win4win.ch Open in urlscan Pro
2a01:4a0:17::1:f800 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfuMRqUiqL4EIZa5JqfWVYg/7unAP-JwwCCv
Effective URL:
https://win4win.ch/wettbewerb/helsana-wettbewerb/
Submission: On August 25 via api (August 25th 2024, 6:05:45 am UTC) from BE — Scanned from FR

Summary HTTP 119 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 34 IPs in 7 countries across 23 domains to perform 119 HTTP transactions. The main IP is 2a01:4a0:17::1:f800, located in Erlangen, Germany and belongs to CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE. The main domain is win4win.ch.
TLS certificate: Issued by E5 on August 19th 2024. Valid for: 3 months.

This is the only time win4win.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	1.179.112.197 1.179.112.197	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:440... 2606:4700:4400::6812:278d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	2a01:4a0:17::... 2a01:4a0:17::1:f800	201011 (CORE-BACK...) (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK)
1	2600:9000:205... 2600:9000:2057:c400:1d:87b1:e480:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
5	46.101.217.240 46.101.217.240	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2 3	142.250.184.228 142.250.184.228	15169 (GOOGLE) (GOOGLE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2	18.66.102.11 18.66.102.11	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f18:e8a... 2600:1f18:e8a:cd06:e361:a2ce:b047:17c	14618 (AMAZON-AES) (AMAZON-AES)
1	2a05:d018:ac8... 2a05:d018:ac8:b900:2a45:d70f:9818:9c14	16509 (AMAZON-02) (AMAZON-02)
5	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:480... 2a02:26f0:480:5b1::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	65.9.95.80 65.9.95.80	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:401... 2a00:1450:4013:c14::54	15169 (GOOGLE) (GOOGLE)
1	3.163.248.4 3.163.248.4	16509 (AMAZON-02) (AMAZON-02)
5	2.18.64.26 2.18.64.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
4	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
8	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
5	151.101.192.84 151.101.192.84	54113 (FASTLY) (FASTLY)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
119	34

1 1.179.112.197 (France)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

r.win4win-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:278d (United States)

ASN13335 (CLOUDFLARENET, US)

sibautomation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a01:4a0:17::1:f800 (Erlangen, Germany)

ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE)

win4win.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:c400:1d:87b1:e480:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.du89buildings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.101.217.240 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

sdk.checkout-panda.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
promo.checkout-panda.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.228 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:e8a:cd06:e361:a2ce:b047:17c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.du89buildings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:ac8:b900:2a45:d70f:9818:9c14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

esputnik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:5b1::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-80.prg50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4013:c14::54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.248.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.64.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-26.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f131.1e100.net

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	win4win.ch win4win.ch	7 MB
10	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	6 KB
8	google.com 2 redirects apis.google.com — Cisco Umbrella Rank: 225 www.google.com — Cisco Umbrella Rank: 10 accounts.google.com — Cisco Umbrella Rank: 46 region1.analytics.google.com — Cisco Umbrella Rank: 3773	82 KB
7	du89buildings.com ob.du89buildings.com — Cisco Umbrella Rank: 756513 obs.du89buildings.com — Cisco Umbrella Rank: 626207	154 KB
6	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1235	6 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 1202 tr6.snapchat.com — Cisco Umbrella Rank: 1340	1 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	137 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	164 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	510 KB
5	checkout-panda.ch sdk.checkout-panda.ch promo.checkout-panda.ch	507 KB
4	google.fr www.google.fr — Cisco Umbrella Rank: 16277	254 B
4	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 252 googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	344 B
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	65 KB
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 176	2 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1417	25 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	248 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104	21 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110 ajax.googleapis.com — Cisco Umbrella Rank: 641	32 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1413	21 KB
1	esputnik.com esputnik.com — Cisco Umbrella Rank: 66628	12 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	9 KB
1	sibautomation.com sibautomation.com — Cisco Umbrella Rank: 34099
1	win4win-news.com r.win4win-news.com	819 B
119	23

	Domain	Requested by
41	win4win.ch	r.win4win-news.com win4win.ch
10	www.facebook.com	win4win.ch connect.facebook.net
6	ct.pinterest.com	s.pinimg.com sdk.checkout-panda.ch ob.du89buildings.com
6	obs.du89buildings.com	ob.du89buildings.com win4win.ch sdk.checkout-panda.ch
5	analytics.tiktok.com	r.win4win-news.com ob.du89buildings.com analytics.tiktok.com
5	connect.facebook.net	win4win.ch connect.facebook.net
5	www.googletagmanager.com	win4win.ch www.google-analytics.com www.googletagmanager.com ob.du89buildings.com
4	tr.snapchat.com	sc-static.net ob.du89buildings.com win4win.ch
4	www.google.fr	win4win.ch
3	www.google.com	2 redirects win4win.ch
3	promo.checkout-panda.ch	win4win.ch
2	googleads.g.doubleclick.net	2 redirects
2	www.googleadservices.com	1 redirects ob.du89buildings.com
2	stats.g.doubleclick.net	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	s.pinimg.com	win4win.ch s.pinimg.com
2	static.hotjar.com	win4win.ch
2	www.google-analytics.com	win4win.ch www.google-analytics.com
2	apis.google.com	win4win.ch apis.google.com
2	sdk.checkout-panda.ch	win4win.ch ob.du89buildings.com
1	tr6.snapchat.com	sc-static.net
1	sc-static.net	www.googletagmanager.com
1	accounts.google.com	apis.google.com
1	script.hotjar.com	static.hotjar.com
1	www.gstatic.com	www.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	esputnik.com	win4win.ch
1	cdnjs.cloudflare.com	win4win.ch
1	ajax.googleapis.com	win4win.ch
1	fonts.googleapis.com	win4win.ch
1	ob.du89buildings.com	win4win.ch
1	sibautomation.com	r.win4win-news.com
1	r.win4win-news.com
119	33

This site contains links to these domains. Also see Links.

Domain
www.helsana.ch
wa.me
www.facebook.com
pinterest.com

Subject Issuer	Validity	Valid
r.win4win-news.com R11	`2024-07-12` - `2024-10-10`	3 months	crt.sh
sibautomation.com WE1	`2024-08-05` - `2024-11-03`	3 months	crt.sh
win4winbalancer.ch.trendhosting.cloud E5	`2024-08-19` - `2024-11-17`	3 months	crt.sh
*.du89buildings.com Amazon RSA 2048 M03	`2024-06-04` - `2025-07-03`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
sdk.checkout-panda.ch R10	`2024-07-12` - `2024-10-10`	3 months	crt.sh
promo.checkout-panda.ch R10	`2024-07-12` - `2024-10-10`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.apis.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.esputnik.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-13` - `2024-11-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-03` - `2024-09-01`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-02` - `2025-08-07`	a year	crt.sh
accounts.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.fr WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
*.googleadservices.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://win4win.ch/wettbewerb/helsana-wettbewerb/
Frame ID: 4A9005E1F7E0C03E33E586780DD9DCF6
Requests: 113 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=2510798
Frame ID: 6F5931AE1BEA1D82238085BDBB707B24
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: EEC2A432EF116850F01CBF5F574D6FC3
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=1cdb7c83-6b94-4de3-8d9d-6a5c277bfa5c&u_scsid=72e7104b-5f58-4eba-8830-a2ecc833e008&u_sclid=b01cb439-5501-4fd4-a42f-c35657cb3010
Frame ID: 0BCC6EF9C6A7B281A99084C9BD212725
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/login_button.php?app_id=2453031748306293&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49c4af0bd7597061%26domain%3Dwin4win.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwin4win.ch%252Fff180d69aa778b0e3%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A%20%20%20%20%20%20%20%20&scope=public_profile%2Cemail&sdk=joey
Frame ID: 00F30008D552968101C86FBDEB9660E7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v5.0/plugins/login_button.php?app_id=2453031748306293&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6b9e2435de88d3a8%26domain%3Dwin4win.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwin4win.ch%252Fff180d69aa778b0e3%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A%20%20%20%20%20%20%20%20&scope=public_profile%2Cemail&sdk=joey
Frame ID: 04D4D964E437F489B4AEC669A5DA3A53
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 9DA17B527096BB902A5AA0C658C4F4EC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Helsana verlost iPhone 15 Pro

Page URL History Show full URLs

http://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfuMRqUiqL4EIZa5JqfWVYg/7unAP-JwwCCv HTTP 307
https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfuMRqUiqL4EIZa5JqfWVYg/7unAP-JwwCCv Page URL
https://win4win.ch/wettbewerb/helsana-wettbewerb/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

<meta[^>]*google-signin-client_id
<meta[^>]*google-signin-scope
apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

119
Requests

97 %
HTTPS

53 %
IPv6

23
Domains

33
Subdomains

34
IPs

7
Countries

9495 kB
Transfer

13326 kB
Size

29
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.helsana.ch/de/private.html

Search URL Search Domain Scan URL

URL: https://wa.me/whatsappphonenumber/?text=https://win4win.ch/wettbewerb/helsana-wettbewerb/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?&u=https://win4win.ch/wettbewerb/helsana-wettbewerb/&t=Helsana%20Wettbewerb

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://win4win.ch/wettbewerb/helsana-wettbewerb/&media=https://win4win.ch/wp-content/uploads/2024/06/Beitragsbilder-297p-x-497p-8-297x340.gif&description=

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfuMRqUiqL4EIZa5JqfWVYg/7unAP-JwwCCv HTTP 307
https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfuMRqUiqL4EIZa5JqfWVYg/7unAP-JwwCCv Page URL
https://win4win.ch/wettbewerb/helsana-wettbewerb/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfuMRqUiqL4EIZa5JqfWVYg/7unAP-JwwCCv HTTP 307
https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfuMRqUiqL4EIZa5JqfWVYg/7unAP-JwwCCv

Request Chain 82

https://www.googleadservices.com/pagead/conversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0&ct_cookie_present=false&random=1924463674&crd=CLHBsQIIsMGxAgi5wbECCJvHsQI&pscrd=IhMIgbOM4ryPiAMVYO0RCB3ixA4JMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv HTTP 302
https://www.google.com/pagead/1p-conversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0&ct_cookie_present=false&random=1924463674&crd=CLHBsQIIsMGxAgi5wbECCJvHsQI&pscrd=IhMIgbOM4ryPiAMVYO0RCB3ixA4JMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv&is_vtc=1&cid=CAQSGwDpaXnfeBz4z4v0gZgWaxPQSdhzvfN1i8xt4g&random=1903062043 HTTP 302
https://www.google.fr/pagead/1p-conversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0&ct_cookie_present=false&random=1924463674&crd=CLHBsQIIsMGxAgi5wbECCJvHsQI&pscrd=IhMIgbOM4ryPiAMVYO0RCB3ixA4JMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv&is_vtc=1&cid=CAQSGwDpaXnfeBz4z4v0gZgWaxPQSdhzvfN1i8xt4g&random=1903062043&ipr=y

Request Chain 106

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/628473700/?random=786420310&cv=11&fst=1724565940424&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&ref=https%3A%2F%2Fr.win4win-news.com%2F&label=rsGbCJeb6okZEOT-1qsC&hn=www.googleadservices.com&frm=0&tiba=Helsana%20verlost%20iPhone%2015%20Pro&gtm_ee=1&npa=1&pscdl=noapi&auid=1082370116.1724565940&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI4p-X4ryPiAMVsjRVCB0LVzcYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv HTTP 302
https://www.google.com/pagead/1p-conversion/628473700/?random=786420310&cv=11&fst=1724565940424&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&ref=https%3A%2F%2Fr.win4win-news.com%2F&label=rsGbCJeb6okZEOT-1qsC&hn=www.googleadservices.com&frm=0&tiba=Helsana%20verlost%20iPhone%2015%20Pro&gtm_ee=1&npa=1&pscdl=noapi&auid=1082370116.1724565940&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI4p-X4ryPiAMVsjRVCB0LVzcYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv&is_vtc=1&cid=CAQSGwDpaXnf1gRhF4_j4eYI7i8fA2JTmAzVIuOBdQ&random=2798805780 HTTP 302
https://www.google.fr/pagead/1p-conversion/628473700/?random=786420310&cv=11&fst=1724565940424&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&ref=https%3A%2F%2Fr.win4win-news.com%2F&label=rsGbCJeb6okZEOT-1qsC&hn=www.googleadservices.com&frm=0&tiba=Helsana%20verlost%20iPhone%2015%20Pro&gtm_ee=1&npa=1&pscdl=noapi&auid=1082370116.1724565940&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI4p-X4ryPiAMVsjRVCB0LVzcYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv&is_vtc=1&cid=CAQSGwDpaXnf1gRhF4_j4eYI7i8fA2JTmAzVIuOBdQ&random=2798805780&ipr=y

119 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

7unAP-JwwCCv Show response
r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfuMRqUiqL4EIZa5JqfWVYg/
Redirect Chain

http://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfuMRqUiqL4EIZa5JqfWVYg/7unAP-JwwCCv
https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfuMRqUiqL4EIZa5JqfWVYg/7unAP-JwwCCv

671 B
819 B

195ms
67ms

Document
text/html

1.179.112.197
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfuMRqUiqL4EIZa5JqfWVYg/7unAP-JwwCCv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

1.179.112.197 , France, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

c6ffcf1486c217e3188fe288b8d88aa8ddb757ed7733c5408f0031a9bb0c9687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-length: 671
content-type: text/html; charset=utf-8
date: Sun, 25 Aug 2024 06:05:38 GMT
x-content-type-options: nosniff
x-sib-server: gke-public-cluster-v2-1-179-112-172
x-xss-protection: 1

Redirect headers

Location: https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfuMRqUiqL4EIZa5JqfWVYg/7unAP-JwwCCv
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 cm.html
sibautomation.com/ Frame 6F59 0
0 81ms
33ms Document
text/html 2606:4700:4400::6812:278d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sibautomation.com/cm.html?id=2510798
Requested by: Host: r.win4win-news.com
URL: https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfuMRqUiqL4EIZa5JqfWVYg/7unAP-JwwCCv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:278d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Sails <sailsjs.com>
Resource Hash

Request headers

Referer: https://r.win4win-news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
age: 2
cache-control: public, max-age=7200
cf-cache-status: HIT
cf-ray: 8b89643efcae52d5-LHR
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 25 Aug 2024 06:05:39 GMT
expires: Sun, 25 Aug 2024 08:05:39 GMT
server: cloudflare
vary: Accept-Encoding
x-powered-by: Sails <sailsjs.com>

GET
H2 200 Primary Request / Show response
win4win.ch/wettbewerb/helsana-wettbewerb/ 71 KB
16 KB 133ms
57ms Document
text/html 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wettbewerb/helsana-wettbewerb/

Requested by

Host: r.win4win-news.com
URL: https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfuMRqUiqL4EIZa5JqfWVYg/7unAP-JwwCCv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx / PHP/7.4.28

Resource Hash

de50168bdf739fd3af791bb4c463d2386e9c266ef3c6c1033dedcf9695628fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://r.win4win-news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 15576
content-type: text/html; charset=UTF-8
date: Sun, 25 Aug 2024 06:05:39 GMT
edit: Set-Cookie (.*) "$1; Secure" Set-Cookie (.*) "$1; HTTPOnly"
etag: "75923-1724331036;br"
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://win4win.ch/wp-json/>; rel="https://api.w.org/" <https://win4win.ch/?p=23696>; rel=shortlink
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
pragma: no-cache
referrer-policy
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-litespeed-cache: hit
x-powered-by: PHP/7.4.28
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 eb440d79bb10219527b9498b0012b9bb.js Show response
ob.du89buildings.com/i/ 470 KB
152 KB 197ms
50ms Script
text/javascript 2600:9000:2057:c400:1d:87b1:e480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js
Requested by: Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:c400:1d:87b1:e480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 6f916c93d60afa8634855848aa4273e8032393562abe6b37f8b4ea5f2d8f4afa

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 24 Aug 2024 18:31:16 GMT
content-encoding: gzip
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA6-C1
age: 41663
etag: "75998-mdNVSUmmDCN9HN5HrsUPwbRwzdk"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 154737
x-amz-cf-id: _Rs3BUOo5HZUO6KISLrB-GHFSwCRm2-BGKYU4-Z7eC72xJ4uFeO90A==
expires: Sun, 25 Aug 2024 06:31:16 GMT

GET
H2 200 style.min.css
win4win.ch/wp-includes/css/dist/block-library/ 95 KB
12 KB 37ms
31ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-includes/css/dist/block-library/style.min.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 11775
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Mon, 12 Jun 2023 08:14:25 GMT
server: nginx
etag: "17ced-6486d3e1-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 classic-themes.min.css
win4win.ch/wp-includes/css/ 291 B
632 B 40ms
33ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-includes/css/classic-themes.min.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Mon, 12 Jun 2023 08:14:25 GMT
server: nginx
etag: W/"123-6486d3e1-0;;;"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 98ms
34ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800&display=swap&ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

376aa716f5acbcefc1b0a7684a56f4d642f23bf6534917d787d163c2ad81ebb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 05:49:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Aug 2024 06:05:39 GMT

GET
H2 200 bootstrap.min.css
win4win.ch/wp-content/themes/win4win/css/ 152 KB
21 KB 65ms
59ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/css/bootstrap.min.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 20900
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:25 GMT
server: nginx
etag: "26041-650c17f9-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 fontello.css
win4win.ch/wp-content/themes/win4win/css/ 2 KB
960 B 35ms
29ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/css/fontello.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

3801892e3e472faf7c234a8cc90981a1c15eba0458cec51274979f51f9ca49ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 469
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:25 GMT
server: nginx
etag: "6d7-650c17f9-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 slick.css
win4win.ch/wp-content/themes/win4win/css/ 2 KB
963 B 69ms
63ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/css/slick.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

81c33672d192732fd5591050eb92255404dec032d950e06340220ce3bd4c1c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 472
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:25 GMT
server: nginx
etag: "6c9-650c17f9-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 bootstrap-select.css
win4win.ch/wp-content/themes/win4win/css/ 12 KB
3 KB 38ms
33ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/css/bootstrap-select.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b14eaeddc99b48d46555f3c800db25b490688ada43b089a3477a633dae9cc56f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 2079
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:25 GMT
server: nginx
etag: "2ff4-650c17f9-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 animate.min.css
win4win.ch/wp-content/themes/win4win/css/ 57 KB
4 KB 68ms
62ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/css/animate.min.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 4011
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:25 GMT
server: nginx
etag: "e311-650c17f9-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 intlTelInput.min.css
win4win.ch/wp-content/themes/win4win/css/ 19 KB
3 KB 37ms
32ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/css/intlTelInput.min.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

1fbae76075c291126d0358aa627f3001f2624ac8e07ef113a99c6f9758a7c048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 2269
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:25 GMT
server: nginx
etag: "4adb-650c17f9-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 style.css
win4win.ch/wp-content/themes/win4win/css/ 163 KB
22 KB 70ms
65ms Stylesheet
text/css 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/css/style.css?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

41f98207a2bcab9d5f7da91c377ed204bac8cb702530f3b6e564447cfc4a6b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 21649
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 31 Jul 2024 13:30:23 GMT
server: nginx
etag: "28c17-66aa3c6f-0;br"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 105ms
31ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 21 Aug 2024 13:28:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Aug 2025 13:28:38 GMT

GET
H2 200 js.cookie-2.1.3.min.js Show response
win4win.ch/wp-content/plugins/pixelyoursite/dist/scripts/ 2 KB
1 KB 70ms
66ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 832
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 14 Jun 2023 09:55:33 GMT
server: nginx
etag: "6d7-64898e95-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 jquery.bind-first-0.2.3.min.js Show response
win4win.ch/wp-content/plugins/pixelyoursite/dist/scripts/ 1 KB
1 KB 70ms
66ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.2.6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 625
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 14 Jun 2023 09:55:33 GMT
server: nginx
etag: "525-64898e95-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 public.js Show response
win4win.ch/wp-content/plugins/pixelyoursite/dist/scripts/ 57 KB
9 KB 68ms
64ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=7.2.1.1

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b439917bec713319595d8c307b0498b9e5454447074d60362a0321ab3e97319e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 9135
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 14 Jun 2023 09:55:33 GMT
server: nginx
etag: "e2f4-64898e95-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 public.js Show response
win4win.ch/wp-content/plugins/pixelyoursite-pinterest/dist/scripts/ 10 KB
2 KB 69ms
66ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/plugins/pixelyoursite-pinterest/dist/scripts/public.js?ver=2.0.17

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

546563b2127208f386e87a2a9408e8df00c8ead92181e22a6824d823be57827f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 1749
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Wed, 27 Jan 2021 09:13:32 GMT
server: nginx
etag: "28fa-60112ebc-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 w4w.js Show response
sdk.checkout-panda.ch/ 441 B
565 B 375ms
43ms Script
application/javascript 46.101.217.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.checkout-panda.ch/w4w.js
Requested by: Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.101.217.240 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: ef32182597ff24ee15b7bea8e09c5e9a325ae31152149ce1908fc584096037ed

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:40 GMT
last-modified: Wed, 20 Apr 2022 07:59:24 GMT
server: nginx/1.20.0
accept-ranges: bytes
etag: "625fbd5c-1b9"
content-length: 441
content-type: application/javascript

GET
H2 200 app.css
promo.checkout-panda.ch/css/ 24 KB
24 KB 303ms
96ms Stylesheet
text/css 46.101.217.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.checkout-panda.ch/css/app.css
Requested by: Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.101.217.240 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: 176c57f5621456e48b9cd437462145b426bdaf91673cec3e6de86b79292380d4

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:39 GMT
last-modified: Tue, 30 May 2023 08:24:38 GMT
server: nginx/1.20.0
etag: "6475b2c6-5ea5"
content-type: text/css
cache-control: no-cache
accept-ranges: bytes
content-length: 24229
expires: Sun, 25 Aug 2024 06:05:38 GMT

GET
H2 200 app.js Show response
promo.checkout-panda.ch/js/ 72 KB
73 KB 304ms
97ms Script
application/javascript 46.101.217.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.checkout-panda.ch/js/app.js
Requested by: Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.101.217.240 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: a7fadd48caf40975fd83278c5ffe403f8fb906d35ea0c28fe291348c1cf3ac3f

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:39 GMT
last-modified: Tue, 30 May 2023 08:24:38 GMT
server: nginx/1.20.0
etag: "6475b2c6-121fc"
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 74236
expires: Sun, 25 Aug 2024 06:05:38 GMT

GET
H2 200 chunk-vendors.js Show response
promo.checkout-panda.ch/js/ 299 KB
300 KB 235ms
28ms Script
application/javascript 46.101.217.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://promo.checkout-panda.ch/js/chunk-vendors.js
Requested by: Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.101.217.240 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: 2c88a11c8087ce4c87d7e6f1fc8bdac822ee09a7400565c058c89e03df8b5c10

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:39 GMT
last-modified: Tue, 30 May 2023 08:24:38 GMT
server: nginx/1.20.0
etag: "6475b2c6-4ad95"
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
content-length: 306581
expires: Sun, 25 Aug 2024 06:05:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 335 KB
112 KB 183ms
99ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-805112524

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fca1eca3767fe91982bb7fbb94921f46677e5911b3ba76b24bc1dac67dad32ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 114750
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Aug 2024 06:05:39 GMT

GET
H2 200 google.svg
win4win.ch/wp-content/themes/win4win/images/ 1 KB
1 KB 67ms
65ms Image
image/svg+xml 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/google.svg

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b8e9b6f51f0a6014b39060747a6a7fb66c842442e3f0fa04202df5862665efdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 653
x-xss-protection: 1; mode=block
referrer-policy
server: nginx
etag: "535-650c17f5-0;br"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 facebook.svg
win4win.ch/wp-content/themes/win4win/images/ 842 B
861 B 67ms
65ms Image
image/svg+xml 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/facebook.svg

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

9011cc3e35968d04dcaa3cb8f48afdf51e3cae17e0e631ba5ab019e8f18ae6b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 414
x-xss-protection: 1; mode=block
referrer-policy
server: nginx
etag: "34a-650c17f5-0;br"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 Bubble-GE.png
win4win.ch/wp-content/themes/win4win/images/ 32 KB
33 KB 34ms
33ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/Bubble-GE.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

45ee22f61a84fb36cce1717c1f08cba04ac6590543cdedee9b691f0e2557d296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 32829
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:23 GMT
server: nginx
etag: "803d-650c17f7-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 Background-Image-3200x1040px-63-1.png
win4win.ch/wp-content/uploads/2024/06/ 6 MB
6 MB 33ms
33ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/uploads/2024/06/Background-Image-3200x1040px-63-1.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

eeadabe52147b776a531b385b2af1c633bb67ff8032af5c16f718140cc22f94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 6804062
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 27 Jun 2024 08:31:09 GMT
server: nginx
etag: "67d25e-667d234d-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 Background-Image-3200x1040px-63-1-1024x333.png
win4win.ch/wp-content/uploads/2024/06/ 501 KB
502 KB 89ms
89ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/uploads/2024/06/Background-Image-3200x1040px-63-1-1024x333.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b8100300782c3996df589115a277f672d840d7701a8afa6bb22aa985b5812a2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 512844
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 27 Jun 2024 08:31:20 GMT
server: nginx
etag: "7d34c-667d2358-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 Banner-Logo-400x342-24-1.png
win4win.ch/wp-content/uploads/2024/06/ 16 KB
16 KB 156ms
152ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/uploads/2024/06/Banner-Logo-400x342-24-1.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

53f62af044f11f04fd583b5e6af56516d898e3e8de0bc5db656cbd0926530af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 16372
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 27 Jun 2024 08:07:36 GMT
server: nginx
etag: "3ff4-667d1dc8-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 safebrowsing-logo.svg
win4win.ch/wp-content/themes/win4win/images/ 1 KB
1 KB 154ms
150ms Image
image/svg+xml 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/safebrowsing-logo.svg

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

f040e77b8264be8887ce6b69b83480c46926230d99d844a5ffc1893b5c9dc748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 664
x-xss-protection: 1; mode=block
referrer-policy
server: nginx
etag: "5c9-650c17f4-0;br"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 logo.png
win4win.ch/wp-content/themes/win4win/images/ 12 KB
12 KB 155ms
150ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/logo.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

2514c6c83638d066a64044f01a050a9f6a40e34d4f28b88bbe002e605d53e503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 11985
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:21 GMT
server: nginx
etag: "2ed1-650c17f5-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 contacts-send.png
win4win.ch/wp-content/themes/win4win/images/ 10 KB
10 KB 155ms
151ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/contacts-send.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

7555e222251b2447fb5904611f5543f0335765a95807cea8ec3df992dd97142a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 9780
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:21 GMT
server: nginx
etag: "2634-650c17f5-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 ok.png
win4win.ch/wp-content/themes/win4win/images/ 630 B
1 KB 155ms
151ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/ok.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

46977089b698cb83d11e559cea0366e56bfc0328611fb4d6ee885884c652bcc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 630
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:20 GMT
server: nginx
etag: "276-650c17f4-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 platform.js Show response
apis.google.com/js/ 55 KB
22 KB 131ms
45ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f6a762a7e6247be81722a92c5c7ecb3fb7336b8126a97c5863286ee4090fe03

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Aug 2024 06:05:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21629
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "df3535a04293effe"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Aug 2024 06:05:39 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
971 B 113ms
49ms Script
text/javascript 142.250.184.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f4.1e100.net

Software

ESF /

Resource Hash

34460dcaea00c8a53d84b7d6e630deef8cb1dd07e9c99420f178c56b37727253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
expires: Sun, 25 Aug 2024 06:05:39 GMT

GET
H2 200 poper.min.js Show response
win4win.ch/wp-content/themes/win4win/js/ 20 KB
7 KB 80ms
73ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/poper.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b1a358fb3138ddc55239faf121e297470da161e6c1d0bee44079ebb7a8a754c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 7152
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:14 GMT
server: nginx
etag: "51e9-650c17ee-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 bootstrap.min.js Show response
win4win.ch/wp-content/themes/win4win/js/ 57 KB
15 KB 81ms
74ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/bootstrap.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

61ac8d1132905ced04a756b27b2b9149ed4cc35ac9cb04c9b24606d02f7b2bfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 14741
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:14 GMT
server: nginx
etag: "e2b5-650c17ee-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 slick.min.js Show response
win4win.ch/wp-content/themes/win4win/js/ 42 KB
10 KB 81ms
75ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/slick.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 10097
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:14 GMT
server: nginx
etag: "a76f-650c17ee-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 clipboard.min.js Show response
win4win.ch/wp-includes/js/ 9 KB
3 KB 81ms
75ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-includes/js/clipboard.min.js?ver=2.0.11

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

700c8bd73d93522ca53cdc35e2a71e96caf7c344bc7a8391f3af90c10b917033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 2989
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Mon, 12 Jun 2023 08:14:25 GMT
server: nginx
etag: "2331-6486d3e1-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 bootstrap-select.js Show response
win4win.ch/wp-content/themes/win4win/js/ 109 KB
24 KB 82ms
75ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/bootstrap-select.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

5358d52e0c51328692627f14b34cb706b8426b1bc4281ab55dd06b01fcbdc76d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 24261
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:14 GMT
server: nginx
etag: "1b39d-650c17ee-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 jquery.validate.min.js Show response
win4win.ch/wp-content/themes/win4win/js/ 24 KB
8 KB 80ms
74ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/jquery.validate.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 7569
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:14 GMT
server: nginx
etag: "5f38-650c17ee-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 wow.min.js Show response
win4win.ch/wp-content/themes/win4win/js/ 8 KB
3 KB 81ms
75ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/wow.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 2572
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:14 GMT
server: nginx
etag: "20df-650c17ee-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 uploadPreview.min.js Show response
win4win.ch/wp-content/themes/win4win/js/ 1 KB
1017 B 81ms
75ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/uploadPreview.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

e294e848e32473a56985bd55d8b084fb501a8fe4f66b0e11597870e711804ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 515
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:14 GMT
server: nginx
etag: "4f5-650c17ee-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 sticky-kit.min.js Show response
win4win.ch/wp-content/themes/win4win/js/ 3 KB
2 KB 82ms
77ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/sticky-kit.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

753b6da6d4ab99217d7b21623591f3b3e4b54c712f01fb80d898a412a6ad502f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 1205
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:14 GMT
server: nginx
etag: "b19-650c17ee-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H3 200 intlTelInput-jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/ 28 KB
9 KB 57ms
31ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/16.0.8/js/intlTelInput-jquery.min.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ecb6f95059703c992766b3b3ceef6c17b31e3a5c648343e069d637b746933d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3251392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8933
last-modified: Mon, 04 May 2020 16:11:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea6-7134"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8jLYynmKtvFM9kvJVcLP83uOWkNAKHE5lNxdj3CU%2FRvHljRKd1WHm%2BdpEb5HrFDOUbe%2B%2FzVcyK78%2FJZwznhpcB%2BHLfpwxiN5DUIX5fuxeCMzYBnYqr3248r5%2FbkagBm8yBMLtJg8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b8964430f0cd6d2-CDG
expires: Fri, 15 Aug 2025 06:05:39 GMT

GET
H2 200 script.js Show response
win4win.ch/wp-content/themes/win4win/js/ 41 KB
7 KB 81ms
76ms Script
application/x-javascript 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/js/script.js?ver=1724331036

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b63d4fba35ebc3fa5ed0bf3b04b8bff0694c39ac41569552142036a0b5ace965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 6462
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Mon, 12 Aug 2024 14:57:36 GMT
server: nginx
etag: "a405-66ba22e0-0;br"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 262 KB
89 KB 127ms
44ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBGQV67

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d868e8f60da7be6c160c964a5c47ed02e409abf0f9c13b65a15840bf32d717a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Aug 2024 06:05:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 109ms
26ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Aug 2024 05:15:05 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3034
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 25 Aug 2024 07:15:05 GMT

GET
H2 200 hotjar-1769474.js Show response
static.hotjar.com/c/ 11 KB
5 KB 122ms
38ms Script
application/javascript 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1769474.js?sv=5

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

Resource Hash

047d84c27851de37909199aa500b248940b50d806497197d405d0398c1f22740

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/7309c59249d3a780bec2ab2943111fe2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: QExSTfaMzVnuW9IC0n1tXQAEnpPqJWZA9niaaWSqwO7okxIpZYNagw==

GET
H2 200 ct Show response
obs.du89buildings.com/ 4 KB
2 KB 371ms
124ms Script
text/javascript 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.du89buildings.com/ct?id=52974&url=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1724565939642&hl=2&op=0&ag=1074146904&rand=632171109219150129291591229878201380053085218755159911221570840808028100629712220596&fs=1600x1200&fst=1600x1200&np=linux%20x86_64&nv=google%20inc.&ref=https%3A%2F%2Fr.win4win-news.com%2F&ss=1600x1200&nc=0&at=&di=W1siZWYiLDczMTNdLFsiYWJuY2giLDFdLFstMzUsIlsxNzI0NTY1OTM5NjAyLC0yXSJdLFstMzgsImwsLTEsLTEsNSwwLDAsMCw5LDY3LDYwLC0xLDAsLCw1MjYsNTI2Il0sWy00MSwiLSJdLFstNDQsIjAsMCwwLDUiXSxbLTUwLCItIl0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUW9KQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZGZYQmtSVVUxTlNVb0RGaFpXV3hkZFRBRUFXMHhRVlYxUVYxNUtGMXBXVkJaUUZseGJEUTBKWFE0QVcxc0lDUXNJQUF3TERsc0FEUUFCV3drSkNBdGJBRnRiRjFOS0F3Z0REdzRPREFrUUZWaE5HVXNaRVZGTlRVbEtBeFlXVmxzWFhVd0JBRnRNVUZWZFVGZGVTaGRhVmxRV1VCWmNXdzBOQ1YwT0FGdGJDQWtMQ0FBTUN3NWJBQTBBQVZzSkNRZ0xXd0JiV3hkVFNnTUlBdzRJQ1E9PSJdLFstNjIsIjgwIl0sWy0xLCItIl0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy02LCItIl0sWy0xNSwiLSJdLFstMTcsIjgiXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yNCwiW10iXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMSJdLFstNDgsIjAsMCJdLFstNTUsIjIiXSxbLTU5LCJkZWZhdWx0Il0sWy0yLCItIl0sWy03LCItIl0sWy0yMywiKyJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTYxLCJ7XCJ3Z3NsXCI6XCI0O3JlYWRvbmx5X2FuZF9yZWFkd3JpdGVfc3RvcmFnZV90ZXh0dXJlcztwYWNrZWRfNHg4X2ludGVnZXJfZG90X3Byb2R1Y3Q7dW5yZXN0cmljdGVkX3BvaW50ZXJfcGFyYW1ldGVycztwb2ludGVyX2NvbXBvc2l0ZV9hY2Nlc3M7XCIsXCJwY2ZcIjpcImJncmE4dW5vcm1cIn0iXSxbLTY0LCJbMCxcIlwiLFtdXSJdLFstMTIsIm51bGwiXSxbLTIxLCItIl0sWy0zMiwiLSJdLFstNTgsIi0iXSxbLTY2LCJnZW9sb2NhdGlvbixzdG9yYWdlYWNjZXNzLGdhbWVwYWQsY2hlY3QsbWlkaSxkaXNwbGF5Y2FwdHVyZSx1c2IsbG9jYWxmb250cyxwaWN0dXJlaW5waWN0dXJlLGpvaW5hZGludGVyZXN0Z3JvdXAscHVibGlja2V5Y3JlZGVudGlhbHNnZXQsYnJvd3Npbmd0b3BpY3Msb3RwY3JlZGVudGlhbHMsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxzaGFyZWRzdG9yYWdlLGNoZG93bmxpbmssY2hwcmVmZXJzY29sb3JzY2hlbWUsc3luY3hocixjaHVhbW9kZWwsY2hwcmVmZXJzcmVkdWNlZHRyYW5zcGFyZW5jeSxzZXJpYWwsY2FtZXJhLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24scHJpdmF0ZXN0YXRldG9rZW5pc3N1YW5jZSxpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LGNodWFmdWxsdmVyc2lvbixmdWxsc2NyZWVuLGNoZHByLHVubG9hZCxrZXlib2FyZG1hcCxjaHVhcGxhdGZvcm0sc2hhcmVkc3RvcmFnZXNlbGVjdHVybCxneXJvc2NvcGUsaW50ZXJlc3Rjb2hvcnQsY2h1YW1vYmlsZSx3aW5kb3dtYW5hZ2VtZW50LGNodWEscHVibGlja2V5Y3JlZGVudGlhbHNjcmVhdGUscnVuYWRhdWN0aW9uLG1hZ25ldG9tZXRlcixhY2NlbGVyb21ldGVyLHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixjaHVhYXJjaCx4cnNwYXRpYWx0cmFja2luZyxjaHVhZm9ybWZhY3RvcnMsaWRsZWRldGVjdGlvbixjaHVhcGxhdGZvcm12ZXJzaW9uLGNod2lkdGgsY2xpcGJvYXJkcmVhZCxjaHZpZXdwb3J0d2lkdGgsY29tcHV0ZXByZXNzdXJlLHBheW1lbnQsY2h2aWV3cG9ydGhlaWdodCxjaHJ0dCxhdXRvcGxheSxjcm9zc29yaWdpbmlzb2xhdGVkLGhpZCxjaHVhYml0bmVzcyxzY3JlZW53YWtlbG9jayxwcml2YXRlYWdncmVnYXRpb24sY2xpcGJvYXJkd3JpdGUsYXR0cmlidXRpb25yZXBvcnRpbmcsY2hkZXZpY2VtZW1vcnksbWljcm9waG9uZSJdLFstNjcsIi0iXSxbLTQsIi0iXSxbLTEzLCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTM2LCJbXCI0LzNcIixcIjQvM1wiXSJdLFstNjAsIi0iXSxbLTgsIi0iXSxbLTQ1LCItIl0sWy01MSwiLSJdLFstNjgsIi0iXSxbLTUsIi0iXSxbLTEwLCItIl0sWy0yMCwiLSJdLFstMzQsIi0iXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjI0MDE3MTE1MDRcIl0sXCJkXCI6W10sXCJzXCI6MX0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwib2c6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCJdfSJdLFstMjksIi0iXSxbLTMzLCItIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy00NywiLSJdLFstNjUsIi0iXSxbLTksIisiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbOTgwLDk4MCw5ODAsOTgwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjg1LDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTI3LCJbNTAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTUzLCIxMDAiXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWy0xNCwiLSJdLFstMTYsIjAiXSxbLTI2LCJ7XCJ0amhzXCI6ODAwNTExNixcInVqaHNcIjo1MzIyNzg4LFwiamhzbFwiOjQyOTQ3MDUxNTJ9Il0sWy0zOSwiW1wiMjAwMzAxMDdcIiwyLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDUsdHJ1ZSx0cnVlLG51bGwsMCx0cnVlLHRydWVdIl0sWy00NiwiMCJdLFstNjMsIjAiXSxbImJuY2giLDExMF0sWy0yNSwiLSJdLFstMjgsImVuLVVTLGVuIl0sWy00MCwiMzMiXSxbLTQ5LCItIl0sWy01MiwiLSJdLFstNjksIi0iXSxbImRkYiIsIjAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCw5LDMsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwxLDEsMiwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDMsMCwwLDAsMSwwLDAsMCwwLDAsMCwwIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwIl1d&dep=0&pre=0&sdd=%7B%7D&cri=1dB7vkoIa7&pto=568&ver=61&gac=-&mei=&ap=&fe=1&duid=1.1724565939.Yrp2HKYmulmr3S51&suid=1.1724565939.U71rHInfffud6Qbr&tuid=1.1724565939.W00EI6RZlrLKScCU&fbc=-&gtm=W10%3D&it=23%2C145%2C305&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-&io=Ojk2Oi0%2BOTY6LSY5NjstJj8%2BNjstJj88NjstJj8yNjstJj46NjstaGA2Oi1uc2hKeHJlaDY6LWVkbXk2Oi17c2w2Lj5JZGlhbmh%2FLjk7RGlhbmh%2FLj5P
Requested by: Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 476b2ba6f156ab10a411a7201640acbf2383ef69944e6394a7f8725222438a73

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: gzip
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: https://win4win.ch
content-length: 1365
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 scripts Show response
esputnik.com/scripts/v1/public/ 39 KB
12 KB 187ms
80ms Script
application/javascript 2a05:d018:ac8:b900:2a45:d70f:9818:9c14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://esputnik.com/scripts/v1/public/scripts?apiKey=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI0NTI0ZWZhYTJkYzI2MGRmYTM4YTE1NDBlMWE2Yjg1YmQ1YmU3YTFkMzg0NWRiOTkyZWE1NGU3YTlmOGY0NTAzMjNlZmYwMzAwZWZiZWYyNDJhMTE3N2UzZDgyN2RhMmQwM2E0YmIwNTU3MzQ3N2JjYWYyMjA1ZDIzNTFmYzYxNGIzYzBhOTMzMzA3ZDY2NGNiNzI1ZTk3YmU3OTM0OTExMDI4MmU1OWQ5ZDFlNjI1YWZiMDNhYjkyZGMifQ.W_zZgG1FCQ8mAi_R7HtSQLH8Soh4IwkvhG7gL8DuMPulo9K5pnkOyUHKtbaQSJU4NqYiZSLn2H3mPzrJQdSkGQ&domain=AAB37FE6-426D-47BE-B00E-32EA03B61192

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:ac8:b900:2a45:d70f:9818:9c14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e71ea0e0b3afe1fbcecccf194b54de5d0741c9889ce6c76f6b6ac00f8d2bdfd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
expires: Sun, 25 Aug 2024 06:10:39 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 99ms
42ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 06:05:39 GMT
document-policy: force-load-at-top
x-fb-server-load: 30
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58912
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4291, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: +zu03E16zO9QiE3mRnyRlQdOB4q8d5V/Sc6WTma95QsWZ7qV1gYLL7iMOp4COZZKgNr4zf4K1px6Vb36TE8f9Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-3790757.js Show response
static.hotjar.com/c/ 11 KB
5 KB 66ms
38ms Script
application/javascript 18.66.102.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3790757.js?sv=6

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-11.fra56.r.cloudfront.net

Software

Resource Hash

6f12865fd04625331257e28d725dd0bb71426f9c16568997f57e0d794966cd48

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/9ae54829abc75270fd077df77727629d
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: QL4wPNycLjtBpADOqAe4C_CqerVa6AOcz68kN9OHCmmRDBYh5IZmFg==

GET
H2 200 Banner-Logo-400x342-24-1.png
win4win.ch/wp-content/uploads/2024/06/ 16 KB
0 156ms
156ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/uploads/2024/06/Banner-Logo-400x342-24-1.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

53f62af044f11f04fd583b5e6af56516d898e3e8de0bc5db656cbd0926530af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"
date: Sun, 25 Aug 2024 06:05:39 GMT
referrer-policy
x-content-type-options: nosniff
last-modified: Thu, 27 Jun 2024 08:07:36 GMT
server: nginx
etag: "3ff4-667d1dc8-0;;;"
content-type: image/png
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 16372
x-xss-protection: 1; mode=block
expires: Mon, 25 Aug 2025 06:05:39 GMT

GET
H2 200 google.svg
win4win.ch/wp-content/themes/win4win/images/ 1 KB
0 2ms
1ms Image
image/svg+xml 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/google.svg

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b8e9b6f51f0a6014b39060747a6a7fb66c842442e3f0fa04202df5862665efdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 653
x-xss-protection: 1; mode=block
referrer-policy
server: nginx
etag: "535-650c17f5-0;br"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 facebook.svg
win4win.ch/wp-content/themes/win4win/images/ 842 B
0 2ms
2ms Image
image/svg+xml 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/facebook.svg

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

9011cc3e35968d04dcaa3cb8f48afdf51e3cae17e0e631ba5ab019e8f18ae6b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 414
x-xss-protection: 1; mode=block
referrer-policy
server: nginx
etag: "34a-650c17f5-0;br"
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 Bubble-GE.png
win4win.ch/wp-content/themes/win4win/images/ 32 KB
0 2ms
2ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/Bubble-GE.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

45ee22f61a84fb36cce1717c1f08cba04ac6590543cdedee9b691f0e2557d296

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"
date: Sun, 25 Aug 2024 06:05:39 GMT
referrer-policy
x-content-type-options: nosniff
last-modified: Thu, 21 Sep 2023 10:16:23 GMT
server: nginx
etag: "803d-650c17f7-0;;;"
content-type: image/png
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 32829
x-xss-protection: 1; mode=block
expires: Mon, 25 Aug 2025 06:05:39 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 121ms
41ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800&display=swap&ver=6.2.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://win4win.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:47:59 GMT
x-content-type-options: nosniff
age: 400660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Aug 2025 14:47:59 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc52a1b197d39b12ee2340c85f7e2c5560cb7ff9262f760e78a60227dbf9c234

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.MtA0XocprA0.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo90Qw_OxY6asHlYoeK8rr6SbH-ghg/ 173 KB
60 KB 36ms
28ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.MtA0XocprA0.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo90Qw_OxY6asHlYoeK8rr6SbH-ghg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b65e5cd6afcb656302e8ea12209515c350feb3c2596dd1bbebc0a65194813d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 20 Aug 2024 14:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60662
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 18:55:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Aug 2025 14:08:20 GMT

GET
H2 200 recaptcha__fr.js Show response
www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/ 539 KB
215 KB 122ms
40ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__fr.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90b093d0632304ca9774e284386055b0ed71a42c06749090619f15977999e32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
Origin: https://win4win.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 18:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 473780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 219419
x-xss-protection: 0
last-modified: Mon, 19 Aug 2024 04:00:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Aug 2025 18:29:19 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 35ms
34ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: win4win.ch
URL: https://win4win.ch/wp-content/themes/win4win/js/script.js?ver=1724331036

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

9f8fdf924a95b17a65177aa5aa4b8e0279dd3e1a3033ea3500b7793af46a1b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Aug 2024 06:05:39 GMT
content-md5: 2ABCsX3BVWCVYlhp8v+0Xg==
document-policy: force-load-at-top
x-fb-server-load: 50
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=66, mss=1232, tbw=66899, tp=62, tpl=0, uplat=0, ullat=-1
x-fb-debug: gy4UZAilHPagwGF/RQdfCmpanRg7Sl+HpCZWQLaRppeWTpHfNtZBPq3x2iOhON9RSJwx85YWW37lpE12KWLOGg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: bb11590436eda5fe04a62750e23caab5
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "8e20d2f5c7e16f4dadd76bb196c23184"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sun, 25 Aug 2024 06:19:49 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 137ms
23ms Script
application/javascript 2a02:26f0:480:5b1::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: win4win.ch
URL: https://win4win.ch/wp-content/plugins/pixelyoursite-pinterest/dist/scripts/public.js?ver=2.0.17
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:5b1::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 98ea26191ffc6155103762f2a7205b0b1af5f0e8d4e26cb4b539e581e2e48686

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "e5ca9645e8d8c8a937d77f8658e7bab1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1880

GET
H2 200 fontello.woff2
win4win.ch/wp-content/themes/win4win/fonts/fontello/ 5 KB
5 KB 128ms
127ms Font
application/font-woff2 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/fonts/fontello/fontello.woff2?54489214

Requested by

Host: win4win.ch
URL: https://win4win.ch/wp-content/themes/win4win/css/fontello.css?ver=6.2.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

b5c2c907dbb18de704c191d9bcd96b9e296715948ab9ccbb634b9fa27a93012b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wp-content/themes/win4win/css/fontello.css?ver=6.2.6
Origin: https://win4win.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"
date: Sun, 25 Aug 2024 06:05:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
referrer-policy
x-content-type-options: nosniff
server: nginx
etag: "1238-650c17f9-0;;;"
content-type: application/font-woff2
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4664
x-xss-protection: 1; mode=block
expires: Mon, 25 Aug 2025 06:05:39 GMT

GET
H2 200 flags.png
win4win.ch/wp-content/themes/win4win/images/ 69 KB
70 KB 128ms
128ms Image
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://win4win.ch/wp-content/themes/win4win/images/flags.png

Requested by

Host: win4win.ch
URL: https://win4win.ch/wp-content/themes/win4win/css/intlTelInput.min.css?ver=6.2.6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wp-content/themes/win4win/css/intlTelInput.min.css?ver=6.2.6
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:39 GMT
date: Sun, 25 Aug 2024 06:05:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 70857
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:21 GMT
server: nginx
etag: "114c9-650c17f5-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

GET
H2 200 modules.8da33a8f469c3b5ffcec.js Show response
script.hotjar.com/ 223 KB
56 KB 159ms
39ms Script
application/javascript 65.9.95.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8da33a8f469c3b5ffcec.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1769474.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-80.prg50.r.cloudfront.net

Software

Resource Hash

76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 14:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
age: 2216553
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56385
last-modified: Tue, 30 Jul 2024 14:22:40 GMT
etag: "0728625a147ca79276a1790b9cf3175d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 4a-cWvfeSimuUdW_wfLSFsUSjUAd9PVFcDa3LbxVrQfcdNNB5t6fLg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
218 B 44ms
44ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1599243711&t=pageview&_s=1&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&dr=https%3A%2F%2Fr.win4win-news.com%2F&ul=fr-fr&de=UTF-8&dt=Helsana%20verlost%20iPhone%2015%20Pro&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1612362234&gjid=1024460292&cid=2108121940.1724565940&tid=UA-98379578-2&_gid=1123969984.1724565940&_r=1&_slc=1&z=1862506372

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

62da855e1370b3f736975cc1da5a0906a391c374d24febdfdb17c0dad4a062a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win4win.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 920079845401155 Show response
connect.facebook.net/signals/config/ 72 KB
14 KB 92ms
91ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/920079845401155?v=2.9.165&r=stable&domain=win4win.ch&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

959fb278a61b3a670f053b53771f696c936ab8c14a9fb87c2caeb383a5c4f7fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 06:05:39 GMT
document-policy: force-load-at-top
x-fb-server-load: 23
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=70, mss=1232, tbw=69155, tp=67, tpl=0, uplat=60, ullat=0
pragma: public
x-fb-debug: OBF4htaeFuTS5Et7WDmcdjpSUP0N18l1gINxGKei4hb++IOgjwAQZYGmLvK7gI0uRCV2WEqeSVdIxMvTrz6jSw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 305 KB
87 KB 56ms
29ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d5a6283b0b016e705bdcaad53f08420b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

f9437f01848605b1eb0a0e0e630556eceb8322283898249f9acf1f7a899d14a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://win4win.ch/
Origin: https://win4win.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 25 Aug 2024 06:05:39 GMT
content-md5: jCOnqxJQHKk0KLgujLSNXA==
document-policy: force-load-at-top
x-fb-server-load: 47
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89221
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=25, rtx=0, c=23, mss=1232, tbw=4327, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug: XHRbEhz1nX+9u03rcZ2++6k/53Llko+pwGhF8NGIWXHvrtF00mIybbt3A8Z4UK5Uzu+zojpG0DZKRidWG6jICg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 5e6420ddd289d08f59c7f6e15ed90f7f
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "d8863ac632dbe9a3b530aeb5476053a0"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Mon, 25 Aug 2025 04:39:23 GMT

GET
H2 200 iframe
accounts.google.com/o/oauth2/ Frame EEC2 0
0 185ms
51ms Document
text/html 2a00:1450:4013:c14::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.MtA0XocprA0.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo90Qw_OxY6asHlYoeK8rr6SbH-ghg/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c14::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-Msgla2cJ6wwHoaPp8WTHbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-Msgla2cJ6wwHoaPp8WTHbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 06:05:40 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: Anx7P+ykxPk2cvb3pmDcFJrtthuvm2pPqF/N9DW2XnD4tw+GvaXWaUhemhtJeK2OiYYjgVfcdmEkym+Al84WUQEAAABReyJvcmlnaW4iOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTl9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/IdpIFrameHttp/web-reports?context=eJzj8tHikmJw0pBikPj6kkkNiJ3SZ7AGALFP_QzWKCBuvXmOdTIQW988z5r07zxrARAvibjIeiDxIquhwiVWeyBW7bnEagzEQtwcWyav3sYmMKP7mI6SWlJ-YXxmSmpeSWZJpW5-YmlJhm5GSUlBvJGBkYmBhaGFnoFFfIEBAMr1MMU"
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 339 KB
114 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YBNHKJ18XT&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30770c8e5b57d21cf5746da2525f0bd46b0ded78df5ab461ec4666b0c73d9dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 116475
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Aug 2024 06:05:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 321 KB
105 KB 60ms
59ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V0NHQB0T8H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBGQV67

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d6af0285b36e4227b62a05dba2a0ca9c6579d93ac1a5bb1791225ba4eb253979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 107280
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Aug 2024 06:05:40 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 49 KB
21 KB 126ms
44ms Script
application/javascript 3.163.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBGQV67
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 2af0f5c12099fb857aeda94a926b0ab19f253b649b4b159f04f0f9e342de2d9f

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:40 GMT
content-encoding: gzip
via: 1.1 9af44e4af2b7b71defce07d7848eb368.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR5-P5
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 21282
x-amz-cf-id: _pyvTUVHEpB5kbV4jlfNuA5T044IAOTdKuGYl749yDuGnKf7ERnLzw==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 258ms
122ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CP85PDBC77UBS72H2H0G&lib=ttq
Requested by: Host: r.win4win-news.com
URL: https://r.win4win-news.com/mk/cl/f/sh/7nVU1aA2nfuMRqUiqL4EIZa5JqfWVYg/7unAP-JwwCCv
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9886b53b6bd57360fe670d13ad0599487f8c0f2cfa1f8aa5adfa1deebe3b2d05

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 341079
date: Sun, 25 Aug 2024 06:05:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2408250605401C179B11DD74C6EBA139-0BB4DB838C8BF869-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
server-timing: inner; dur=6, cdn-cache; desc=MISS, edge; dur=0, origin; dur=96
content-length: 2036
pragma: no-cache
server: nginx
x-tt-logid: 202408250605401C179B11DD74C6EBA139
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 96,2.20.179.90
x-tt-trace-host: 01668225b9d696caafcca6e2035ca1f2219fa322956fcc9567a0f2f1fa6e07c1dad86fa58c0e6754d8cdedcc03354289ca7bbb76b477607786f243d905a09d727b335de97922a822e61e6da7ea828af1a8dd52724b4f79aba75e6fcefb76b509ae
expires: Sun, 25 Aug 2024 06:05:40 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 95ms
23ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YBNHKJ18XT&gtm=45be48l0v9125827129za200&_p=1724565939242&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2108121940.1724565940&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724565940&sct=1&seg=0&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&dr=https%3A%2F%2Fr.win4win-news.com%2F&dt=Helsana%20verlost%20iPhone%2015%20Pro&en=page_view&_fv=1&_ss=1&_ee=1&tfd=970
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-805112524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win4win.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 113ms
38ms Ping
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YBNHKJ18XT&cid=2108121940.1724565940&gtm=45be48l0v9125827129za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-805112524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win4win.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.fr/ads/ 42 B
63 B 93ms
43ms Image
image/gif 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YBNHKJ18XT&cid=2108121940.1724565940&gtm=45be48l0v9125827129za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=1072501728

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.1b182128.js Show response
s.pinimg.com/ct/lib/ 81 KB
23 KB 37ms
35ms Script
application/javascript 2a02:26f0:480:5b1::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.1b182128.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:5b1::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6515981ad814530ea37bc6838f8d8cc3074eaf22dffef1b8f207959afd0a492b

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "2ede1d70eab18c6ab52837a878fb9264"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 23553

GET
H3 200 587343958853100 Show response
connect.facebook.net/signals/config/ 23 KB
3 KB 100ms
99ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/587343958853100?v=2.9.165&r=stable&domain=win4win.ch&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C130%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C123%2C124%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

0bc4f2cb356a0002f323557c757d91e3ad56ac5a91c141e881217a1305aa51e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 06:05:40 GMT
document-policy: force-load-at-top
x-fb-server-load: 24
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=82, mss=1232, tbw=84563, tp=84, tpl=0, uplat=69, ullat=0
pragma: public
x-fb-debug: FC7qP/iySXL1g/Y/f5ySShmGF+DQKjrGf5RtvA2QE+tD5Uq13hf9h7VtvNfI1ZMjM0MgISaClkr7wOlH+MNPUw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 114ms
31ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=920079845401155&ev=PageView&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rl=https%3A%2F%2Fr.win4win-news.com%2F&if=false&ts=1724565940144&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=12318&fbp=fb.1.1724565940141.131990136145366172&cs_est=true&ler=other&cdl=API_unavailable&it=1724565939861&coo=false&rqm=GET

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=10, mss=1297, tbw=2828, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Aug 2024 06:05:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 291ms
208ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=920079845401155&ev=PageView&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rl=https%3A%2F%2Fr.win4win-news.com%2F&if=false&ts=1724565940144&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=12318&fbp=fb.1.1724565940141.131990136145366172&cs_est=true&ler=other&cdl=API_unavailable&it=1724565939861&coo=false&rqm=FGET

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 25 Aug 2024 06:05:40 GMT
document-policy: force-load-at-top
x-fb-server-load: 27
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7406954312686494604", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=14, mss=1297, tbw=3571, tp=-1, tpl=-1, uplat=182, ullat=0
pragma: no-cache
x-fb-debug: NNrAcBdvowL1Q7V1G7T+mQ4xnK7YpdAB/5KNiHdbjeSHPrW68fr3VWtu61V1nNW5PJaVR7yKeOA3IJCPbpm/8g==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7406954312686494604"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
91 KB 53ms
51ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-628473700&l=dataLayer&cx=c

Requested by

Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4be63fcb5ab37a994c2045aa99c97ddf01df2376326e36ac3e6ef078da284523

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92911
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Aug 2024 06:05:40 GMT

GET
H3

200

/
www.google.fr/pagead/1p-conversion/628473700/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0&ct_cookie_present=false&random=1924463674&crd=CLHBsQIIsMGxAgi5wbECCJvHsQI&psc...
https://www.google.com/pagead/1p-conversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0&ct_cookie_present=false&random=1924463674&crd=CLHBsQIIsMGxAgi5wbECCJvHsQI&pscrd=IhMIgbOM4ryPiAMVYO...
https://www.google.fr/pagead/1p-conversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0&ct_cookie_present=false&random=1924463674&crd=CLHBsQIIsMGxAgi5wbECCJvHsQI&pscrd=IhMIgbOM4ryPiAMVYO0...

42 B
64 B

38ms
38ms

Image
image/gif

172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-conversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0&ct_cookie_present=false&random=1924463674&crd=CLHBsQIIsMGxAgi5wbECCJvHsQI&pscrd=IhMIgbOM4ryPiAMVYO0RCB3ixA4JMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv&is_vtc=1&cid=CAQSGwDpaXnfeBz4z4v0gZgWaxPQSdhzvfN1i8xt4g&random=1903062043&ipr=y

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.fr/pagead/1p-conversion/628473700/?label=rsGbCJeb6okZEOT-1qsC&guid=ON&script=0&ct_cookie_present=false&random=1924463674&crd=CLHBsQIIsMGxAgi5wbECCJvHsQI&pscrd=IhMIgbOM4ryPiAMVYO0RCB3ixA4JMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv&is_vtc=1&cid=CAQSGwDpaXnfeBz4z4v0gZgWaxPQSdhzvfN1i8xt4g&random=1903062043&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc_imp.gif
obs.du89buildings.com/tracker/ 43 B
102 B 113ms
111ms Image
image/gif 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.du89buildings.com/tracker/tc_imp.gif?e=37dfbd8ee84e001268eac233ef4e89949225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5b13846a2317071a10acf9f29f674183848d552f371caf70220d823b8a65c10461002ac501095b34525ecfbf3e1b77be26bb25cb43e2913bf05365a80c797a1bda53ec4ef4c3d6da39bb2807ff7ecaa8556d8e0e3143714493d60265f460b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c44ca4825b6a3e5aa22a76da50eda7cf54a6863c89777256e1d0cd71ed0d906f50732e690b73255015ab2fb523c9bdc05457f54065258fcd135700e5fe6a5142c93aaf7268ee04572032cbbc5f4c2c935e7c2db59ec489f5e2c7edfaacff4e43e82d9b36895360f83f8cf794911fe616fafc14231ea8af37cd955f747e0d7189449d9d36d9a6d279c9822dd6699cefab6cdb3f11338ae6bf2fbb9234e2bfb8a3d94f31bed5b1559c81a0fc19483cfd4fb95308520d790a48b74ed336e33926e2b9381965e279da83deb07e0d315c539ef6d454845c13aff558d96f531f886789f5cc3bf9c95278e191c3eb31e03503e112d89ec73b341d3dc9723b5de3dbd9a3acc90f8a630c2a0ab4a6d72defc554894bb0e4f13b8edef3bbb2886f80fb7f224a06ebc23cb02924d80f9789e4579f6a480382d2372547b78004effbfc8158610bd57535135eae21dacc44159a0fca6eeae66d0f0f6e094baf3e341243ff84e9ab55b689f42651bd76341706cf67bac6a18c2ebc1659661d7258bac30ccb80d9a7b132020027f1280c1e4db387d4999045896dbdaa7adc9540c82adbc7e94d36e7dd8d37f207badd4800233bd3584419e1de13b9e14dec110f1a45ba0db8aaae32e3faabc66218115a38ca2b704df296d42179e7a424eb0a45d8be912cf9098c14aa8808671764e19e86bfd40fe53d3d32b842e51650463296deb488f9f3252bb6bc5a1f03cdac653eb7473da687a4ef5b49376218d2286eb02c61573401cae3147efb3c52a8f0e2c90840fb38b8cbbd13e850e04664cad294707cbc95302a836e5e2d379da91fe045e7fab763248599e055ae785fc584cc52063d9948448d5c6fa921b30b030a71535159f1f3175d4cc161ec885b694f0b810e233ba7c8a6692cd10ceede4396eb9d352c89fa2a095b0c4c735448ee123498966d173dd2cbdbb78f396938263b8d084a4b81336&cri=1dB7vkoIa7&ts=546&cb=1724565940188
Requested by: Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 25 Aug 2024 06:05:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.js Show response
sdk.checkout-panda.ch/ 110 KB
110 KB 38ms
38ms Script
application/javascript 46.101.217.240
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565940197
Requested by: Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.101.217.240 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.20.0 /
Resource Hash: 2c558433f31467de73d0da85a16fe44db6a58f9cfccbd0061ad4d4ff6cb51f3f

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:40 GMT
last-modified: Wed, 20 Apr 2022 07:59:24 GMT
server: nginx/1.20.0
accept-ranges: bytes
etag: "625fbd5c-1b813"
content-length: 112659
content-type: application/javascript

GET 7fcba399-34ab-49fe-a2c4-9b3285f70570
https://win4win.ch/ Frame 0
0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 254ms
252ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-V0NHQB0T8H&gtm=45je48l0v9116050500z8831758034za200zb831758034&_p=1724565939242&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=2108121940.1724565940&ul=fr-fr&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1724565940&sct=1&seg=0&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&dr=https%3A%2F%2Fr.win4win-news.com%2F&dt=Helsana%20verlost%20iPhone%2015%20Pro&en=page_view&_fv=1&_ss=1&tfd=1188
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V0NHQB0T8H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win4win.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
45 B 36ms
34ms Ping
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V0NHQB0T8H&cid=2108121940.1724565940&gtm=45je48l0v9116050500z8831758034za200zb831758034&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V0NHQB0T8H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win4win.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.fr/ads/ 42 B
63 B 63ms
63ms Image
image/gif 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V0NHQB0T8H&cid=2108121940.1724565940&gtm=45je48l0v9116050500z8831758034za200zb831758034&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=2028852999

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 325 B
332 B 135ms
47ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2614044924560&pd=%7B%22np%22%3A%22pixelyoursite%22%7D&cb=1724565940288&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.1b182128.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:40 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 0
alt-svc: h3=":443";ma=600
x-pinterest-rid: 6532348727008911
content-length: 188
pin-unauth: dWlkPU0yTmpOalppWkdNdE1UWTNZUzAwTWpoaUxUZzRNMkl0WVRRMlltWmlOMkV6T0RJNA
pragma: no-cache
referrer-policy: origin
x-pinterest-rid-128bit: 617ba9b993823f9e5aa7908eae575f3f
content-type: application/json; charset=utf-8
access-control-allow-origin: https://win4win.ch
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 3241ae12ecef327d6ee2618dd13bec9ec9710d0c
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 325 B
671 B 133ms
46ms XHR
application/json 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=GeneralEvent&ed=%7B%22domain%22%3A%22win4win.ch%22%2C%22user_roles%22%3A%22guest%22%2C%22plugin%22%3A%22PixelYourSite%22%2C%22event_id%22%3A%22864e9c6b-347f-4af1-aeb7-29178c7fc74b%22%7D&tid=2614044924560&cb=1724565940290&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.1b182128.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:40 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1327911107432014
content-length: 188
pin-unauth: dWlkPVpEazNPRGxsWW1VdE1UTTRPUzAwTVRjeUxXRTVNR1V0T1RFeU5HUTJaVEF4WW1VeA
pragma: no-cache
referrer-policy: origin
x-pinterest-rid-128bit: 17d85e0a0c99bbfeb848e12a95ceded5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://win4win.ch
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 3241ae12ecef327d6ee2618dd13bec9ec9710d0c
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
207 B 129ms
47ms Fetch
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2614044924560&pd=%7B%22np%22%3A%22pixelyoursite%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fr.win4win-news.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%221b182128%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1724565940295
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.1b182128.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:40 GMT
referrer-policy: origin
x-cdn: fastly
x-pinterest-rid-128bit: 1cebc7391797ade7ac5fb73199873f3e
content-type: image/gif
access-control-allow-origin: https://win4win.ch
pinterest-version: 3241ae12ecef327d6ee2618dd13bec9ec9710d0c
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1242084772096817
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1cdb7c83-6b94-4de3-8d9d-6a5c277bfa5c.json Show response
tr.snapchat.com/config/ch/ 263 B
545 B 237ms
128ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/ch/1cdb7c83-6b94-4de3-8d9d-6a5c277bfa5c.json?v=3.25.1-2408082241

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

fed188be9388b5012169ecb411b4f769de8e30be8c10f0d9c17ba9329760c7ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept: application/json
Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
observe-browsing-topics: ?1
content-type: application/json
access-control-allow-origin: https://win4win.ch
x-envoy-upstream-service-time: 100
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 263

GET
H2 200 i
tr.snapchat.com/cm/ Frame 0BCC 0
0 129ms
29ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=1cdb7c83-6b94-4de3-8d9d-6a5c277bfa5c&u_scsid=72e7104b-5f58-4eba-8830-a2ecc833e008&u_sclid=b01cb439-5501-4fd4-a42f-c35657cb3010

Requested by

Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 25 Aug 2024 06:05:40 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 p
tr.snapchat.com/ 68 B
443 B 132ms
28ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=1cdb7c83-6b94-4de3-8d9d-6a5c277bfa5c&ev=PAGE_VIEW&intg=gtm&pids=1cdb7c83-6b94-4de3-8d9d-6a5c277bfa5c&u_c1=e73e4db7-8399-4287-ab59-d54b91141842&cdid=%40-42c10177-6964-4e71-9fb6-0410a5cff31c&u_sclid=b01cb439-5501-4fd4-a42f-c35657cb3010&u_scsid=72e7104b-5f58-4eba-8830-a2ecc833e008&bg=false&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=700&m_fcps=636&m_pi=698&m_pl=0&m_pv=2&m_rd=1224&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rf=https%3A%2F%2Fr.win4win-news.com%2F&trackId=9f2d7eb1-0205-4e67-b54d-98560f34e65b&ts=1724565940300&v=3.25.1-2408082241

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 main.MTcwODM0ODQ4MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 331 KB
93 KB 39ms
36ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4MQ.js
Requested by: Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: de0a685865e11857eb59fc72c7bc426af104c0307e099ba7377d4afe6503058d

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 34131b
date: Sun, 25 Aug 2024 06:05:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024082300562430C4BA27D8F1A3EA46B0
x-tt-trace-id: 00-24082300562430C4BA27D8F1A3EA46B0-29E8C6D0336C4138-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014c0ca1a7ea70026e1cd7c38782c1b167c7b474a5a7e6059314969298bde5ae3503fa789a8598a9cecb97c10d3710f449411b542c1aab34a80fc3f7804a032c39105b7d03661d346534020c146fe2278971772677c8fa683542bc32234f835b36
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 95066

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 54ms
52ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=587343958853100&ev=PageView&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rl=https%3A%2F%2Fr.win4win-news.com%2F&if=false&ts=1724565940305&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1724565940141.131990136145366172&ler=other&cdl=API_unavailable&it=1724565939861&coo=false&rqm=GET

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=14, mss=1297, tbw=3268, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Aug 2024 06:05:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1021 B 127ms
126ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=587343958853100&ev=PageView&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rl=https%3A%2F%2Fr.win4win-news.com%2F&if=false&ts=1724565940305&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1724565940141.131990136145366172&ler=other&cdl=API_unavailable&it=1724565939861&coo=false&rqm=FGET

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 25 Aug 2024 06:05:40 GMT
document-policy: force-load-at-top
x-fb-server-load: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7406954313717604525", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=14, mss=1297, tbw=8384, tp=-1, tpl=-1, uplat=102, ullat=0
pragma: no-cache
x-fb-debug: GaOoF/XpvWe3p4sNnpLuC3kI4Cq5eotI3Dyy6UFIcoTdYsAK5roKD9Eerhy9/DmUXY0nBblwldAOfh2EIj5itw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7406954313717604525"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 52ms
51ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=920079845401155&ev=CHEQ&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rl=https%3A%2F%2Fr.win4win-news.com%2F&if=false&ts=1724565940306&sw=1600&sh=1200&v=2.9.165&r=stable&ec=1&o=12318&fbp=fb.1.1724565940141.131990136145366172&ler=other&cdl=API_unavailable&it=1724565939861&coo=false&rqm=GET

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=14, mss=1297, tbw=3384, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Aug 2024 06:05:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 128ms
127ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=920079845401155&ev=CHEQ&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rl=https%3A%2F%2Fr.win4win-news.com%2F&if=false&ts=1724565940306&sw=1600&sh=1200&v=2.9.165&r=stable&ec=1&o=12318&fbp=fb.1.1724565940141.131990136145366172&ler=other&cdl=API_unavailable&it=1724565939861&coo=false&rqm=FGET

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 25 Aug 2024 06:05:40 GMT
document-policy: force-load-at-top
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7406954312285391192", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=14, mss=1297, tbw=7281, tp=-1, tpl=-1, uplat=101, ullat=0
pragma: no-cache
x-fb-debug: ZogPP6aLAufjGc6CM15pDSLpm8ZFlVm8+lr4bABFSLpL0JBIi2lCzLBkocNwWa33kJvyHbLGjMx+ydrijkt4TQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7406954312285391192"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 52ms
52ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=587343958853100&ev=CHEQ&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rl=https%3A%2F%2Fr.win4win-news.com%2F&if=false&ts=1724565940309&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1724565940141.131990136145366172&ler=other&cdl=API_unavailable&it=1724565939861&coo=false&rqm=GET

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=14, mss=1297, tbw=3384, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Aug 2024 06:05:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
854 B 126ms
126ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=587343958853100&ev=CHEQ&dl=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&rl=https%3A%2F%2Fr.win4win-news.com%2F&if=false&ts=1724565940309&sw=1600&sh=1200&v=2.9.165&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1724565940141.131990136145366172&ler=other&cdl=API_unavailable&it=1724565939861&coo=false&rqm=FGET

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 25 Aug 2024 06:05:40 GMT
document-policy: force-load-at-top
x-fb-server-load: 32
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7406954313482885078", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=14, mss=1297, tbw=6405, tp=-1, tpl=-1, uplat=100, ullat=0
pragma: no-cache
x-fb-debug: fUq59uzCcno1+mYyeeCz7zzIl9Sxqcqu+GeZcZIdAhZQqQv4bxAUP7RltTdl3UoSlzRYX8awmQyw/IJuBlPzbA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7406954313482885078"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/628473700/ 3 KB
2 KB 58ms
56ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/628473700/?random=1724565940424&cv=11&fst=1724565940424&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&ref=https%3A%2F%2Fr.win4win-news.com%2F&label=rsGbCJeb6okZEOT-1qsC&hn=www.googleadservices.com&frm=0&tiba=Helsana%20verlost%20iPhone%2015%20Pro&gtm_ee=1&npa=1&pscdl=noapi&auid=1082370116.1724565940&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4

Requested by

Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

179c8908fe6667343c7bb1cbb2925099aa728fbeacd0e939d932a63efe2adbe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1586
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
356 B 43ms
39ms Fetch
image/gif 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?event=GeneralEvent&ed=%7B%22domain%22%3A%22win4win.ch%22%2C%22user_roles%22%3A%22guest%22%2C%22plugin%22%3A%22PixelYourSite%22%2C%22event_id%22%3A%22864e9c6b-347f-4af1-aeb7-29178c7fc74b%22%7D&tid=2614044924560&cb=1724565940452&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22pixelyoursite%22%2C%22aem_eligible_list%22%3A%5B%22ge%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fr.win4win-news.com%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%221b182128%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Atrue%7D
Requested by: Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565940197
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:40 GMT
referrer-policy: origin
x-cdn: fastly
x-pinterest-rid-128bit: 5ee17d2db445a171900729b9abeac80e
content-type: image/gif
access-control-allow-origin: https://win4win.ch
pinterest-version: 3241ae12ecef327d6ee2618dd13bec9ec9710d0c
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1037830974372857
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_c2008b8c.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 25ms
24ms Script
application/javascript 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_c2008b8c.js
Requested by: Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 341601
date: Sun, 25 Aug 2024 06:05:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202407291241428A0637CBFAAEB41DCF01
x-tt-trace-id: 00-2407291241428A0637CBFAAEB41DCF01-5E518F47C6012312-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e33994960eedba4d9d64bb2cce523cc44cf9a1ceb6067a86a86c193f5f828f28bdf557cde35992181eb3e1ed8857856db1b699a90312147d7379f71cee1d04dd01e66feac1f106f50fe3bcde315804ca4d23cf41cda1e80b4cdebaad1c4e97a7
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=2
content-length: 39594

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
876 B 152ms
149ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 57021e71.341639
date: Sun, 25 Aug 2024 06:05:40 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240825060540E615DE351DBBAA39B47C-2DE9B909CCC176DB-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
x-parent-response-time: 120,2.20.179.90
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=34, inner; dur=30
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240825060540E615DE351DBBAA39B47C
x-cache-remote: TCP_MISS from a23-220-104-210.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 34,23.220.104.210
x-tt-trace-host: 01668225b9d696caafcca6e2035ca1f22101ca695e7a616a519f8a44a0de53591d4c4ee615eebd2608e26c460748b46ab1fe0d372b71dd055c6cb84475a40453782a1d8d3ae26e34bdb2f5e51c4f879ac3961f7301e44c5ef5dc4f0d62280970292803781961a90a7a0ca6b9142418723d
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 06:05:40 GMT

GET
H3

200

/
www.google.fr/pagead/1p-conversion/628473700/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/628473700/?random=786420310&cv=11&fst=1724565940424&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=...
https://www.google.com/pagead/1p-conversion/628473700/?random=786420310&cv=11&fst=1724565940424&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp...
https://www.google.fr/pagead/1p-conversion/628473700/?random=786420310&cv=11&fst=1724565940424&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=...

42 B
64 B

42ms
42ms

Image
image/gif

172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fr/pagead/1p-conversion/628473700/?random=786420310&cv=11&fst=1724565940424&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&ref=https%3A%2F%2Fr.win4win-news.com%2F&label=rsGbCJeb6okZEOT-1qsC&hn=www.googleadservices.com&frm=0&tiba=Helsana%20verlost%20iPhone%2015%20Pro&gtm_ee=1&npa=1&pscdl=noapi&auid=1082370116.1724565940&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI4p-X4ryPiAMVsjRVCB0LVzcYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv&is_vtc=1&cid=CAQSGwDpaXnf1gRhF4_j4eYI7i8fA2JTmAzVIuOBdQ&random=2798805780&ipr=y

Requested by

Host: win4win.ch
URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/

Protocol

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f131.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 25 Aug 2024 06:05:40 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.fr/pagead/1p-conversion/628473700/?random=786420310&cv=11&fst=1724565940424&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200zb831758034&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwin4win.ch%2Fwettbewerb%2Fhelsana-wettbewerb%2F&ref=https%3A%2F%2Fr.win4win-news.com%2F&label=rsGbCJeb6okZEOT-1qsC&hn=www.googleadservices.com&frm=0&tiba=Helsana%20verlost%20iPhone%2015%20Pro&gtm_ee=1&npa=1&pscdl=noapi&auid=1082370116.1724565940&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fdr=CA&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMI4p-X4ryPiAMVsjRVCB0LVzcYMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhNodHRwczovL3dpbjR3aW4uY2gv&is_vtc=1&cid=CAQSGwDpaXnf1gRhF4_j4eYI7i8fA2JTmAzVIuOBdQ&random=2798805780&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p
tr6.snapchat.com/ 0
44 B 50ms
28ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 25 Aug 2024 06:05:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 login_button.php
www.facebook.com/v5.0/plugins/ Frame 00F3 0
0 235ms
185ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/login_button.php?app_id=2453031748306293&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df49c4af0bd7597061%26domain%3Dwin4win.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwin4win.ch%252Fff180d69aa778b0e3%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A%20%20%20%20%20%20%20%20&scope=public_profile%2Cemail&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d5a6283b0b016e705bdcaad53f08420b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: same-origin
date: Sun, 25 Aug 2024 06:05:40 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v14.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7406954313775586685"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7406954313775586685", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=19958, tp=-1, tpl=-1, uplat=142, ullat=0
x-fb-debug: c9oL19faBfM6kCdX9IjGMOb2mlCtFERSrqPGa7V55/JFTNdbvn8FciC8yd/M8JLhGFfS6wEK2JD3dHYHjw7nwQ==
x-fb-server-load: 23
x-xss-protection: 0

GET
H2 200 login_button.php
www.facebook.com/v5.0/plugins/ Frame 04D4 0
0 206ms
162ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v5.0/plugins/login_button.php?app_id=2453031748306293&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6b9e2435de88d3a8%26domain%3Dwin4win.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwin4win.ch%252Fff180d69aa778b0e3%26relation%3Dparent.parent&container_width=0&locale=en_US&login_text=%0A%20%20%20%20%20%20%20%20&scope=public_profile%2Cemail&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d5a6283b0b016e705bdcaad53f08420b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win4win.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: same-origin
date: Sun, 25 Aug 2024 06:05:40 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v14.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7406954313331575040"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7406954313331575040", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2828, tp=-1, tpl=-1, uplat=136, ullat=0
x-fb-debug: LlsZEIyLYES+p53S/PI5sldqDyYP2LSJGqk0zyDuI8zkPMIxA5yBVo4wHxLdg+ctcyrKb/Sv/9cTt2jRRF7JQw==
x-fb-server-load: 34
x-xss-protection: 0

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 20ms
19ms Script
application/javascript 151.101.192.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.192.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 06:05:40 GMT
x-cdn: fastly
age: 3236
etag: "16d5d552603d86726ae439fc61299d42"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4103

GET
H2 200 ct.html
ct.pinterest.com/ Frame 9DA1 0
0 79ms
38ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: ob.du89buildings.com
URL: https://ob.du89buildings.com/i/eb440d79bb10219527b9498b0012b9bb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://win4win.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sun, 25 Aug 2024 06:05:40 GMT
pinterest-version: 3241ae12ecef327d6ee2618dd13bec9ec9710d0c
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1035934339699507
x-pinterest-rid-128bit: 1da05f067b99f57e0e6060cb186aff65

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
874 B 186ms
183ms Ping
text/plain 2.18.64.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-26.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7ce534c.3419b8
date: Sun, 25 Aug 2024 06:05:40 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240825060540D22DD235FE1E6FF01F96-67696F083AB99E82-00
x-cache: TCP_MISS from a2-20-179-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
x-parent-response-time: 150,2.20.179.90
server-timing: cdn-cache; desc=MISS, edge; dur=116, origin; dur=45, inner; dur=19
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240825060540D22DD235FE1E6FF01F96
x-cache-remote: TCP_MISS from a23-217-116-247.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 45,23.217.116.247
x-tt-trace-host: 01668225b9d696caafcca6e2035ca1f2219f9cd46021bb7dec2762cde3ccf8aa660265d89016c254666f65221cd6e713f8aa66c2ba6a7568e5640827ce2c9e2fb9e6521374e9d7a21151d0132a9c782560dcd0e0c796fc752cc0ad2a30ee647f2f50bfd087ba2abb9e42f87a04fc0b3077
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 06:05:40 GMT

POST
H2 200 p
tr.snapchat.com/ 0
89 B 29ms
26ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 25 Aug 2024 06:05:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://win4win.ch
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 favicon.png
win4win.ch/wp-content/themes/win4win/images/ 10 KB
10 KB 35ms
34ms Other
image/png 2a01:4a0:17::1:f800
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL

https://win4win.ch/wp-content/themes/win4win/images/favicon.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:17::1:f800 Erlangen, Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),

Reverse DNS

Software

nginx /

Resource Hash

c1d71b63f9bde9b4d2f4621c7ff0718ab3c2b6404332b0e5bee99113d3324056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win4win.ch/wettbewerb/helsana-wettbewerb/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Mon, 25 Aug 2025 06:05:41 GMT
date: Sun, 25 Aug 2024 06:05:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
onsuccess: edit Set-Cookie (.*) "$1; HTTPOnly"
content-length: 9966
x-xss-protection: 1; mode=block
referrer-policy
last-modified: Thu, 21 Sep 2023 10:16:21 GMT
server: nginx
etag: "26ee-650c17f5-0;;;"
content-type: image/png
cache-control: max-age=31536000, public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
edit: Set-Cookie (.*) "$1; Secure", Set-Cookie (.*) "$1; HTTPOnly"

POST
H2 200 mon Show response
obs.du89buildings.com/ 0
144 B 102ms
100ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.du89buildings.com/mon
Requested by: Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565940197
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://win4win.ch
date: Sun, 25 Aug 2024 06:05:41 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.du89buildings.com/ 0
16 B 99ms
98ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.du89buildings.com/mon
Requested by: Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565940197
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://win4win.ch
date: Sun, 25 Aug 2024 06:05:41 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.du89buildings.com/ 0
39 B 101ms
99ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.du89buildings.com/mon
Requested by: Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565940197
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://win4win.ch
date: Sun, 25 Aug 2024 06:05:43 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.du89buildings.com/ 0
39 B 105ms
102ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.du89buildings.com/mon
Requested by: Host: sdk.checkout-panda.ch
URL: https://sdk.checkout-panda.ch/sdk.js?v=1724565940197
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win4win.ch/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://win4win.ch
date: Sun, 25 Aug 2024 06:05:45 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: win4win.ch
URL: blob:https://win4win.ch/7fcba399-34ab-49fe-a2c4-9b3285f70570

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 23:04:12	Name: X-AB Value: 3c1412b8a0a94f31a19b66f8b63dbed5
sibautomation.com/	1970-01-21 03:24:25	Name: uuid Value: d085b189-e979-4a75-8045-51ca312ed62e
.win4win.ch/	1970-01-21 01:14:09	Name: _cq_duid Value: 1.1724565939.Yrp2HKYmulmr3S51
.win4win.ch/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1724565939.U71rHInfffud6Qbr
.win4win.ch/	1970-01-20 23:04:12	Name: _gid Value: GA1.2.1123969984.1724565940
.win4win.ch/	1970-01-20 23:02:45	Name: _gat Value: 1
.win4win.ch/	1970-01-21 08:38:45	Name: G_ENABLED_IDPS Value: google
win4win.ch/	1969-12-31 23:59:59	Name: PHPSESSID Value: o19bvolr4i9gdbcmu1risu6hlv
.win4win.ch/	1970-01-20 23:45:57	Name: pageviewCount Value: 1
obs.du89buildings.com/	1970-01-21 07:06:36	Name: cg_uuid Value: 8174b387a8e950e760a59fc941f191ed
.win4win.ch/	1970-01-21 08:38:45	Name: _ga_YBNHKJ18XT Value: GS1.1.1724565940.1.0.1724565940.60.0.0
.win4win.ch/	1970-01-21 08:38:45	Name: _ga Value: GA1.1.2108121940.1724565940
.win4win.ch/	1970-01-21 01:12:21	Name: _gcl_au Value: 1.1.1082370116.1724565940
.win4win.ch/	1970-01-21 01:12:21	Name: _fbp Value: fb.1.1724565940141.131990136145366172
.win4win.ch/	1970-01-21 07:48:21	Name: _hjSessionUser_1769474 Value: eyJpZCI6IjNhZjRkY2JiLWRmZmEtNTYyNi1iNjE5LWNhODRlODY4YWY3MSIsImNyZWF0ZWQiOjE3MjQ1NjU5NDAxNzksImV4aXN0aW5nIjpmYWxzZX0=
.win4win.ch/	1970-01-20 23:02:47	Name: _hjSession_1769474 Value: eyJpZCI6IjhiMTM5MzIzLTY0ZjctNGM3OC1hNmQwLWY5NTk3MzU4NTI1NiIsImMiOjE3MjQ1NjU5NDAxODAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.win4win.ch/	1970-01-20 23:04:12	Name: _cq_pxg Value: 3\|g0026854837230901863\|628473700\|event=conversion
.tiktok.com/	1970-01-21 08:24:21	Name: _ttp Value: 2l8e4feHlnHCjv8OzJD05b4JGPm
.win4win.ch/	1970-01-21 08:38:45	Name: _ga_V0NHQB0T8H Value: GS1.1.1724565940.1.0.1724565940.60.0.0
.win4win.ch/	1970-01-21 08:32:32	Name: _scid Value: e73e4db7-8399-4287-ab59-d54b91141842
.win4win.ch/	1970-01-21 08:32:32	Name: _scid_r Value: e73e4db7-8399-4287-ab59-d54b91141842
.pinterest.com/	1970-01-21 07:48:21	Name: ar_debug Value: 1
.snapchat.com/	1970-01-21 08:24:21	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ3AIAhFwYlIqH4edRy0cQqG7x1o36NrUGGa9dr6fFsOTjEFmd1PDgWx5O0/gt4tyTIAAAA=
.win4win.ch/	1970-01-21 07:48:21	Name: _pin_unauth Value: dWlkPU0yTmpOalppWkdNdE1UWTNZUzAwTWpoaUxUZzRNMkl0WVRRMlltWmlOMkV6T0RJNA
.win4win.ch/	1970-01-21 08:24:21	Name: _tt_enable_cookie Value: 1
.win4win.ch/	1970-01-21 08:24:21	Name: _ttp Value: GqTpBMRyvQh7FwD0W1ka2-oh0eT
.ct.pinterest.com/	1970-01-21 07:48:21	Name: _pinterest_ct_ua Value: "TWc9PSY2Wk4ySjJIWUtQeXRWYmZ6STRJeVJyWFZaQzhqdjV0Uy9xSENYcUVtNGxscVFJNlNKTWUxSTA0L245OFprVUFST280ekNnMVVZSXVYckx6d0c5OXhQU2dnTWwyaFQrNStKMVRxV2p3TEVucz0meURCZGJ0SVZLQ0FPYmd1YUlBTExBc01IYkl3PQ=="
.doubleclick.net/	1970-01-20 23:02:46	Name: test_cookie Value: CheckForPermission
.win4win.ch/	1970-01-20 23:12:50	Name: _ScCbts Value: %5B%5D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	Message: Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fr.MtA0XocprA0.O/m=signin2/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo90Qw_OxY6asHlYoeK8rr6SbH-ghg/cb=gapi.loaded_0?le=scs(Line 193) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
other	error	URL: https://win4win.ch/wettbewerb/helsana-wettbewerb/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
analytics.tiktok.com
apis.google.com
cdnjs.cloudflare.com
connect.facebook.net
ct.pinterest.com
esputnik.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ob.du89buildings.com
obs.du89buildings.com
promo.checkout-panda.ch
r.win4win-news.com
region1.analytics.google.com
s.pinimg.com
sc-static.net
script.hotjar.com
sdk.checkout-panda.ch
sibautomation.com
static.hotjar.com
stats.g.doubleclick.net
tr.snapchat.com
tr6.snapchat.com
win4win.ch
www.facebook.com
www.google-analytics.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
win4win.ch
1.179.112.197
104.17.25.14
142.250.184.228
142.250.185.104
142.250.185.98
151.101.192.84
151.101.64.84
157.240.0.6
172.217.16.131
18.66.102.11
2.18.64.26
2001:4860:4802:34::36
216.58.212.162
2600:1f18:e8a:cd06:e361:a2ce:b047:17c
2600:9000:2057:c400:1d:87b1:e480:93a1
2606:4700:4400::6812:278d
2a00:1450:4001:801::200e
2a00:1450:4001:802::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:81c::2003
2a00:1450:400c:c04::9c
2a00:1450:4013:c14::54
2a01:4a0:17::1:f800
2a02:26f0:480:5b1::1931
2a03:2880:f176:84:face:b00c:0:25de
2a03:2880:f177:185:face:b00c:0:25de
2a05:d018:ac8:b900:2a45:d70f:9818:9c14
3.163.248.4
35.190.43.134
46.101.217.240
65.9.95.80
047d84c27851de37909199aa500b248940b50d806497197d405d0398c1f22740
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0bc4f2cb356a0002f323557c757d91e3ad56ac5a91c141e881217a1305aa51e1
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69
176c57f5621456e48b9cd437462145b426bdaf91673cec3e6de86b79292380d4
179c8908fe6667343c7bb1cbb2925099aa728fbeacd0e939d932a63efe2adbe7
1ecb6f95059703c992766b3b3ceef6c17b31e3a5c648343e069d637b746933d8
1fbae76075c291126d0358aa627f3001f2624ac8e07ef113a99c6f9758a7c048
2514c6c83638d066a64044f01a050a9f6a40e34d4f28b88bbe002e605d53e503
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2af0f5c12099fb857aeda94a926b0ab19f253b649b4b159f04f0f9e342de2d9f
2c558433f31467de73d0da85a16fe44db6a58f9cfccbd0061ad4d4ff6cb51f3f
2c88a11c8087ce4c87d7e6f1fc8bdac822ee09a7400565c058c89e03df8b5c10
30770c8e5b57d21cf5746da2525f0bd46b0ded78df5ab461ec4666b0c73d9dbf
34460dcaea00c8a53d84b7d6e630deef8cb1dd07e9c99420f178c56b37727253
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
376aa716f5acbcefc1b0a7684a56f4d642f23bf6534917d787d163c2ad81ebb4
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3801892e3e472faf7c234a8cc90981a1c15eba0458cec51274979f51f9ca49ba
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
41f98207a2bcab9d5f7da91c377ed204bac8cb702530f3b6e564447cfc4a6b5f
45ee22f61a84fb36cce1717c1f08cba04ac6590543cdedee9b691f0e2557d296
46977089b698cb83d11e559cea0366e56bfc0328611fb4d6ee885884c652bcc1
476b2ba6f156ab10a411a7201640acbf2383ef69944e6394a7f8725222438a73
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
4be63fcb5ab37a994c2045aa99c97ddf01df2376326e36ac3e6ef078da284523
4d868e8f60da7be6c160c964a5c47ed02e409abf0f9c13b65a15840bf32d717a
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3
5358d52e0c51328692627f14b34cb706b8426b1bc4281ab55dd06b01fcbdc76d
53f62af044f11f04fd583b5e6af56516d898e3e8de0bc5db656cbd0926530af7
546563b2127208f386e87a2a9408e8df00c8ead92181e22a6824d823be57827f
61ac8d1132905ced04a756b27b2b9149ed4cc35ac9cb04c9b24606d02f7b2bfb
62da855e1370b3f736975cc1da5a0906a391c374d24febdfdb17c0dad4a062a8
6515981ad814530ea37bc6838f8d8cc3074eaf22dffef1b8f207959afd0a492b
6f12865fd04625331257e28d725dd0bb71426f9c16568997f57e0d794966cd48
6f916c93d60afa8634855848aa4273e8032393562abe6b37f8b4ea5f2d8f4afa
700c8bd73d93522ca53cdc35e2a71e96caf7c344bc7a8391f3af90c10b917033
753b6da6d4ab99217d7b21623591f3b3e4b54c712f01fb80d898a412a6ad502f
7555e222251b2447fb5904611f5543f0335765a95807cea8ec3df992dd97142a
76f448ec45359e863fb3a6432a2a3cf22c0cc0a52aead6318b57ab38db6f1d14
7f6a762a7e6247be81722a92c5c7ecb3fb7336b8126a97c5863286ee4090fe03
81c33672d192732fd5591050eb92255404dec032d950e06340220ce3bd4c1c77
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
9011cc3e35968d04dcaa3cb8f48afdf51e3cae17e0e631ba5ab019e8f18ae6b8
90b093d0632304ca9774e284386055b0ed71a42c06749090619f15977999e32a
959fb278a61b3a670f053b53771f696c936ab8c14a9fb87c2caeb383a5c4f7fc
9886b53b6bd57360fe670d13ad0599487f8c0f2cfa1f8aa5adfa1deebe3b2d05
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ea26191ffc6155103762f2a7205b0b1af5f0e8d4e26cb4b539e581e2e48686
9ca07df45944b8440ae6241e4a017db2b6e4600e5f647d3180c96877198c3552
9f8fdf924a95b17a65177aa5aa4b8e0279dd3e1a3033ea3500b7793af46a1b1f
a7fadd48caf40975fd83278c5ffe403f8fb906d35ea0c28fe291348c1cf3ac3f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
b14eaeddc99b48d46555f3c800db25b490688ada43b089a3477a633dae9cc56f
b1a358fb3138ddc55239faf121e297470da161e6c1d0bee44079ebb7a8a754c7
b439917bec713319595d8c307b0498b9e5454447074d60362a0321ab3e97319e
b5c2c907dbb18de704c191d9bcd96b9e296715948ab9ccbb634b9fa27a93012b
b63d4fba35ebc3fa5ed0bf3b04b8bff0694c39ac41569552142036a0b5ace965
b65e5cd6afcb656302e8ea12209515c350feb3c2596dd1bbebc0a65194813d8b
b8100300782c3996df589115a277f672d840d7701a8afa6bb22aa985b5812a2d
b8e9b6f51f0a6014b39060747a6a7fb66c842442e3f0fa04202df5862665efdf
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c1d71b63f9bde9b4d2f4621c7ff0718ab3c2b6404332b0e5bee99113d3324056
c6ffcf1486c217e3188fe288b8d88aa8ddb757ed7733c5408f0031a9bb0c9687
d6af0285b36e4227b62a05dba2a0ca9c6579d93ac1a5bb1791225ba4eb253979
dc52a1b197d39b12ee2340c85f7e2c5560cb7ff9262f760e78a60227dbf9c234
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de0a685865e11857eb59fc72c7bc426af104c0307e099ba7377d4afe6503058d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de50168bdf739fd3af791bb4c463d2386e9c266ef3c6c1033dedcf9695628fbe
e294e848e32473a56985bd55d8b084fb501a8fe4f66b0e11597870e711804ca1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71ea0e0b3afe1fbcecccf194b54de5d0741c9889ce6c76f6b6ac00f8d2bdfd9
e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621
eeadabe52147b776a531b385b2af1c633bb67ff8032af5c16f718140cc22f94a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef32182597ff24ee15b7bea8e09c5e9a325ae31152149ce1908fc584096037ed
f040e77b8264be8887ce6b69b83480c46926230d99d844a5ffc1893b5c9dc748
f9437f01848605b1eb0a0e0e630556eceb8322283898249f9acf1f7a899d14a3
f9ddd1e64827cb0fa09d74aa581ecfd468212261fa170ec9baddbd678389b342
fca1eca3767fe91982bb7fbb94921f46677e5911b3ba76b24bc1dac67dad32ab
fed188be9388b5012169ecb411b4f769de8e30be8c10f0d9c17ba9329760c7ab

win4win.ch Open in urlscan Pro 2a01:4a0:17::1:f800 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

119 Requests

97 %HTTPS

53 %IPv6

23 Domains

33 Subdomains

34 IPs

7 Countries

9495 kBTransfer

13326 kBSize

29 Cookies

4 Outgoing links

Page URL History

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

win4win.ch Open in urlscan Pro
2a01:4a0:17::1:f800 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

97 %
HTTPS

53 %
IPv6

23
Domains

33
Subdomains

34
IPs

7
Countries

9495 kB
Transfer

13326 kB
Size

29
Cookies

119 HTTP transactions
1 data transactions