www.sandramumenthaler.ch Open in urlscan Pro
34.36.96.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sandramumenthaler.ch/
Effective URL:
https://www.sandramumenthaler.ch/
Submission: On December 24 via api (December 24th 2024, 4:06:49 am UTC) from CH — Scanned from CH

Summary HTTP 41 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 41 HTTP transactions. The main IP is 34.36.96.25, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.sandramumenthaler.ch.
TLS certificate: Issued by WR3 on November 14th 2024. Valid for: 3 months.

This is the only time www.sandramumenthaler.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	116.202.46.82 116.202.46.82	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
10	34.36.96.25 34.36.96.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	63.32.183.3 63.32.183.3	16509 (AMAZON-02) (AMAZON-02)
3	216.198.54.3 216.198.54.3	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
1	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	18.66.102.51 18.66.102.51	16509 (AMAZON-02) (AMAZON-02)
7	31.25.12.18 31.25.12.18	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	216.198.53.3 216.198.53.3	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
1	108.128.190.134 108.128.190.134	16509 (AMAZON-02) (AMAZON-02)
2	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
1	216.198.54.1 216.198.54.1	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
1	31.25.12.50 31.25.12.50	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
41	16

1 116.202.46.82 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: lx3.hoststar.hosting

sandramumenthaler.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.36.96.25 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.96.36.34.bc.googleusercontent.com

www.sandramumenthaler.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.183.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-183-3.eu-west-1.compute.amazonaws.com

app.productfruits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.198.54.3 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 31.25.12.18 (Switzerland)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

www.digistore24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.198.53.3 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.190.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-190-134.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.198.54.1 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

digibiz24.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.25.12.50 (Switzerland)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

www.checkout-ds24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	sandramumenthaler.ch 1 redirects sandramumenthaler.ch www.sandramumenthaler.ch	865 KB
7	digistore24.com www.digistore24.com — Cisco Umbrella Rank: 233359	17 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
4	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2270 ekr.zdassets.com — Cisco Umbrella Rank: 2553	271 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	371 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	213 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 888 script.hotjar.com — Cisco Umbrella Rank: 1185	63 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	77 KB
1	checkout-ds24.com www.checkout-ds24.com — Cisco Umbrella Rank: 297008	588 B
1	zendesk.com digibiz24.zendesk.com	1 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 5577	171 B
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	productfruits.com app.productfruits.com — Cisco Umbrella Rank: 53179	14 KB
41	13

	Domain	Requested by
10	www.sandramumenthaler.ch	www.sandramumenthaler.ch
7	www.digistore24.com	www.googletagmanager.com www.digistore24.com
4	region1.google-analytics.com	www.googletagmanager.com
4	www.googletagmanager.com	www.sandramumenthaler.ch www.googletagmanager.com
3	static.zdassets.com	www.sandramumenthaler.ch static.zdassets.com
2	www.facebook.com	www.sandramumenthaler.ch
2	connect.facebook.net	www.sandramumenthaler.ch connect.facebook.net
1	www.checkout-ds24.com
1	digibiz24.zendesk.com	static.zdassets.com
1	content.hotjar.io	script.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	ekr.zdassets.com	static.zdassets.com
1	static.hotjar.com	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	app.productfruits.com	www.sandramumenthaler.ch
1	sandramumenthaler.ch	1 redirects
41	16

This site contains links to these domains. Also see Links.

Domain
app.digibiz24.com

Subject Issuer	Validity	Valid
www.sandramumenthaler.ch WR3	`2024-11-14` - `2025-02-12`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
productfruits.com Amazon RSA 2048 M03	`2024-09-07` - `2025-10-06`	a year	crt.sh
zdassets.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-02` - `2024-12-31`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
digistore24.com WR3	`2024-10-26` - `2025-01-24`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
digibiz24.zendesk.com E5	`2024-11-15` - `2025-02-13`	3 months	crt.sh
*.checkout-ds24.com WR3	`2024-12-05` - `2025-03-05`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.sandramumenthaler.ch/
Frame ID: 0FFE8973EF485B49378FAEFA8FB648BF
Requests: 37 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.sandramumenthaler.ch
Frame ID: B57D4916EA65FDA54DE4E597895A7B22
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-bcac9f6.js
Frame ID: 6F594A468C82415224607333746C0AF0
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The page can't be found

Page URL History Show full URLs

https://sandramumenthaler.ch/ HTTP 301
http://www.sandramumenthaler.ch/ HTTP 307
https://www.sandramumenthaler.ch/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

41
Requests

98 %
HTTPS

13 %
IPv6

13
Domains

16
Subdomains

16
IPs

4
Countries

1681 kB
Transfer

6882 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://app.digibiz24.com/dashboard
Title: Take me home

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sandramumenthaler.ch/ HTTP 301
http://www.sandramumenthaler.ch/ HTTP 307
https://www.sandramumenthaler.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
www.sandramumenthaler.ch/
Redirect Chain

https://sandramumenthaler.ch/
http://www.sandramumenthaler.ch/
https://www.sandramumenthaler.ch/

4 KB
2 KB

181ms
45ms

Document
text/html

34.36.96.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sandramumenthaler.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.96.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.96.36.34.bc.googleusercontent.com
Software: RoadRunner /
Resource Hash: cec1b796482c80d634ae49f869365b708b0cb73cff28ee4a19ffdb76abc83dc7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, private
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 24 Dec 2024 04:06:42 GMT
server: RoadRunner
traceparent: 00-6b9fdfdafaad3e0aee27af5e2bd02aa2-1b62df3c5f3f32fa-01
tracestate: es=s:1
vary: Accept-Encoding,Accept
via: 1.1 google
x-infra: live-euw3

Redirect headers

Location: https://www.sandramumenthaler.ch/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 style.css
www.sandramumenthaler.ch/css/ 460 KB
134 KB 24ms
23ms Stylesheet
text/css 34.36.96.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sandramumenthaler.ch/css/style.css?cb=1734698062
Requested by: Host: www.sandramumenthaler.ch
URL: https://www.sandramumenthaler.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.96.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.96.36.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a60d070b32d0091fa7cd7ac679f480fe658ec870aa58bc1665c2251be45b101f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

cache-control: max-age=86400
content-encoding: br
x-infra: live-euw3
etag: "67654988-21561"
via: 1.1 google
expires: Wed, 25 Dec 2024 04:06:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136545
date: Tue, 24 Dec 2024 04:06:42 GMT
content-type: text/css
last-modified: Fri, 20 Dec 2024 10:40:08 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 bootstrap-bundle.js Show response
www.sandramumenthaler.ch/js/ 167 KB
46 KB 24ms
23ms Script
application/javascript 34.36.96.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sandramumenthaler.ch/js/bootstrap-bundle.js?cb=1734698062
Requested by: Host: www.sandramumenthaler.ch
URL: https://www.sandramumenthaler.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.96.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.96.36.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 39cb41b81f745c2c48a8c2705c1317f0aabef0f2b8d5a7dfa5274c137323f29b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

cache-control: max-age=86400
content-encoding: br
x-infra: live-euw3
etag: "67654934-b5d4"
via: 1.1 google
expires: Wed, 25 Dec 2024 04:06:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46548
date: Tue, 24 Dec 2024 04:06:42 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2024 10:38:44 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 script.js Show response
www.sandramumenthaler.ch/js/ 3 MB
507 KB 43ms
42ms Script
application/javascript 34.36.96.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sandramumenthaler.ch/js/script.js?cb=1734698062
Requested by: Host: www.sandramumenthaler.ch
URL: https://www.sandramumenthaler.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.96.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.96.36.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 62872990cab4b38a2366ca7795a229c89ffe01d3bca28b5e70a0666d99e5cb9a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

cache-control: max-age=86400
content-encoding: br
x-infra: live-euw3
etag: "67654934-7ec15"
via: 1.1 google
expires: Wed, 25 Dec 2024 04:06:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 519189
date: Tue, 24 Dec 2024 04:06:42 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2024 10:38:44 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 tr.js Show response
www.sandramumenthaler.ch/js/ 824 KB
90 KB 61ms
61ms Script
application/javascript 34.36.96.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sandramumenthaler.ch/js/tr.js?cb=1734698062
Requested by: Host: www.sandramumenthaler.ch
URL: https://www.sandramumenthaler.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.36.96.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.96.36.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2786e625f3119ff61b44a46ffc9d076285f8f9795b992ba7877a9ca006e05c17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

cache-control: max-age=86400
content-encoding: br
x-infra: live-euw3
etag: "67656477-16580"
via: 1.1 google
expires: Wed, 25 Dec 2024 04:06:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91520
date: Tue, 24 Dec 2024 04:06:42 GMT
content-type: application/javascript
last-modified: Fri, 20 Dec 2024 12:35:03 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 327 KB
110 KB 85ms
43ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TVT4GT9

Requested by

Host: www.sandramumenthaler.ch
URL: https://www.sandramumenthaler.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb79af3442784d65f6e0ecea7c221efb02bbaaa0611651d42e7a1913d694eeff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 24 Dec 2024 04:06:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 24 Dec 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 111694
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 script.js Show response
app.productfruits.com/static/ 37 KB
14 KB 169ms
43ms Script
text/javascript 63.32.183.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.productfruits.com/static/script.js
Requested by: Host: www.sandramumenthaler.ch
URL: https://www.sandramumenthaler.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.183.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-183-3.eu-west-1.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e7a05a70034e45b6ce3b9b9261927119bad3b9da745dfc229623f2016eea6dc7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

cache-control: no-store,no-cache
content-encoding: br
pragma: no-cache
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: text/javascript
last-modified: Fri, 20 Dec 2024 21:00:45 GMT
server: Kestrel
vary: Accept-Encoding

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 82ms
36ms Script
application/javascript 216.198.54.3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=addc18eb-e559-4994-9491-225fac6a3379

Requested by

Host: www.sandramumenthaler.ch
URL: https://www.sandramumenthaler.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.54.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7631939bbc2c74fc9a5fb1ee9565250a15bf95cc0e364da7fc5f15e3db41427

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"c88d625098ddb649cf216dba2e52435c"
x-amz-version-id: C4qpYKgeT8.DeRlre_wbz3El4DCj0uok
age: 45
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FHOKH%2BdCUyNs6oBJSH%2BIilK3TGzAdRG01spkQPmKPjpchpWG%2BgWhxr5VnNVqMwdne9rOabc58MgaxZQpdZ%2Fegv52wHEw2fzY32HhLfdAig7WQbUq4zpbFVTlx3nU02i5ox3STrg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: application/javascript
last-modified: Mon, 04 Nov 2024 09:45:04 GMT
vary: Accept-Encoding
x-amz-id-2: A0izfOgoJraDj0d+LpbejhD886w1ixucTx94SrPJm2EZb94haWLlT4UQTFbxgwt08RaNjEix9LA=
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=3600, s-maxage=60
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Z782ZAH0R0HQS8VP
cf-ray: 8f6db8675ca39752-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 roboto-latin-300-normal.woff2
www.sandramumenthaler.ch/assets/fonts/roboto/ 18 KB
18 KB 42ms
41ms Font
font/woff2 34.36.96.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sandramumenthaler.ch/assets/fonts/roboto/roboto-latin-300-normal.woff2
Requested by: Host: www.sandramumenthaler.ch
URL: https://www.sandramumenthaler.ch/css/style.css?cb=1734698062
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.96.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.96.36.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.sandramumenthaler.ch
Referer: https://www.sandramumenthaler.ch/css/style.css?cb=1734698062

Response headers

x-infra: live-euw3
etag: "67654a95-483c"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18492
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: font/woff2
last-modified: Fri, 20 Dec 2024 10:44:37 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 roboto-latin-400-normal.woff2
www.sandramumenthaler.ch/assets/fonts/roboto/ 18 KB
18 KB 46ms
45ms Font
font/woff2 34.36.96.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sandramumenthaler.ch/assets/fonts/roboto/roboto-latin-400-normal.woff2
Requested by: Host: www.sandramumenthaler.ch
URL: https://www.sandramumenthaler.ch/css/style.css?cb=1734698062
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.96.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.96.36.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.sandramumenthaler.ch
Referer: https://www.sandramumenthaler.ch/css/style.css?cb=1734698062

Response headers

x-infra: live-euw3
etag: "67654a95-4868"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: font/woff2
last-modified: Fri, 20 Dec 2024 10:44:37 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 icomoon.ttf
www.sandramumenthaler.ch/assets/fonts/ 29 KB
29 KB 52ms
51ms Font
application/octet-stream 34.36.96.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sandramumenthaler.ch/assets/fonts/icomoon.ttf
Requested by: Host: www.sandramumenthaler.ch
URL: https://www.sandramumenthaler.ch/css/style.css?cb=1734698062
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.96.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.96.36.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6d03631f24f39e2c9ec29d815299379cd290c4d34b64b4241378b8012fd0f544

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.sandramumenthaler.ch
Referer: https://www.sandramumenthaler.ch/css/style.css?cb=1734698062

Response headers

x-infra: live-euw3
etag: "67654a95-7288"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29320
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: application/octet-stream
last-modified: Fri, 20 Dec 2024 10:44:37 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 roboto-latin-500-normal.woff2
www.sandramumenthaler.ch/assets/fonts/roboto/ 18 KB
18 KB 23ms
23ms Font
font/woff2 34.36.96.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sandramumenthaler.ch/assets/fonts/roboto/roboto-latin-500-normal.woff2
Requested by: Host: www.sandramumenthaler.ch
URL: https://www.sandramumenthaler.ch/css/style.css?cb=1734698062
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.96.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.96.36.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.sandramumenthaler.ch
Referer: https://www.sandramumenthaler.ch/css/style.css?cb=1734698062

Response headers

x-infra: live-euw3
etag: "67654a95-489c"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18588
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: font/woff2
last-modified: Fri, 20 Dec 2024 10:44:37 GMT
server: nginx
vary: Accept-Encoding

POST
H3 200 collect
www.google.com/ccm/ 0
0 68ms
28ms Ping
text/plain 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.sandramumenthaler.ch%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=609553740.1735013203&dt=The%20page%20can%27t%20be%20found&auid=2017077473.1735013203&navt=n&npa=0&gtm=45He4cc1v811338995za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735013203078&tfd=527&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVT4GT9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 412 KB
132 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XEDQ5S9GT0&l=dataLayer&cx=c&gtm=45He4cc1v811338995za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVT4GT9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ccf8527cbfdc870d2817b773bc6cb9f4875fddf4ae2777b064a65cb04f59bbb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 24 Dec 2024 04:06:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 134963
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 396 KB
129 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-22Q6TMMYT2&l=dataLayer&cx=c&gtm=45He4cc1v811338995za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVT4GT9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22ed44613a5d56a0df993d310a30487c1248d3dfecd13d4a742226d0b286bb33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 24 Dec 2024 04:06:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 132149
x-xss-protection: 0
server: Google Tag Manager

GET js
www.googletagmanager.com/gtag/ 0
0

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 47ms
23ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sandramumenthaler.ch
URL: https://www.sandramumenthaler.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-ghJzbT7j' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ghJzbT7j' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4494, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: 69j2csMCkmULvlgXwTt+ZihZ7DmtgZtpgHwzaWqYAYhi0NFCUV9DAZaFLVpcj7IQF2tpbce29NHaKfkEc+qDAg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 hotjar-1191482.js Show response
static.hotjar.com/c/ 23 KB
8 KB 103ms
56ms Script
application/javascript 18.66.102.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1191482.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVT4GT9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-51.fra56.r.cloudfront.net

Software

Resource Hash

c5277276ff44ecbf1b94e3d2a29d0167ea7d8009dd58f72f78fe695fcc0c25c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/34269f0e0e6a7abe5098ca90b13d5472
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: z6dLWgf7qcIdD4QQTFQ0dxciVqjt5Zpw088VhfRu8nXleO40NH9L2A==
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H2 200 digistore.js Show response
www.digistore24.com/service/ 44 KB
16 KB 207ms
150ms Script
application/javascript 31.25.12.18
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.digistore24.com/service/digistore.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVT4GT9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.25.12.18 , Switzerland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

envoy /

Resource Hash

0336a670950f42bc1c8b31fd2cff844c976857251b367c401c2b741b236a81fb

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.zdassets.com *.zendesk.com *.hotjar.com https://digistore24.com https://www.digistore24.com; img-src 'self' data: https://digistore24.com https://www.digistore24.com *.zdassets.com *.zendesk.com https://script.hotjar.com; connect-src 'self' *.zdassets.com *.zendesk.com https://es-observability-nane1-prod.apm.northamerica-northeast1.gcp.elastic-cloud.com:443 *.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com; style-src 'self' 'unsafe-inline' *.zdassets.com *.zendesk.com https://digistore24.com https://www.digistore24.com; child-src https://digistore24.com https://www.digistore24.com; font-src 'self' *.zdassets.com *.zendesk.com script.hotjar.com https://digistore24.com https://www.digistore24.com; frame-src https://digistore24.com https://www.digistore24.com *.zdassets.com *.zendesk.com vars.hotjar.com; report-uri /v2/csp/report; report-to backend

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

content-security-policy: default-src 'self' data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.zdassets.com *.zendesk.com *.hotjar.com https://digistore24.com https://www.digistore24.com; img-src 'self' data: https://digistore24.com https://www.digistore24.com *.zdassets.com *.zendesk.com https://script.hotjar.com; connect-src 'self' *.zdassets.com *.zendesk.com https://es-observability-nane1-prod.apm.northamerica-northeast1.gcp.elastic-cloud.com:443 *.hotjar.com:* https://vc.hotjar.io:* https://surveystats.hotjar.io wss://*.hotjar.com; style-src 'self' 'unsafe-inline' *.zdassets.com *.zendesk.com https://digistore24.com https://www.digistore24.com; child-src https://digistore24.com https://www.digistore24.com; font-src 'self' *.zdassets.com *.zendesk.com script.hotjar.com https://digistore24.com https://www.digistore24.com; frame-src https://digistore24.com https://www.digistore24.com *.zdassets.com *.zendesk.com vars.hotjar.com; report-uri /v2/csp/report; report-to backend
content-encoding: gzip
x-infra: live-nane1
etag: W/"67697364-af92"
x-envoy-upstream-service-time: 2
report-to: { "group": "backend", "max_age": 10886400, "endpoints": [ {"url": "/v2/csp/report"} ] }
x-envoy-decorator-operation: null
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: application/javascript
last-modified: Mon, 23 Dec 2024 14:27:48 GMT
server: envoy
vary: Accept-Encoding

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame B57D 0
0 65ms
25ms Document
text/html 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.sandramumenthaler.ch

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVT4GT9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Dec 2024 04:06:43 GMT
expires: Wed, 24 Dec 2025 04:06:43 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 addc18eb-e559-4994-9491-225fac6a3379 Show response
ekr.zdassets.com/compose/ 685 B
1 KB 252ms
206ms Fetch
application/json 216.198.53.3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/addc18eb-e559-4994-9491-225fac6a3379

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=addc18eb-e559-4994-9491-225fac6a3379

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.53.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07110ecc919ff8c9682f16834b7e82b16a2c80db0adcff83ddd448162832031e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

access-control-max-age: 7200
x-request-id: 8f6db867dba1d3c1-SEA, 8f6db867dba1d3c1-SEA, 8f6db867dba1d3c1-SEA
access-control-expose-headers
content-encoding: br
cf-cache-status: MISS
etag: W/"07110ecc919ff8c9682f16834b7e82b1"
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BokNPbliDADkGK2tEnd%2BVj%2Fwahp9YVEfubEuTeUrV4X2axMVaB2%2BiYAIrRvHv%2FBtSGTBgi%2FMfGWsf2CCs45aAvQdTHeEPtuc4HBPN0g7E8XnZsHk4D2eAcF7uKt53nJTxow%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: application/json; charset=utf-8
vary: Accept, Origin, Accept-Encoding
x-runtime: 0.003872
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
cdn-cache-control: max-age=60
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
cf-ray: 8f6db867dba1d3c1-FRA
access-control-allow-origin: *
x-zendesk-zorg: yes, yes
x-xss-protection: 1; mode=block
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 81ms
33ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XEDQ5S9GT0&gtm=45je4cc1v881120734z8811338995za200zb811338995&_p=1735013202939&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1969623688.1735013203&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735013203&sct=1&seg=0&dl=https%3A%2F%2Fwww.sandramumenthaler.ch%2F&dt=The%20page%20can%27t%20be%20found&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=631
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XEDQ5S9GT0&l=dataLayer&cx=c&gtm=45He4cc1v811338995za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.sandramumenthaler.ch
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 56ms
33ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-22Q6TMMYT2&gtm=45je4cc1v876427672z8811338995za200zb811338995&_p=1735013202939&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1969623688.1735013203&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735013203&sct=1&seg=0&dl=https%3A%2F%2Fwww.sandramumenthaler.ch%2F&dt=The%20page%20can%27t%20be%20found&en=page_view&_fv=1&_ss=1&ep.content_group=coachannel&tfd=656
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-22Q6TMMYT2&l=dataLayer&cx=c&gtm=45He4cc1v811338995za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.sandramumenthaler.ch
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 2210207819036488 Show response
connect.facebook.net/signals/config/ 78 KB
16 KB 156ms
156ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2210207819036488?v=2.9.179&r=stable&domain=www.sandramumenthaler.ch&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

03ecfd6b7ff9e75a6c1b1332cd7f42e0ce9ed44d0ac98d4236f05e092a1fb4df

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-jOnUmJpR' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-jOnUmJpR' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=77, mss=1232, tbw=71306, tp=68, tpl=0, uplat=133, ullat=0
pragma: public
x-fb-debug: kqRgudvjfeiF/iqxzaYeHHBviRUiTiPy54ClE1rQi9B8tuV14EI4XF8hprlsEMRN8ERx7rFUuTFz3L+zb8NY2w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 modules.60031afbf51fb3e88a5b.js Show response
script.hotjar.com/ 223 KB
56 KB 66ms
19ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.60031afbf51fb3e88a5b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1191482.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

x-robots-tag: none
content-encoding: br
etag: "b4a1a7933e55e780894c3f39b1aca0b4"
age: 490536
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: XIbUhJc-pjM5JiODULJcMFSTqgouaX_OJCgalW86TdF-oAE1FpA_UA==
date: Wed, 18 Dec 2024 11:51:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 18 Dec 2024 11:50:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56408
x-amz-cf-pop: FRA56-P4

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 307ms
42ms XHR
application/json 108.128.190.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=1191482&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.60031afbf51fb3e88a5b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.128.190.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-190-134.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9f94a3204be2c698639c6cc7c5254546975f6053fcb9ac452abc6259ebb86e9c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://www.sandramumenthaler.ch/

Response headers

access-control-max-age: 86400
access-control-allow-origin: *
content-length: 56
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: application/json

GET
H2 200 web-widget-main-bcac9f6.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 6F59 830 KB
259 KB 35ms
35ms Script
application/javascript 216.198.54.3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-bcac9f6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=addc18eb-e559-4994-9491-225fac6a3379

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.54.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b80bae0b2a8345fdf150c81f164f47195dfbd217b84e4dc3382409d4d3ae768c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"419802576603f417f149fc475b138e7e"
x-amz-version-id: HSsYuF0DBd0RIN7zCStOoTZG9o.DjzRZ
age: 91
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zsLSIeu6jJXYzvwO%2FX6ew2%2BlaqH1aXT3t40S4FafG4aLT5GoTnJCdfRVDZflyj6Hfpq4%2FiTh8cfBn%2FSXBtYiq9hQA7qBKI1p%2FabsHliYx4Y%2F6xyRv%2B0hdnev15DEO%2BVnh2K8EpY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
expires: Wed, 17 Dec 2025 09:50:43 GMT
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 17 Dec 2024 09:50:44 GMT
vary: Accept-Encoding
x-amz-id-2: ANlVXEFR0AIxaTC/oZtgoabAupi9TapvseAJpIAEQc9a5CIYqzj/QiSrP9AVhRdLoEH/Fj+oEBJj+3hvmIEwag==
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6RTEDAXCSHJMA1XY
cf-ray: 8f6db8692d339752-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 41ms
20ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2210207819036488&ev=PageView&dl=https%3A%2F%2Fwww.sandramumenthaler.ch%2F&rl=&if=false&ts=1735013203383&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735013203382.765968625157092874&cs_est=true&ler=empty&cdl=API_unavailable&it=1735013203215&coo=false&rqm=GET

Requested by

Host: www.sandramumenthaler.ch
URL: https://www.sandramumenthaler.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4540, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
197 B 182ms
161ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2210207819036488&ev=PageView&dl=https%3A%2F%2Fwww.sandramumenthaler.ch%2F&rl=&if=false&ts=1735013203383&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12318&fbp=fb.1.1735013203382.765968625157092874&cs_est=true&ler=empty&cdl=API_unavailable&it=1735013203215&coo=false&rqm=FGET

Requested by

Host: www.sandramumenthaler.ch
URL: https://www.sandramumenthaler.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7451824966712951109"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: i7RFpPSywU9a9VHxlP0onv3KQywKuzPi1OwG1MJH62liUeZN/aH+GlJJ9y0alHzfkPKdAXIR+BibLhw1cwbIfw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7451824966712951109", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=23, mss=1232, tbw=4908, tp=13, tpl=0, uplat=141, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 en-us-json-bcac9f6.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 6F59 25 KB
6 KB 34ms
34ms Script
application/javascript 216.198.54.3
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-bcac9f6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-bcac9f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.54.3 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b87b92cd9b2943bcc97a64011eb833ef4205009327eaffe17db1cd001ae9ecc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 0
content-encoding: br
cf-cache-status: HIT
etag: W/"ef48436bf7997a9fed0856cd3df28c0f"
x-amz-version-id: ZNY1FVImW6VU1ojAeCi38kHzm.pPRRmF
age: 488252
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RzqCNDxJvGV5f2gykNarVQkM2KNGtoNWDVs74UdqYb0FLLDStF4pS0c8ey%2BTupK8h9ADlkT%2FKJSI154FABSF%2BQVesQVEd7IttLqxdfKutVTGrxHIX8I1pITTMz5u6S54%2Fdb2M38%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, HEAD
expires: Wed, 17 Dec 2025 09:50:45 GMT
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 17 Dec 2024 09:50:46 GMT
vary: Accept-Encoding
x-amz-id-2: McAtkxEpUwldq/USWm1Cq/Sf0dAlHUDCvgWeRsQpXTLoAbCKXEyIXD2R56LDY+kFSFLvlmgCHZZAZPBVAOjGskGiM7xhGk/me+Ck1D2j6fQ=
access-control-allow-headers: *
strict-transport-security: max-age=0
x-amz-replication-status: COMPLETED
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 0WWG2MJCSWWBAW7J
cf-ray: 8f6db869fd7f9752-FRA
access-control-allow-origin: *
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 config Show response
digibiz24.zendesk.com/embeddable/ Frame 6F59 326 B
1 KB 225ms
138ms Fetch
application/json 216.198.54.1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://digibiz24.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-bcac9f6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.198.54.1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72553db85d2226b3401c5115388a75e1940fe04895ae072bcb5e87bb357ab2a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=259200;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 7200
x-request-id: 8f6db86a8a10dbfb-FRA
access-control-expose-headers
x-zendesk-origin-server: embeddable-app-server-86f69f6d9c-6p9cg
cf-cache-status: EXPIRED
etag: W/"72553db85d2226b3401c5115388a75e1"
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Twyc%2FZdOAMaIUunXhnyvk7ixFdqr9H9JcrN%2BnHL0Mu5xaZrwSrnBkz0PXdZlDKDULoHSL3r%2BHkJKwXx6qZowruVwBRqBi7oTY1cySzFu4DTIYakdx%2F6zuKmu0GFIjGJrfw914d3RXg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: application/json; charset=utf-8
vary: Accept, Origin, Accept-Encoding
x-runtime: 0.022530
strict-transport-security: max-age=259200;
cache-control: max-age=60, public, stale-while-revalidate=600, stale-if-error=3600
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f6db86a8a10dbfb-FRA
access-control-allow-origin: *
x-zendesk-zorg: yes
x-cached: MISS
server: cloudflare

GET
H2 200 122409.json Show response
www.digistore24.com/track/AFFILIATE/ 158 B
221 B 149ms
148ms Script
text/javascript 31.25.12.18
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.digistore24.com/track/AFFILIATE/122409.json?group_sids=&ds24tr=&ds24utm=&ds24cmt=&ds24domain=&ds24ref=&get_domain=1&jsonp_callback=__wrap_jsonp_response_0

Requested by

Host: www.digistore24.com
URL: https://www.digistore24.com/service/digistore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.25.12.18 , Switzerland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

envoy /

Resource Hash

85aa90b09544e0a08016e3b1d00a5d1f4d7c71923aff52fbb88787c6ec087b29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

x-robots-tag: noindex, nofollow, noarchive, noindex, nofollow, noarchive
content-encoding: gzip
x-infra: live-nane1
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors *;
cache-control: no-store, no-store, private
pragma: no-cache, no-cache
x-envoy-upstream-service-time: 33
x-envoy-decorator-operation: null
via: 1.1 google
access-control-allow-origin: *, *
content-length: 152
server: envoy

GET
H2 200 122409.png
www.checkout-ds24.com/track/AFFILIATE/ 95 B
588 B 215ms
150ms Image
image/png 31.25.12.50
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.checkout-ds24.com/track/AFFILIATE/122409.png?group_sids=&ds24tr=&ds24utm=&ds24cmt=&ds24domain=&ds24ref=&skip_count=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.25.12.50 , Switzerland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

envoy /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

x-robots-tag: noindex, nofollow, noarchive, noindex, nofollow, noarchive
x-infra: live-nane1
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors *;
cache-control: no-store, no-store, private
pragma: no-cache, no-cache
x-envoy-upstream-service-time: 35
x-envoy-decorator-operation: null
via: 1.1 google
access-control-allow-origin: *, *
server: envoy

GET
H2 200 122409.json Show response
www.digistore24.com/track/AFFILIATE/ 158 B
214 B 149ms
148ms Script
text/javascript 31.25.12.18
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.digistore24.com/track/AFFILIATE/122409.json?group_sids=&ds24tr=&ds24utm=&ds24cmt=&ds24domain=&ds24ref=&get_domain=1&jsonp_callback=__wrap_jsonp_response_1

Requested by

Host: www.digistore24.com
URL: https://www.digistore24.com/service/digistore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.25.12.18 , Switzerland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

envoy /

Resource Hash

f7f41407e12f4abbccd50fea0a655d53e273edfd3966a93221d11ce48a124e58

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

x-robots-tag: noindex, nofollow, noarchive, noindex, nofollow, noarchive
content-encoding: gzip
x-infra: live-nane1
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors *;
cache-control: no-store, no-store, private
pragma: no-cache, no-cache
x-envoy-upstream-service-time: 34
x-envoy-decorator-operation: null
via: 1.1 google
access-control-allow-origin: *, *
content-length: 152
server: envoy

GET
H2 200 122409.json Show response
www.digistore24.com/track/AFFILIATE/ 158 B
533 B 148ms
147ms Script
text/javascript 31.25.12.18
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.digistore24.com/track/AFFILIATE/122409.json?group_sids=&ds24tr=&ds24utm=&ds24cmt=&ds24domain=&ds24ref=&get_domain=1&jsonp_callback=__wrap_jsonp_response_2

Requested by

Host: www.digistore24.com
URL: https://www.digistore24.com/service/digistore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.25.12.18 , Switzerland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

envoy /

Resource Hash

35ce939945bd19066fcb07393d5864665ce68739550550ded2d194c12b84ff74

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

x-robots-tag: noindex, nofollow, noarchive, noindex, nofollow, noarchive
content-encoding: gzip
x-infra: live-nane1
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors *;
cache-control: no-store, no-store, private
pragma: no-cache, no-cache
x-envoy-upstream-service-time: 34
x-envoy-decorator-operation: null
via: 1.1 google
access-control-allow-origin: *, *
content-length: 153
server: envoy

GET
H2 200 122409.json Show response
www.digistore24.com/track/AFFILIATE/ 158 B
218 B 152ms
152ms Script
text/javascript 31.25.12.18
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.digistore24.com/track/AFFILIATE/122409.json?group_sids=&ds24tr=&ds24utm=&ds24cmt=&ds24domain=&ds24ref=&get_domain=1&jsonp_callback=__wrap_jsonp_response_3

Requested by

Host: www.digistore24.com
URL: https://www.digistore24.com/service/digistore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.25.12.18 , Switzerland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

envoy /

Resource Hash

90b8e0ccf2e9c6a8aa03fa115e1d02daafac41dbcbbbfa0a3d559067214b9c83

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

x-robots-tag: noindex, nofollow, noarchive, noindex, nofollow, noarchive
content-encoding: gzip
x-infra: live-nane1
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors *;
cache-control: no-store, no-store, private
pragma: no-cache, no-cache
x-envoy-upstream-service-time: 30
x-envoy-decorator-operation: null
via: 1.1 google
access-control-allow-origin: *, *
content-length: 153
server: envoy

GET
H2 200 122409.json Show response
www.digistore24.com/track/AFFILIATE/ 158 B
218 B 163ms
162ms Script
text/javascript 31.25.12.18
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.digistore24.com/track/AFFILIATE/122409.json?group_sids=&ds24tr=&ds24utm=&ds24cmt=&ds24domain=&ds24ref=&get_domain=1&jsonp_callback=__wrap_jsonp_response_4

Requested by

Host: www.digistore24.com
URL: https://www.digistore24.com/service/digistore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.25.12.18 , Switzerland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

envoy /

Resource Hash

3bbb1c56cd1c846f23002a07b568f8d2323e9199ab4178c938e8be7bb0621575

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

x-robots-tag: noindex, nofollow, noarchive, noindex, nofollow, noarchive
content-encoding: gzip
x-infra: live-nane1
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors *;
cache-control: no-store, no-store, private
pragma: no-cache, no-cache
x-envoy-upstream-service-time: 32
x-envoy-decorator-operation: null
via: 1.1 google
access-control-allow-origin: *, *
content-length: 153
server: envoy

GET
H2 200 122409.json Show response
www.digistore24.com/track/AFFILIATE/ 158 B
218 B 158ms
158ms Script
text/javascript 31.25.12.18
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.digistore24.com/track/AFFILIATE/122409.json?group_sids=&ds24tr=&ds24utm=&ds24cmt=&ds24domain=&ds24ref=&get_domain=1&jsonp_callback=__wrap_jsonp_response_5

Requested by

Host: www.digistore24.com
URL: https://www.digistore24.com/service/digistore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.25.12.18 , Switzerland, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

envoy /

Resource Hash

0eda37aad8e1846faf0742890963d6a733deaf48c1e0215646cc215226f8ca2b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

x-robots-tag: noindex, nofollow, noarchive, noindex, nofollow, noarchive
content-encoding: gzip
x-infra: live-nane1
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors *;
cache-control: no-store, no-store, private
pragma: no-cache, no-cache
x-envoy-upstream-service-time: 36
x-envoy-decorator-operation: null
via: 1.1 google
access-control-allow-origin: *, *
content-length: 153
server: envoy

GET
H3 200 favicon.ico
www.sandramumenthaler.ch/assets/images/_brand/ 15 KB
4 KB 21ms
21ms Other
image/x-icon 34.36.96.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sandramumenthaler.ch/assets/images/_brand/favicon.ico?1734698062
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.36.96.25 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.96.36.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f55df96d2ba6b77e4b6eec3737019f1377aaf7224867f2b41a4ef90a75fe0a21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

cache-control: max-age=86400
content-encoding: br
x-infra: live-euw3
etag: W/"67654a95-3c2e"
via: 1.1 google
expires: Wed, 25 Dec 2024 04:06:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 04:06:43 GMT
content-type: image/x-icon
last-modified: Fri, 20 Dec 2024 10:44:37 GMT
server: nginx
vary: Accept-Encoding

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 33ms
32ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XEDQ5S9GT0&gtm=45je4cc1v881120734za200zb811338995&_p=1735013202939&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1969623688.1735013203&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1735013203&sct=1&seg=0&dl=https%3A%2F%2Fwww.sandramumenthaler.ch%2F&dt=The%20page%20can%27t%20be%20found&en=scroll&epn.percent_scrolled=90&_et=7&tfd=5641
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XEDQ5S9GT0&l=dataLayer&cx=c&gtm=45He4cc1v811338995za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.sandramumenthaler.ch
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 04:06:48 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 33ms
33ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-22Q6TMMYT2&gtm=45je4cc1v876427672za200zb811338995&_p=1735013202939&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1969623688.1735013203&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1735013203&sct=1&seg=0&dl=https%3A%2F%2Fwww.sandramumenthaler.ch%2F&dt=The%20page%20can%27t%20be%20found&en=scroll&ep.content_group=coachannel&epn.percent_scrolled=90&_et=11&tfd=5668
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-22Q6TMMYT2&l=dataLayer&cx=c&gtm=45He4cc1v811338995za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.sandramumenthaler.ch/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.sandramumenthaler.ch
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 24 Dec 2024 04:06:48 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WWBD7EDJ4K&l=dataLayer&cx=c&gtm=45He4cc1v811338995za200

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sandramumenthaler.ch/	1970-01-21 04:06:29	Name: _gcl_au Value: 1.1.2017077473.1735013203
.sandramumenthaler.ch/	1970-01-21 11:32:53	Name: _ga Value: GA1.1.1969623688.1735013203
.sandramumenthaler.ch/	1970-01-21 11:32:53	Name: _ga_XEDQ5S9GT0 Value: GS1.1.1735013203.1.0.1735013203.0.0.0
.sandramumenthaler.ch/	1970-01-21 11:32:53	Name: _ga_22Q6TMMYT2 Value: GS1.1.1735013203.1.0.1735013203.0.0.0
.sandramumenthaler.ch/	1970-01-21 10:42:29	Name: _hjSessionUser_1191482 Value: eyJpZCI6ImRjNDEyOGQ2LWZlYjUtNTJiZi04NGRiLWFmYzNiZjAyMGM3MiIsImNyZWF0ZWQiOjE3MzUwMTMyMDMzMjMsImV4aXN0aW5nIjp0cnVlfQ==
.sandramumenthaler.ch/	1970-01-21 01:56:55	Name: _hjSession_1191482 Value: eyJpZCI6IjIzYzYzNTg1LTRlNjItNDIwNS1hNTkzLTQxODc4NmFlNjQ1OSIsImMiOjE3MzUwMTMyMDMzMjQsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.sandramumenthaler.ch/	1970-01-21 04:06:29	Name: _fbp Value: fb.1.1735013203382.765968625157092874

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.sandramumenthaler.ch/ Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.productfruits.com
connect.facebook.net
content.hotjar.io
digibiz24.zendesk.com
ekr.zdassets.com
region1.google-analytics.com
sandramumenthaler.ch
script.hotjar.com
static.hotjar.com
static.zdassets.com
www.checkout-ds24.com
www.digistore24.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.sandramumenthaler.ch
www.googletagmanager.com
108.128.190.134
116.202.46.82
142.250.186.100
157.240.0.6
157.240.253.35
18.66.102.51
2001:4860:4802:34::36
216.198.53.3
216.198.54.1
216.198.54.3
2a00:1450:4001:828::2008
31.25.12.18
31.25.12.50
34.36.96.25
52.222.236.122
63.32.183.3
0336a670950f42bc1c8b31fd2cff844c976857251b367c401c2b741b236a81fb
03ecfd6b7ff9e75a6c1b1332cd7f42e0ce9ed44d0ac98d4236f05e092a1fb4df
07110ecc919ff8c9682f16834b7e82b16a2c80db0adcff83ddd448162832031e
0eda37aad8e1846faf0742890963d6a733deaf48c1e0215646cc215226f8ca2b
22ed44613a5d56a0df993d310a30487c1248d3dfecd13d4a742226d0b286bb33
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
2786e625f3119ff61b44a46ffc9d076285f8f9795b992ba7877a9ca006e05c17
35ce939945bd19066fcb07393d5864665ce68739550550ded2d194c12b84ff74
39cb41b81f745c2c48a8c2705c1317f0aabef0f2b8d5a7dfa5274c137323f29b
3bbb1c56cd1c846f23002a07b568f8d2323e9199ab4178c938e8be7bb0621575
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4dbd328e347e890a801d51f9a5f8d38a3efd51ec34c0aa22cc83d0a95d6d9d71
62872990cab4b38a2366ca7795a229c89ffe01d3bca28b5e70a0666d99e5cb9a
6d03631f24f39e2c9ec29d815299379cd290c4d34b64b4241378b8012fd0f544
72553db85d2226b3401c5115388a75e1940fe04895ae072bcb5e87bb357ab2a4
85aa90b09544e0a08016e3b1d00a5d1f4d7c71923aff52fbb88787c6ec087b29
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
90b8e0ccf2e9c6a8aa03fa115e1d02daafac41dbcbbbfa0a3d559067214b9c83
9f94a3204be2c698639c6cc7c5254546975f6053fcb9ac452abc6259ebb86e9c
a60d070b32d0091fa7cd7ac679f480fe658ec870aa58bc1665c2251be45b101f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b80bae0b2a8345fdf150c81f164f47195dfbd217b84e4dc3382409d4d3ae768c
b87b92cd9b2943bcc97a64011eb833ef4205009327eaffe17db1cd001ae9ecc8
bb79af3442784d65f6e0ecea7c221efb02bbaaa0611651d42e7a1913d694eeff
c5277276ff44ecbf1b94e3d2a29d0167ea7d8009dd58f72f78fe695fcc0c25c7
c7631939bbc2c74fc9a5fb1ee9565250a15bf95cc0e364da7fc5f15e3db41427
ccf8527cbfdc870d2817b773bc6cb9f4875fddf4ae2777b064a65cb04f59bbb8
cec1b796482c80d634ae49f869365b708b0cb73cff28ee4a19ffdb76abc83dc7
e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a05a70034e45b6ce3b9b9261927119bad3b9da745dfc229623f2016eea6dc7
f55df96d2ba6b77e4b6eec3737019f1377aaf7224867f2b41a4ef90a75fe0a21
f7f41407e12f4abbccd50fea0a655d53e273edfd3966a93221d11ce48a124e58

www.sandramumenthaler.ch Open in urlscan Pro 34.36.96.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

41 Requests

98 %HTTPS

13 %IPv6

13 Domains

16 Subdomains

16 IPs

4 Countries

1681 kBTransfer

6882 kBSize

7 Cookies

1 Outgoing links

Page URL History

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sandramumenthaler.ch Open in urlscan Pro
34.36.96.25 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

98 %
HTTPS

13 %
IPv6

13
Domains

16
Subdomains

16
IPs

4
Countries

1681 kB
Transfer

6882 kB
Size

7
Cookies

41 HTTP transactions
0 data transactions