name: ea_uuid Value: 202205110926228862106261
.doubleclick.net/	1970-01-20 12:19:09	Name: IDE Value: AHWqTUlZBFNcb-68tUGZSA5ZuIzdHsCI3cMValbk9vSvKNGolLwuvpGZIR-NfO7D
.glueckspost.ch/	1970-01-20 03:07:38	Name: ats_ri Value: ri=000000000000000000000000&ttl_ms=3600000&expires_ms=1652257582936&version=1652253982.924
.glueckspost.ch/	1970-01-20 11:43:09	Name: utag_main Value: v_id:0180b202ff6d001abbe780ea315e03073001b06b00b08$_sn:1$_ss:0$_st:1652255782941$ses_id:1652253982574%3Bexp-session$_pn:1%3Bexp-session
.tr1.admeira.ch/	1970-01-20 11:43:09	Name: ope_uid Value: 2-tFNy+LEqeuxxC4IuIFmcXiTcSyz/rw5Ljo61aK9IS7vPq7quYo2KAR6l2VCGFSAR0+5kGw==
.tagger.opecloud.com/	1970-01-20 11:43:09	Name: ope_uid Value: 2-ZguFijghRExcQbuHwPhLPNfeLBa8Ui3xbD5P+0Aqfn3FO0wA91Oy8HJsonrQdPzXdOMuUg==
.adnxs.com/	1970-01-20 05:07:09	Name: uuid2 Value: 1369594100524499657
.adnxs.com/	1970-01-20 05:07:09	Name: icu Value: ChgI4ZpZEAoYASABKAEwn8rtkwY4AUABSAEQn8rtkwYYAA..
.glueckspost.ch/	1970-01-20 12:19:09	Name: __gads Value: ID=af958a99aa6c6b6e:T=1652253983:S=ALNI_MafUqhoKCeNGK_nObA2_Gmk0wUJZg
.doubleclick.net/	1970-01-20 02:57:37	Name: DSID Value: NO_DATA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	Message: Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
network	error	URL: https://aka-cdn-ns.adtech.de/apps/431/Ad18370991St3Sz225Sq111721859V0Id2/ads.js?foo=bar&adserver= Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://cdn.ampproject.org/rtv/032204292129000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs-simple.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
aka-cdn-ns.adtech.de
ams1-ib.adnxs.com
api.contentpass.net
artemis-cdn.ocdn.eu
cdn.admeira.ch
cdn.adnxs.com
cdn.adsafeprotected.com
cdn.ampproject.org
cdn.parsely.com
cm.g.doubleclick.net
connect.facebook.net
crcdn01.adnxs-simple.com
csr.onet.pl
d1z2jf7jlzjs58.cloudfront.net
dt.adsafeprotected.com
end.scorecardresearch.com
events.ocdn.eu
fabaa99cf662c6e93e6bd95cf205526a.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
get.contentpass.net
glueckspost.ch
googleads.g.doubleclick.net
ib.adnxs.com
lib.onet.pl
p1.parsely.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
profiles.tr1.admeira.ch
ri.nuggad.net
sb.scorecardresearch.com
secure.adnxs.com
securepubads.g.doubleclick.net
sgqcvfjvr.onet.pl
static.adsafeprotected.com
static.xx.fbcdn.net
stats.g.doubleclick.net
tagger.opecloud.com
tags.tiqcdn.com
tpc.googlesyndication.com
tr1.admeira.ch
www.facebook.com
www.glueckspost.ch
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
csr.onet.pl
104.104.52.75
104.75.88.194
108.138.7.14
108.157.4.102
13.226.132.36
13.32.121.17
142.250.184.226
142.250.185.66
151.101.193.108
18.196.120.117
18.66.100.58
18.66.139.124
18.66.2.105
185.33.220.240
185.33.221.13
185.33.221.50
185.53.178.51
23.35.236.188
2600:1f13:800:7780:5169:8668:b8ea:b057
2600:9000:2251:3800:1c:9a5b:a1c0:93a1
2600:9000:2491:4800:8:48e:53c0:93a1
2606:2800:233:d84b:39e5:dbd4:25cd:99d9
2606:4700:3034::6815:229d
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2004
2a00:1450:4001:828::2001
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.33.138.253
34.78.251.152
35.157.155.129
35.158.169.169
52.212.32.175
52.222.250.70
52.58.169.45
54.144.144.142
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
037e204b336b111a84c08af22399efd6138ed114e9c541d5dc6c6d6cd6cece73
069c7f1a041945ea68cb7613877798801a5a961684122ce4fb28b3ed4098dfc3
07704fd49b7646c1c460acef38d336fa431a9f6943b10974ad702ee32b98d284
10d113ba25469d41aa6510734565fb766766cb460ce51c143432644c106fcc83
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
1b544aafbe083491968c5f0dbd08d878728401c76d8a2a3637b3f3c2207d9564
1c7c6e50d8d06572f628f57b7f96441ff3f76f44d177619064d5e6e0edb97e48
20de6d868da34f858f29c591051e6a090968af31da2519ea6ea28183e41430a7
2160ff61a25a2921d9fc797614d1e2da137aa0b42cbb880dc765b93a85b92571
22a15261b065aea783d2645a73e291a8e199b29ff9f46f543fa54cc35b52af61
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
285f72d78978baa0db3f509347c43603edb5deb514d40207ea486649f71f3cb9
287a2e10466ec314a9c08efbf39f564f62ca566bbaa691d03f5e400e2c9b22f8
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2e25c974c85825866d72be3536ae53731b2c4b405ff02f1bc600cf1be06cb63a
2f3a137a37582990ecf7f9834f668db862df02846c2046fab9d9c48e99eb1650
301d7e71cc6c2bff6c97805698c57750eccfa99e58a2a152524db9241ef3c240
33b0cbfd7b3d71f2f60c48b1208c0de66846710d1de6b66e23c9bfbfa1fe498d
34e0bb5c5ed1184e6452cf7562faf332af1a26e95e50e035ff0a9f7065e6df9e
37c4573b84b959c29686cd07259d1b955b2a07a9de788df1af4c295dd28971dc
39bdc6630aad3e4c15fd07b777701feb77835acee49601873769082ebc5214b3
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e6a47e526989326ca5e86380a05c3fee177001124f70980b82575d2a7b80c3e
42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581
43e5142dcd0f8c1ca42bc441b8703025957d8dcddba7a03c7b5605287ffc2767
49817e4444cba8767315cc08d94c2e78a6e839ce2297a5ca14177dd75d4151fa
4a4b9570eb17ce8aaafeb01ce9b9260647cfc5927ce05ba96e17c316eb07f326
4bc40e77e34fd74766aa2049d5111744ddff12f27f51ef94999a1b1816dbf925
4c49e1ec0831ec82fc1785f307379da10a7244d938149de04c1b586f5824825a
4dd4478f3becd5b2728480eb71e127227c7ed9a294631366a8071cff100a9377
4e2847ec2e596f46aff5e26da66f6aab5e8cc2325b941412f91eea030b1a6f2f
5411cd2007b743530719c76a60363332c61377611ae2297c69e8cd3c05622a57
548cc3de512d1fc0b1e89c8a9f7da97f0aff6d2f3afd0e8f646b9e048a5d64b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5661569bbf7c57b515e953809f29a5f5553c4816d8f9e3405885aabda55de5ad
57812aba195a00de9f60a416892d55fb1c68a0d4cafc17983616a6fe039f6562
5b3ecc1abc7d2f2a2805ed4ec5ff1b8121786084708d96dfee45a744d1b928ff
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d68acc4f35ba393b0d5228152f71d89a0c31abb68b959b00a760c6d706588c4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6234572fccff71cbba406cf7b393574e187324095b62c4872d0873eaad67c3a8
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6a9175ad47c8cd3a27c6044c2330bdf3f9cf77e4240ad16869d64dc566253b21
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cfe44c6299d604e34a93e3d46f10ca1630d59180b81648ddc5cc686032f0cf1
6d46e2cf165a5a0584afba7bc9663da292ee08c97cfc7613de6013ed05be892a
72115774e068a807b1bc1aaa7f2df4d92038535bf0ff021c0a0cf5c3d9e6642a
7341190a25babb46f77a2d79dd84938dd73d2045c050d9a3304269aaeee79649
742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446
7a6a411a65592da3617c651eda193d147e7451ee70229b00495ea97435bf8c14
7c70b2362ed9d75fd8b2323fff556ae1b0efe6791c03697e8e2adc5f2fe846b6
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7de69cbfeaa5d87188931bb942786f32c1029b6fdb9c6b05859949f4a475948d
7deaaf085e8703195ce7b0ab018d833323013caaf9617142dad8b197ee52f6a6
7eaebf83989a77dc9ff39772b8b872a48c86478cbe26e6b96b3266f4fdb3ce9d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80eab569322e4ade12a30f0bfe04780dc547167887f14260d68eaec6893f9d4f
82564899aacd97976f8219ccacbefe14422ecaf576e897cb0e747b3ef47c5961
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
842c6ac20d5a28e1268292d3b5b3db31d7e4cb5ff295106222dd304682c398ac
8471f381394962167d7d0cbbd9ffbd1f19d3ef6c48a7d9e3209142e674481368
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8682b3a6d9901764f5aecd0853eb5232f8a164aeb3b3d9131b1b9c9111bc8bc6
889defbe2b581c3a5296f9fe855ce182fb6a37ec34efa323017e4a4a9024708a
88b8c7c16dee388c05a50c1546c4e4b8f522aabd40e672586c0d04d805f305df
88e97a6f3f76c50d5cdd2c8c5126af17ed8e05f8d67a7a11dc19a5134048a020
89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749
8becae9fd905b842ec8cfd48ca6298528d93e4d88a01a61348fe41531dcba967
8c315c508383248e3038750c8795a1660fdbcfe6078f7b24cd56746df52a41c5
8f273b6550fba96b1b83d36da56203cc4197349e3d4383665710c861de2bfbfe
926cdfd2e2bade7f34bde4e61afd8e93944b694c7bc39ce3ac98fbaeb346257c
92d703f0a0645397bd8435535d3ece2864dc28312d9da2b6a97d74db9ba34e8b
9431778a303d719fb2b8fa5f66c7986a8169b4ee258ce47d712626235cdaed24
9a0ae98ca672912888b0d28d09a94763d697c65dcccc396de4f4556aed7001fb
9b2d05aa25c4c91244f1734cdf9dde3689f9b0e9e3dde3599793d30f30aa888b
9c48ae874096f183fd7cf104056aa3e40edf2f74fa58be8d3fad7463758a0dc1
9f2e24b95c962fffb41eede228d0c5c7681cf9bc3dd3ece2440412ec4246d84e
a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f
a0c6bb0a20d87cd24f4528e4ec8f4ebbbb863e6d9f1c1167b94f158f4ba0bc2e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aaae4aa9532a0d29d75f501420392cf81e7e0277e6ba096053eadadcb28ba53e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b7178882763ffff529eda8c2040bcab977aa9a893601ef7e8df884e5099dfdd6
b7dc5fdfa680147b7a2d8772980893ff48bbe69c2cfddbdfe90a37d41efc895a
b7f44ccc20e73019ced8f8debd4db018b73367f6a02e0fecd8cd3be3bba5ed99
b8c751772cd9c31d9416b89adcb4f93de959dca9a7ec4107521c2a87a64ad7d0
b9e715a0e4aeb3cccbf40211fbae1aa95405438d9535502f4f6bad34d6d23770
b9efeda8d8c6acf37928ca23f7af178e7ae5c18f80884310453b99cad1db7ea0
bc9dd4d847c6ba5d6c208ded39b607957a71ff16700c11773e23c71e2e18a113
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bffdb4ef0be4ecbbd410b7d92301abe4382a34b462e27257796154cc00e82868
c2103f98dab7e47abd92c47030caa47d0dd0595ad21446d0f396a1c1df017da7
c3378f37bf6251a5b995c691e910b9cebe911d4c6dc84800608e076bebe22ab5
c490df598b7f06b88e628e7d399f2ba21c4001dfa79ee84017b6b5cb95f4515b
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c7a4989a61f45bf9b36402fe1e3b8ef97a7e2e7f4721548b471464f32e1936ef
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d05027f474db727261e9270dcdbbb1e324265f38d14f86242b236daadfab50ad
d647e9aa47d9d9f7be11ca33ddfd2252a4b3a907bfc92e437211d0e1c774f69a
da46723f3f208e54c95ea4e7e3b91b46e2b1a0ee018da0f4e9fc04c27efa495c
daf6c9f1f0192f365e6840e793c02e2a377bfa4a1202fda1550726081c302114
dd4ac7e658c1a9f8768fa0b6867f6cf704db90986f4955a9e6274217aec64ac8
dd693f332bb924f13069f07201c40e6e9031b1364ec1ca209f7bca22e18c2d0e
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e0bcd9920e284bdc158735dfe3edb9866d4730baf0e85198e1b419502f8f55fd
e0d3fbf202fecdb1482b53e92072be46a7c6fad71d19678d4052d71ccc33bf43
e2bc1c96070df13648deeba59fe09ce84f3514f5746bb61470c8f5472771af63
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e680f84f5a15d5113b3d271f4f26456bbdd12103f70eaaf21ab08ef68aee9753
e85f103cf2532c50e5150c37f69cded8f2e3bc198d84b3f85773602634da6027
eb7a1186dff1b2af7972871f16ea72dbfcd333a18411756987e7caf417418bc5
ed16ba741d4101ad243e7694f907b72be75b1493a4bc920cc54c0d5060c74e2e
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b0f456e186c9df28e31d734f55653a6423f31ac6325d71712784c868604b06
fe01d4f50dbeac0bd102f282f57fd8a0683ef03c239e10097b347c2ecfa14a43

www.glueckspost.ch Open in urlscan Pro 104.104.52.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

159 Requests

95 %HTTPS

45 %IPv6

28 Domains

52 Subdomains

44 IPs

6 Countries

4540 kBTransfer

7835 kBSize

21 Cookies

15 Outgoing links

Page URL History

Redirected requests

159 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.glueckspost.ch Open in urlscan Pro
104.104.52.75 Public Scan

Screenshot
Live screenshot

Full Image

159
Requests

95 %
HTTPS

45 %
IPv6

28
Domains

52
Subdomains

44
IPs

6
Countries

4540 kB
Transfer

7835 kB
Size

21
Cookies

159 HTTP transactions
6 data transactions