winterthur.com Open in urlscan Pro
46.231.200.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://winterthur-event.ch/
Effective URL:
https://winterthur.com/de/
Submission: On February 20 via api (February 20th 2024, 1:19:17 am UTC) from CH — Scanned from CH

Summary HTTP 118 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 33 IPs in 4 countries across 22 domains to perform 118 HTTP transactions. The main IP is 46.231.200.190, located in Zurich, Switzerland and belongs to ASN-METANET Routingpeering issues: noc@metanet.ch, CH. The main domain is winterthur.com.
TLS certificate: Issued by R3 on January 19th 2024. Valid for: 3 months.

This is the only time winterthur.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 40	46.231.200.190 46.231.200.190	21069 (ASN-METAN...) (ASN-METANET Routingpeering issues: noc@metanet.ch)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:bf59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2600:9000:237... 2600:9000:237d:2600:15:c796:3780:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:225e:c200:1a:4777:d980:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:faa8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4eba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20c... 2600:9000:20c3:7a00:1:1ee4:a40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.225.78.114 13.225.78.114	16509 (AMAZON-02) (AMAZON-02)
14 14	2600:9000:249... 2600:9000:2491:5200:1a:1610:3ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	2a03:2880:f27... 2a03:2880:f276:1c3:face:b00c:0:43fe	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2606:4700::68... 2606:4700::6812:b05d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
118	33

40 46.231.200.190 (Zurich, Switzerland) 2 redirects

ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH)
PTR: hosting.tso.ch

winterthur-event.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
winterthur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bf59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:237d:2600:15:c796:3780:93a1 (United States)

ASN16509 (AMAZON-02, US)

plugins.flockler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:c200:1a:4777:d980:93a1 (United States)

ASN16509 (AMAZON-02, US)

fl-1.cdn.flockler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:faa8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4eba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20c3:7a00:1:1ee4:a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.flockler.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-114.fra2.r.cloudfront.net

stats-api.flockler.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:2491:5200:1a:1610:3ac0:93a1 (United States) 14 redirects

ASN16509 (AMAZON-02, US)

media-api.flockler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-fra5-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
external-fra5-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f276:1c3:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent.cdninstagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-fra3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-fra3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

scontent-fra5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:b05d (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	winterthur.com 1 redirects winterthur.com	2 MB
19	flockler.com 14 redirects plugins.flockler.com — Cisco Umbrella Rank: 54794 fl-1.cdn.flockler.com — Cisco Umbrella Rank: 138304 media-api.flockler.com — Cisco Umbrella Rank: 80927	100 KB
12	youtube.com www.youtube.com — Cisco Umbrella Rank: 80	1 MB
9	fbcdn.net scontent-fra5-2.xx.fbcdn.net — Cisco Umbrella Rank: 13313 scontent-fra3-1.xx.fbcdn.net — Cisco Umbrella Rank: 12220 scontent-fra3-2.xx.fbcdn.net — Cisco Umbrella Rank: 12075 external-fra5-2.xx.fbcdn.net — Cisco Umbrella Rank: 79835 scontent-fra5-1.xx.fbcdn.net — Cisco Umbrella Rank: 11599	664 KB
8	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6431	321 KB
5	cdninstagram.com scontent.cdninstagram.com — Cisco Umbrella Rank: 1014	517 KB
5	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 113 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 static.doubleclick.net — Cisco Umbrella Rank: 271	2 KB
5	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 5459 app.hubspot.com — Cisco Umbrella Rank: 6174 track.hubspot.com — Cisco Umbrella Rank: 2726	24 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48 jnn-pa.googleapis.com — Cisco Umbrella Rank: 230	41 KB
4	flockler.app api.flockler.app — Cisco Umbrella Rank: 88464 stats-api.flockler.app — Cisco Umbrella Rank: 121823	8 KB
4	gstatic.com fonts.gstatic.com Failed www.gstatic.com	47 KB
3	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2616	18 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	164 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2400 www.google.com — Cisco Umbrella Rank: 2	20 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 218	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 102	45 KB
1	google.ch www.google.ch — Cisco Umbrella Rank: 24918	408 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2608	21 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5500	25 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2825	1 KB
1	winterthur-event.ch 1 redirects winterthur-event.ch	99 B
118	22

	Domain	Requested by
39	winterthur.com	1 redirects winterthur.com
14	media-api.flockler.com	14 redirects
12	www.youtube.com	winterthur.com www.youtube.com
8	static.hsappstatic.net	app.hubspot.com static.hsappstatic.net
5	scontent.cdninstagram.com	winterthur.com
4	jnn-pa.googleapis.com	www.youtube.com
3	scontent-fra5-2.xx.fbcdn.net	winterthur.com
3	js.hs-banner.com	js.hs-scripts.com js.hs-banner.com
3	plugins.flockler.com	winterthur.com plugins.flockler.com
3	www.googletagmanager.com	winterthur.com www.googletagmanager.com www.google-analytics.com
2	scontent-fra5-1.xx.fbcdn.net	winterthur.com
2	scontent-fra3-2.xx.fbcdn.net	winterthur.com
2	stats-api.flockler.app	plugins.flockler.com
2	app.hubspot.com	js.usemessages.com static.hsappstatic.net
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	api.flockler.app	plugins.flockler.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	api.hubspot.com	js.usemessages.com
2	fonts.gstatic.com	www.youtube.com
2	fl-1.cdn.flockler.com	plugins.flockler.com winterthur.com
1	track.hubspot.com
1	external-fra5-2.xx.fbcdn.net	winterthur.com
1	scontent-fra3-1.xx.fbcdn.net	winterthur.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	www.google.ch	winterthur.com
1	region1.analytics.google.com	www.googletagmanager.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-scripts.com	winterthur.com
1	fonts.googleapis.com	winterthur.com
1	winterthur-event.ch	1 redirects
118	36

This site contains links to these domains. Also see Links.

Domain
kinderregion.ch
tportal.toubiz.de
www.casinotheater.ch
molton.ch
swisswinefestivals.events
www.gewerbemuseum.ch
www.myswitzerland.com
www.zuerich.com
www.stv-fst.ch
www.facebook.com
www.instagram.com
www.linkedin.com
www.youtube.com
www.tripadvisor.ch
tso.ch

Subject Issuer	Validity	Valid
winterthur.com R3	`2024-01-19` - `2024-04-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
plugins.flockler.com Amazon RSA 2048 M03	`2023-11-18` - `2024-12-15`	a year	crt.sh
fl-1.cdn.flockler.com Amazon RSA 2048 M02	`2023-05-21` - `2024-06-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
api.flockler.app Amazon RSA 2048 M01	`2023-03-21` - `2024-04-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
stats-api.flockler.app Amazon RSA 2048 M02	`2024-02-11` - `2025-03-12`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://winterthur.com/de/
Frame ID: 8763272B96A6CB72D48F01FB5FF9BE45
Requests: 55 HTTP requests in this frame

Frame: https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1
Frame ID: B2794FE183B7106E2A167DCC0BE1E414
Requests: 7 HTTP requests in this frame

Frame: https://plugins.flockler.com/embed/iframe/17159abba35059d6930d36c151dafd54/17c99bb329c0536ada95a26503b5197c
Frame ID: 245EA995D92A838D3CD4859CEC4F4AD2
Requests: 22 HTTP requests in this frame

Frame: https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1
Frame ID: 32D5BE86AA8F883D5FCAE64024CDE95A
Requests: 20 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/9194921/threads/utk/4d832c02183f45d393ef565599dadc6b?uuid=544085e2860a4c77b06256b6c4031925&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=winterthur.com&inApp53=false&messagesUtk=4d832c02183f45d393ef565599dadc6b&url=https%3A%2F%2Fwinterthur.com%2Fde%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 8D5E5B8D5B382CCA7C2BEB6DCB359DEA
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Winterthur Switzerland - House of Winterthur

Page URL History Show full URLs

https://winterthur-event.ch/ HTTP 302
https://winterthur.com/ HTTP 302
https://winterthur.com/de/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

118
Requests

85 %
HTTPS

94 %
IPv6

22
Domains

36
Subdomains

33
IPs

4
Countries

5645 kB
Transfer

11469 kB
Size

8
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://kinderregion.ch/de/die-region/winterthur/
Title: Aktivitäten für Familien

Search URL Search Domain Scan URL

URL: https://tportal.toubiz.de/Winterthur/package/detail1/TDS00020012777131170
Title: Museums-Package

Search URL Search Domain Scan URL

URL: https://www.casinotheater.ch/spielplan/produktion/monsieur-claude-und-seine-toechter/?backID=29258

Search URL Search Domain Scan URL

URL: https://molton.ch/

Search URL Search Domain Scan URL

URL: https://swisswinefestivals.events/?utm_source=hs_email&utm_medium=email&_hsenc=p2ANqtz--MBhYOCw0L3YTMPZRPvAPPh5aQBqSGxvHj5AHcX1oF-ZgP2yFOyxYG2vTFID0nHjf1b2Y0

Search URL Search Domain Scan URL

URL: https://www.gewerbemuseum.ch/ausstellungen/perfectly-imperfect-makel-mankos-defekte

Search URL Search Domain Scan URL

URL: https://www.myswitzerland.com/de-ch/

Search URL Search Domain Scan URL

URL: https://kinderregion.ch/de/

Search URL Search Domain Scan URL

URL: https://www.zuerich.com/de

Search URL Search Domain Scan URL

URL: https://www.stv-fst.ch/nachhaltigkeit/kompetenzzentrum/swisstainable

Search URL Search Domain Scan URL

URL: https://www.facebook.com/lovewinterthur

Search URL Search Domain Scan URL

URL: https://www.instagram.com/lovewinterthur/?hl=de

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/houseofwinterthur

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCRq_5P8lqZ2i_9vmtaTjgAw?view_as=subscriber

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.ch/Tourism-g188112-Winterthur-Vacations.html

Search URL Search Domain Scan URL

URL: https://tso.ch/
Title: powered by TSO AG

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://winterthur-event.ch/ HTTP 302
https://winterthur.com/ HTTP 302
https://winterthur.com/de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 90

https://media-api.flockler.com/facebook/image/169059432553_811746610993238 HTTP 303
https://scontent-fra5-2.xx.fbcdn.net/v/t39.30808-6/424706677_811745000993399_5139466497225258440_n.jpg?stp=dst-jpg_p720x720&_nc_cat=109&ccb=1-7&_nc_sid=3635dc&_nc_ohc=YkrcY9QFnyMAX95VAek&_nc_ht=scontent-fra5-2.xx&edm=AKIiGfEEAAAA&oh=00_AfBnknE38O8iy_DpxcE3k2ATdCMTfxOu64Y69vs_mWmyUw&oe=65D4E364

Request Chain 91

https://media-api.flockler.com/facebook/profile_image/169059432553 HTTP 303
https://scontent-fra5-2.xx.fbcdn.net/v/t39.30808-1/327546155_913219429692259_9117198788145340909_n.png?stp=cp0_dst-png_p50x50&_nc_cat=106&ccb=1-7&_nc_sid=4da83f&_nc_ohc=PD9VFKZnhxoAX9kUMTH&_nc_oc=AQm5Dv4A3LIeZVktrIzv1zX8NkRViX6xJhNwMOcaGOpyI6yVVuv4ELnOjH-w1axRHEQ&_nc_ht=scontent-fra5-2.xx&edm=AKIiGfEEAAAA&oh=00_AfC_MjTCTroYixQjKXB_oxP0Q0RyBIdToYHIzMGGKMdQlA&oe=65D4D13C

Request Chain 92

https://media-api.flockler.com/instagram/video_cover/3302699096513013041 HTTP 303
https://scontent.cdninstagram.com/v/t51.2885-15/426672577_947607583465618_4463081975513825703_n.jpg?stp=dst-jpg_e35_p640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=110&_nc_ohc=3sRdE23jRUwAX9vPmkO&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfB7wmhG33_fwThvB4pbeSwS-77fIlaa0g1CAZofC4fzqw&oe=65D45C3F&_nc_sid=cc8940

Request Chain 93

https://media-api.flockler.com/instagram/profile_image/lovewinterthur HTTP 303
https://scontent-fra3-1.xx.fbcdn.net/v/t51.2885-15/66315719_1132101773658894_3652110584138170368_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=7d201b&_nc_ohc=wXtdPw7jlLMAX8M3MSF&_nc_ht=scontent-fra3-1.xx&edm=AL-3X8kEAAAA&oh=00_AfCkmqYHvYyj-kwJmXJ-Jb0OJKWspkrE72h_1P1xv5foUg&oe=65D6F4B0

Request Chain 94

https://media-api.flockler.com/facebook/image/169059432553_809887271179172 HTTP 303
https://scontent-fra5-2.xx.fbcdn.net/v/t39.30808-6/424583467_809597181208181_3585606812642374513_n.jpg?stp=cp1_dst-jpg_p720x720&_nc_cat=109&ccb=1-7&_nc_sid=3635dc&_nc_ohc=FwZ9SkkdNjsAX9bTd1C&_nc_ht=scontent-fra5-2.xx&edm=AJfPMC4EAAAA&oh=00_AfDJPWU96id9hgl48Jf6hjINdkSbO2t2Ti9c3vOpwkcrSg&oe=65D66B4A

Request Chain 95

https://media-api.flockler.com/instagram/image/3298882588699568101 HTTP 303
https://scontent.cdninstagram.com/v/t51.2885-15/425750198_1594576537947617_3430253196178176143_n.jpg?stp=dst-jpg_e35_s640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=105&_nc_ohc=2LNaptDK39EAX-Jw7td&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfDnvuaiO7b0mQDSVr7o_yacBwC9CPj_FS7B_jQi6bdefg&oe=65D4401B&_nc_sid=cc8940

Request Chain 96

https://media-api.flockler.com/facebook/image/169059432553_805693591598540 HTTP 303
https://scontent-fra3-2.xx.fbcdn.net/v/t39.30808-6/424974540_804924015008831_6828235389321307188_n.jpg?stp=dst-jpg_p720x720&_nc_cat=104&ccb=1-7&_nc_sid=3635dc&_nc_ohc=EsIijLVJ9_AAX8soymP&_nc_ht=scontent-fra3-2.xx&edm=AJfPMC4EAAAA&oh=00_AfDeX4n034qJ0Q7Z__HlsKosbK1ONLldMWMUUfVx7Y7Qvg&oe=65D4933A

Request Chain 97

https://media-api.flockler.com/instagram/image/3296808885577047520 HTTP 303
https://scontent.cdninstagram.com/v/t39.30808-6/417418933_18414829366055462_8404860809410558075_n.jpg?stp=dst-jpg_e35_s640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=102&_nc_ohc=B_eWbhQhZPkAX-m-I2C&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfAyQtKTi-TzFapWzKN_ddjB324Fg1gRwFHa6YJs3DeEkg&oe=65D46ED8&_nc_sid=cc8940

Request Chain 98

https://media-api.flockler.com/facebook/image/169059432553_804919368342629 HTTP 303
https://external-fra5-2.xx.fbcdn.net/emg1/v/t13/8620226403532133371?url=https%3A%2F%2Fwww.casinotheater.ch%2Fwp-content%2Fuploads%2F2023%2F10%2FFoto_mit_Titel_web-breit.jpg&fb_obo=1&utld=casinotheater.ch&stp=c0.5000x0.5000f_dst-emg0_p720x720_q75&ccb=13-1&oh=06_AbGz_pOk-pp2CIwOMzLlVXqEpl1Gd1WnBdk-KgaU7jHLpw&oe=65D57069&_nc_sid=ef6713

Request Chain 99

https://media-api.flockler.com/facebook/image/169059432553_801030578731508 HTTP 303
https://scontent-fra5-1.xx.fbcdn.net/v/t39.30808-6/421877428_800349022132997_4849432815086296271_n.jpg?stp=dst-jpg_p720x720&_nc_cat=102&ccb=1-7&_nc_sid=3635dc&_nc_ohc=jmPY-RLinM8AX8qe4-T&_nc_ht=scontent-fra5-1.xx&edm=AJfPMC4EAAAA&oh=00_AfDHGwbVabWdlo0F75lm3gmZeHnksw6MOWREPBYYw9wghg&oe=65D7D0F3

Request Chain 100

https://media-api.flockler.com/instagram/image/3292502031657013608 HTTP 303
https://scontent.cdninstagram.com/v/t39.30808-6/424581706_800350785466154_5466806842722875300_n.jpg?stp=dst-jpg_e35_p640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=102&_nc_ohc=c4WvizbbnWwAX9OwFVy&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfBE0JrSeCC4wlf3bPb8Qjpgm9SLDgH4lo6zmEmH6tmJuA&oe=65D4190E&_nc_sid=cc8940

Request Chain 101

https://media-api.flockler.com/facebook/image/169059432553_800272935473939 HTTP 303
https://scontent-fra3-2.xx.fbcdn.net/v/t39.30808-6/422029758_800269478807618_4218359626499342538_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=3635dc&_nc_ohc=NG852FVD4sAAX8cyHwS&_nc_ht=scontent-fra3-2.xx&edm=AJfPMC4EAAAA&oh=00_AfBqXGko6W3M4zZSBrytdGOG28DjFiGzk3miA2n9H5WrqA&oe=65D531D8

Request Chain 102

https://media-api.flockler.com/facebook/image/169059432553_797602632407636 HTTP 303
https://scontent-fra5-1.xx.fbcdn.net/v/t39.30808-6/421901061_797601705741062_5391146600518689613_n.jpg?stp=dst-jpg_p720x720&_nc_cat=110&ccb=1-7&_nc_sid=3635dc&_nc_ohc=m93dsoHM9ZcAX9CzpMS&_nc_ht=scontent-fra5-1.xx&edm=AJfPMC4EAAAA&oh=00_AfAHnByvwhGHqFtQX7EfgL1U1Mul90WMzNDt9JLjk3ft6g&oe=65D64770

Request Chain 103

https://media-api.flockler.com/instagram/video_cover/3288102141749217134 HTTP 303
https://scontent.cdninstagram.com/v/t51.2885-15/421731123_265764486388344_870056995808101300_n.jpg?stp=dst-jpg_e15_p640x640&_nc_ht=scontent.cdninstagram.com&_nc_cat=100&_nc_ohc=6tuOnktt56oAX_SUyhe&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfABfyS0aYzpT2Jq6zeoyrNddFmEC813mzBcN59FMWXezg&oe=65D4615E&_nc_sid=cc8940

118 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
winterthur.com/de/
Redirect Chain

https://winterthur-event.ch/
https://winterthur.com/
https://winterthur.com/de/

110 KB
15 KB

218ms
218ms

Document
text/html

46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL

https://winterthur.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),

Reverse DNS

hosting.tso.ch

Software

nginx /

Resource Hash

3dcf421fddabea5e40e1db046ac9e993a3c67c0ade4af67cf1d7b00be321ec24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

age: 3294
cache-control: max-age=86400, public, s-maxage=4406
contao-cache: fresh
content-encoding: gzip
content-length: 14487
content-type: text/html; charset=UTF-8
date: Tue, 20 Feb 2024 01:19:10 GMT
expires: Wed, 01 Jan 2025 00:08:19 GMT
permissions-policy: interest-cohort=()
referrer-policy: no-referrer-when-downgrade, strict-origin-when-cross-origin
server: nginx
vary: Origin,Cookie,Accept-Encoding
x-content-digest: en136e817a6ee1de054665a189edb0c1bfd404fa790652779abfde827d84673b7d
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private, must-revalidate
contao-cache: miss
content-type: text/html; charset=UTF-8
date: Tue, 20 Feb 2024 01:19:10 GMT
expires: -1
location: https://winterthur.com/de/
permissions-policy: interest-cohort=()
pragma: no-cache
referrer-policy: no-referrer-when-downgrade, strict-origin-when-cross-origin
server: nginx
vary: Origin

GET
H2 200 jquery.js Show response
winterthur.com/layout/scripts/ 98 KB
34 KB 90ms
88ms Script
application/javascript 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://winterthur.com/layout/scripts/jquery.js?v=ea40c615
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: c54cc923c53a3ae7b6125d87d732de9f27cfc7b603b92b52f0d796022c5b82ea

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:10 GMT
content-encoding: gzip
last-modified: Mon, 14 Aug 2023 13:23:09 GMT
server: nginx
etag: "18916-602e1f6a26940-gzip"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 34879
expires: Wed, 19 Feb 2025 01:19:10 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 112ms
37ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=Lato:300,400,400italic,600,700%7CRaleway:300,400,500,600,700%7CCrete+Round:400italic

Requested by

Host: winterthur.com
URL: https://winterthur.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0277f527788175164ede55f48d4271b9b0663a54b72b21e6ee5c14a2add963b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Feb 2024 01:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 01:19:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Feb 2024 01:19:10 GMT

GET
H2 200 bundle-all.css
winterthur.com/layout/styles/ 582 KB
93 KB 80ms
79ms Stylesheet
text/css 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://winterthur.com/layout/styles/bundle-all.css?v=4aac27bd
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 007b9aa4dc9940c38cc6036fa27744ceb8e48eed42ef3ac4829fe6caa1202c45

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:10 GMT
content-encoding: gzip
last-modified: Tue, 13 Feb 2024 07:18:14 GMT
server: nginx
etag: "917a7-6113e328cd980-gzip"
vary: Accept-Encoding,Origin
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 01:19:10 GMT

GET
H2 200 bundle-components.css
winterthur.com/layout/styles/ 23 KB
5 KB 36ms
35ms Stylesheet
text/css 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://winterthur.com/layout/styles/bundle-components.css?v=9be57226
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: b3810eec60b497648ae3e2790e5c1178cd6c179f0de83975b165e295df2d0493

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:10 GMT
content-encoding: gzip
last-modified: Tue, 13 Feb 2024 07:18:14 GMT
server: nginx
etag: "5ab8-6113e328cd980-gzip"
vary: Accept-Encoding,Origin
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4700
expires: Wed, 19 Feb 2025 01:19:10 GMT

GET
H2 200 custom.css
winterthur.com/files/design_assets/design-winterthur/css/ 116 KB
17 KB 60ms
59ms Stylesheet
text/css 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://winterthur.com/files/design_assets/design-winterthur/css/custom.css
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 25e02096bcb10848413baec193a86983995a78b60a04bf28830911e37062278c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:10 GMT
content-encoding: gzip
last-modified: Tue, 06 Feb 2024 13:18:08 GMT
server: nginx
etag: "1d03c-610b668ca4d63-gzip"
vary: Accept-Encoding,Origin
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 16803
expires: Wed, 19 Feb 2025 01:19:10 GMT

GET
H2 200 custom-nav-pulldown-menu.css
winterthur.com/files/design_assets/design-winterthur/css/ 4 KB
1 KB 80ms
80ms Stylesheet
text/css 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://winterthur.com/files/design_assets/design-winterthur/css/custom-nav-pulldown-menu.css
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 30a8e4002e91934de3dce201ae5fb905289e22d01bfdc173dea7a4d321bfd005

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:10 GMT
content-encoding: gzip
last-modified: Tue, 06 Feb 2024 13:18:06 GMT
server: nginx
etag: "113a-610b668b20a73-gzip"
vary: Accept-Encoding,Origin
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 995
expires: Wed, 19 Feb 2025 01:19:10 GMT

GET
H2 200 Logo_winterthur_switzerland-04c0c124.svg
winterthur.com/assets/images/e/ 5 KB
2 KB 79ms
78ms Image
image/svg+xml 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/assets/images/e/Logo_winterthur_switzerland-04c0c124.svg
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 6b3c0c659d02d1a5bf563a82fa025775198a8aaa678c5628b78e508b8080ee46

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:10 GMT
content-encoding: gzip
last-modified: Thu, 15 Feb 2024 00:29:27 GMT
server: nginx
etag: "13f0-61160b85b206b-gzip"
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1983
expires: Thu, 21 Mar 2024 01:19:10 GMT

GET
H2 200 Logo_winterthur_switzerland-e3a5ada4.svg
winterthur.com/assets/images/b/ 5 KB
2 KB 65ms
65ms Image
image/svg+xml 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/assets/images/b/Logo_winterthur_switzerland-e3a5ada4.svg
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 999690f3bea5eb4c28401bb9191bf91eb41cd8e960ee1cdffb8db8da92f18eeb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:10 GMT
content-encoding: gzip
last-modified: Mon, 12 Feb 2024 00:18:11 GMT
server: nginx
etag: "13f0-611243689cf9c-gzip"
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1985
expires: Thu, 21 Mar 2024 01:19:10 GMT

GET
H2 200 kunst-museum-header-keystory-blau-f9d434e3.webp
winterthur.com/assets/images/6/ 279 KB
280 KB 41ms
40ms Image
image/webp 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/assets/images/6/kunst-museum-header-keystory-blau-f9d434e3.webp
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 64e22b7ab1fdd353a1a08b86f2df85dc70f49d7bf5e8b449be6fa3d099a8e35c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:10 GMT
last-modified: Wed, 07 Feb 2024 03:01:53 GMT
server: nginx
etag: "45cd0-610c1eac01ac2"
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 285904

GET
H2 200 Winter%20Goldenberg%202023-fdf001c1.webp
winterthur.com/assets/images/b/ 311 KB
312 KB 77ms
77ms Image
image/webp 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/assets/images/b/Winter%20Goldenberg%202023-fdf001c1.webp
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: e3084d9ad88bc192de5a89d9c19ab4f549901db38d296c7aa02731ccfaca79a2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Mon, 12 Feb 2024 07:17:51 GMT
server: nginx
etag: "4dc32-6112a1356d7fd"
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 318514

GET
H2 200 technologie-exoskelett-high-72048ba7.webp
winterthur.com/assets/images/1/ 223 KB
223 KB 85ms
85ms Image
image/webp 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/assets/images/1/technologie-exoskelett-high-72048ba7.webp
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: bc828c3b65298718150f602e677cfedd7f4b3af5a271fccd641b8f06d082773c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Fri, 02 Feb 2024 00:58:26 GMT
server: nginx
etag: "37a40-6105b9c13e2b7"
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 227904

GET
H2 200 icon_auf_rot_Footer_NL_Web_06032023.png
winterthur.com/files/winterthur.com/media/logos/social-icons/ 9 KB
9 KB 102ms
101ms Image
image/png 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/files/winterthur.com/media/logos/social-icons/icon_auf_rot_Footer_NL_Web_06032023.png
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 839ed22d92bdccec42b7df6db855650db311a481aacdda1c5221706f89385dbb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Wed, 08 Mar 2023 14:34:22 GMT
server: nginx
etag: "23eb-5f6646c90ac7d"
vary: Origin
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9195
expires: Thu, 21 Mar 2024 01:19:11 GMT

GET
H2 200 icon_auf_rot_Footer_NL_Web_060320232.png
winterthur.com/files/winterthur.com/media/logos/social-icons/ 24 KB
24 KB 126ms
125ms Image
image/png 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/files/winterthur.com/media/logos/social-icons/icon_auf_rot_Footer_NL_Web_060320232.png
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: efc6f3ca8d5471179b7e764907866589c5d275b02e775d0491cb55e5430f7545

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Wed, 08 Mar 2023 14:34:22 GMT
server: nginx
etag: "5e2f-5f6646c8f3195"
vary: Origin
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 24111
expires: Thu, 21 Mar 2024 01:19:11 GMT

GET
H2 200 icon_auf_rot_Footer_NL_Web_060320233.png
winterthur.com/files/winterthur.com/media/logos/social-icons/ 12 KB
12 KB 103ms
102ms Image
image/png 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/files/winterthur.com/media/logos/social-icons/icon_auf_rot_Footer_NL_Web_060320233.png
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 91fc9e35d78acffef6862406294559ad59ca8c94400bbbea87ae5f26efdb60a8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Wed, 08 Mar 2023 14:34:21 GMT
server: nginx
etag: "2fc4-5f6646c8dd9d5"
vary: Origin
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12228
expires: Thu, 21 Mar 2024 01:19:11 GMT

GET
H2 200 icon_auf_rot_Footer_NL_Web_060320234.png
winterthur.com/files/winterthur.com/media/logos/social-icons/ 13 KB
13 KB 100ms
100ms Image
image/png 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/files/winterthur.com/media/logos/social-icons/icon_auf_rot_Footer_NL_Web_060320234.png
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 2803b18ce07ffc6fe5c507a94164a7cbd80120c2a13fd0e57fa352e2a3d554af

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Wed, 08 Mar 2023 14:34:21 GMT
server: nginx
etag: "33b9-5f6646c8c765d"
vary: Origin
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13241
expires: Thu, 21 Mar 2024 01:19:11 GMT

GET
H2 200 icon_auf_rot_Footer_NL_Web_060320235.png
winterthur.com/files/winterthur.com/media/logos/social-icons/ 23 KB
23 KB 126ms
126ms Image
image/png 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/files/winterthur.com/media/logos/social-icons/icon_auf_rot_Footer_NL_Web_060320235.png
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 824911724acf33ecf4f68e3f2a3a40e8a8a2900456eb7141de0d0e65fdd265ba

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Wed, 08 Mar 2023 14:36:55 GMT
server: nginx
etag: "5ce5-5f66475b57a95"
vary: Origin
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23781
expires: Thu, 21 Mar 2024 01:19:11 GMT

GET
H2 200 cart-count.min.js Show response
winterthur.com/layout/scripts/ 16 KB
5 KB 130ms
129ms Script
application/javascript 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://winterthur.com/layout/scripts/cart-count.min.js?v=7bae439f
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 12d6c218fe8a300ee98d6acb85ebfd9d08d53b4febc4f1571d8a900c8fdeae2b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
content-encoding: gzip
last-modified: Tue, 13 Feb 2024 07:19:31 GMT
server: nginx
etag: "3f3c-6113e3723c6c0-gzip"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5304
expires: Wed, 19 Feb 2025 01:19:11 GMT

GET
H2 200 bundle-all.js Show response
winterthur.com/layout/scripts/ 661 KB
189 KB 130ms
129ms Script
application/javascript 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://winterthur.com/layout/scripts/bundle-all.js?v=5d4e51d6
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: ee5082b3d02bc225d021aa9e99ead0dce1bc91289269fd66ac679d3ba36ab8dd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
content-encoding: gzip
last-modified: Tue, 13 Feb 2024 07:18:14 GMT
server: nginx
etag: "a540f-6113e328cd980-gzip"
vary: Accept-Encoding,Origin
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Feb 2025 01:19:11 GMT

GET
H2 200 9194921.js Show response
js.hs-scripts.com/ 1 KB
1 KB 219ms
169ms Script
application/javascript 2606:4700::6810:bf59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/9194921.js

Requested by

Host: winterthur.com
URL: https://winterthur.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bf59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a6a3186dc876a2b4bc9fe3b375f7d37d51aa1c8ac3f8819cd51b00475a6f9b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6a07c0e7-caa8-4cdc-9260-135643926e8b
x-envoy-upstream-service-time: 43
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6a07c0e7-caa8-4cdc-9260-135643926e8b
last-modified: Tue, 20 Feb 2024 00:29:09 GMT
server: cloudflare
x-trace: 2B7B6A4DE791E9743864DA7DE30AFA717278F93CA6000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.google.com
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-f7f4ffb8f-gjb4x
access-control-allow-credentials: true
cache-control: public, max-age=90
cf-ray: 8582eb7e29fa6acb-FRA
expires: Tue, 20 Feb 2024 01:20:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 210 KB
75 KB 344ms
41ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GCZZLT

Requested by

Host: winterthur.com
URL: https://winterthur.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c0064709b53f140dbbdebfe1b5fd2f6d0e1a65a818cf66bbe7ec657598cdb688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75900
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Feb 2024 01:19:11 GMT

GET
H2 200 qRgctrFz7_s Show response
www.youtube.com/embed/ Frame B279 93 KB
41 KB 158ms
95ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1

Requested by

Host: winterthur.com
URL: https://winterthur.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e7a2860de63d551f34de7a617c713e8f4d3e8937e35fd2b62b1f8e8d783e6ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winterthur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 01:19:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 17c99bb329c0536ada95a26503b5197c Show response
plugins.flockler.com/embed/iframe/17159abba35059d6930d36c151dafd54/ Frame 245E 2 KB
1 KB 143ms
54ms Document
text/html 2600:9000:237d:2600:15:c796:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://plugins.flockler.com/embed/iframe/17159abba35059d6930d36c151dafd54/17c99bb329c0536ada95a26503b5197c

Requested by

Host: winterthur.com
URL: https://winterthur.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:2600:15:c796:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

6551bd43824406c3af0c0ea4b60aec0dbc816857a85f115948ae475a8fccfc58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://winterthur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Tue, 20 Feb 2024 01:19:11 GMT
server: openresty
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-amz-cf-id: yinF7wGdT-CTdsPr9ZM1DpigXVShcILZuqySb2Elpae_D2xwbFL6KA==
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
x-request-id: 36425be6d3eec17808991e7ea9c8643d
x-robots-tag: noindex
x-runtime: 0.014748
x-ua-compatible: IE=edge

GET
H2 200 pattern2.png
winterthur.com/layout/images/ 82 KB
82 KB 147ms
147ms Image
image/png 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/layout/images/pattern2.png
Requested by: Host: winterthur.com
URL: https://winterthur.com/layout/styles/bundle-all.css?v=4aac27bd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 8421a2a9cd692523add6259df2a919cf17e1f480b5d048ba34fe6b714e93cdaa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Thu, 20 Jul 2023 08:08:57 GMT
server: nginx
etag: "1463d-600e6a8ef5840"
vary: Origin
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 83517
expires: Thu, 21 Mar 2024 01:19:11 GMT

GET
H2 200 calendar_4-neu.svg
winterthur.com/files/design_assets/design-winterthur/img/ 4 KB
2 KB 159ms
158ms Image
image/svg+xml 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/files/design_assets/design-winterthur/img/calendar_4-neu.svg
Requested by: Host: winterthur.com
URL: https://winterthur.com/files/design_assets/design-winterthur/css/custom.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: df4df46a6d431a7d08afa9380cd395065e165c00fd3ae22c2ed4c22709a494ab

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 08:40:21 GMT
server: nginx
etag: "ff3-5e876d8a16466-gzip"
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1344
expires: Thu, 21 Mar 2024 01:19:11 GMT

GET
H2 200 buchen_icon.svg
winterthur.com/files/design_assets/design-winterthur/img/ 3 KB
1 KB 160ms
159ms Image
image/svg+xml 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/files/design_assets/design-winterthur/img/buchen_icon.svg
Requested by: Host: winterthur.com
URL: https://winterthur.com/files/design_assets/design-winterthur/css/custom.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: f5781d06ed480e6b542359b341c8a993e01a560d91f82cf04f0f757d0c85f78c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 08:30:00 GMT
server: nginx
etag: "a9b-5e7e9e2bbec62-gzip"
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 975
expires: Thu, 21 Mar 2024 01:19:11 GMT

GET
H2 200 News_icon.svg
winterthur.com/files/design_assets/design-winterthur/img/ 1 KB
877 B 161ms
160ms Image
image/svg+xml 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/files/design_assets/design-winterthur/img/News_icon.svg
Requested by: Host: winterthur.com
URL: https://winterthur.com/files/design_assets/design-winterthur/css/custom.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 603fb54886912237fddacf25c3e631ab60dc82cc56b56c2c4d2ff49f49d4a2bc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 08:12:20 GMT
server: nginx
etag: "4ea-5e7e9a38d787b-gzip"
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 642
expires: Thu, 21 Mar 2024 01:19:11 GMT

GET
H2 200 contact_3.svg
winterthur.com/files/design_assets/design-winterthur/img/ 2 KB
1 KB 175ms
174ms Image
image/svg+xml 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/files/design_assets/design-winterthur/img/contact_3.svg
Requested by: Host: winterthur.com
URL: https://winterthur.com/files/design_assets/design-winterthur/css/custom.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: c69ed412de52f0b0e4eabc487f093403bbbc1d8f696034b78d6c75c204f60cac

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 08:38:15 GMT
server: nginx
etag: "9f3-5e7ea0031b4a3-gzip"
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 978
expires: Thu, 21 Mar 2024 01:19:11 GMT

GET
H2 200 lineto-circular-black.woff2
winterthur.com/files/design_assets/design-winterthur/css/fonts/ 56 KB
57 KB 141ms
140ms Font
application/x-font-woff 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://winterthur.com/files/design_assets/design-winterthur/css/fonts/lineto-circular-black.woff2
Requested by: Host: winterthur.com
URL: https://winterthur.com/files/design_assets/design-winterthur/css/custom.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 05e4b076afe7acb75c319321adca031258042575398196e52ee10af56d37536f

Request headers

Referer: https://www.google.com/
Origin: https://winterthur.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Tue, 07 Jun 2016 10:09:34 GMT
server: nginx
etag: "e18c-534ad62bb9380"
vary: Origin
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 57740
expires: Thu, 21 Mar 2024 01:19:11 GMT

GET
H2 200 twblue.woff2
winterthur.com/layout/styles/fonts/ 204 KB
204 KB 137ms
136ms Font
application/x-font-woff 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://winterthur.com/layout/styles/fonts/twblue.woff2?1qsw0m
Requested by: Host: winterthur.com
URL: https://winterthur.com/layout/styles/bundle-all.css?v=4aac27bd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 6fe04cc16e4da41a7438043be893b3999fdf5a80d96de925f19d52a8f1a0b190

Request headers

Referer: https://www.google.com/
Origin: https://winterthur.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Thu, 20 Jul 2023 08:08:57 GMT
server: nginx
etag: "32f2c-600e6a8ef5840"
vary: Origin
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 208684
expires: Thu, 21 Mar 2024 01:19:11 GMT

GET
H2 200 lineto-circular-book.woff2
winterthur.com/files/design_assets/design-winterthur/css/fonts/ 50 KB
50 KB 150ms
150ms Font
application/x-font-woff 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://winterthur.com/files/design_assets/design-winterthur/css/fonts/lineto-circular-book.woff2
Requested by: Host: winterthur.com
URL: https://winterthur.com/files/design_assets/design-winterthur/css/custom.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 39c5d1ed54e49102939d0280aeb20f01ef021bf5ffa74dc25fcafb43fce62ff3

Request headers

Referer: https://www.google.com/
Origin: https://winterthur.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Tue, 07 Jun 2016 10:09:38 GMT
server: nginx
etag: "c7a8-534ad62f89c80"
vary: Origin
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 51112
expires: Thu, 21 Mar 2024 01:19:11 GMT

GET
H2 200 embed-v2.js Show response
fl-1.cdn.flockler.com/embed/ Frame 245E 37 KB
11 KB 113ms
26ms Script
text/javascript 2600:9000:225e:c200:1a:4777:d980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fl-1.cdn.flockler.com/embed/embed-v2.js
Requested by: Host: plugins.flockler.com
URL: https://plugins.flockler.com/embed/iframe/17159abba35059d6930d36c151dafd54/17c99bb329c0536ada95a26503b5197c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c200:1a:4777:d980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f0d1abb081d619f809b6adf54539335cc8dfe5102cab05cca85b9c35aa35bea7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:06:04 GMT
content-encoding: gzip
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 827
x-cache: Hit from cloudfront
content-length: 10768
x-trans-id: tx6b2819165a7341beb4485-0065cdab18lon3
last-modified: Thu, 08 Jun 2023 09:44:11 GMT
etag: 8afe84c41f17a2cee8e567c91e571844
vary: Accept-Encoding
content-type: text/javascript
x-timestamp: 1686217450.83385
cache-control: public, max-age=877
accept-ranges: bytes
x-amz-cf-id: 2SdE1U5mgGORQUU5Z6jAI6Ckh8x7WSZrWF-n0Z8vIX2FE-rCE7jqhg==
expires: Tue, 20 Feb 2024 01:20:01 GMT

GET
H2 200 17c99bb329c0536ada95a26503b5197c Show response
plugins.flockler.com/embed/17159abba35059d6930d36c151dafd54/ Frame 245E 7 KB
3 KB 33ms
32ms Script
text/javascript 2600:9000:237d:2600:15:c796:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://plugins.flockler.com/embed/17159abba35059d6930d36c151dafd54/17c99bb329c0536ada95a26503b5197c?extra[popup]=false

Requested by

Host: plugins.flockler.com
URL: https://plugins.flockler.com/embed/iframe/17159abba35059d6930d36c151dafd54/17c99bb329c0536ada95a26503b5197c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:2600:15:c796:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

382cd5166adfa5e843796310848599d1b053797d206d26e33044465c3ca899ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
date: Tue, 20 Feb 2024 01:19:11 GMT
x-amz-cf-pop: MUC50-P2
x-cache: RefreshHit from cloudfront
x-request-id: 4fb02333b8e94fd8f72b769787c2a83d
x-ua-compatible: IE=edge
x-runtime: 0.027701
last-modified: Mon, 19 Feb 2024 22:29:03 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-robots-tag: noindex
x-amz-cf-id: SWu4ER1jhjLqlpipNciIOyw2RV5pRW-pLc0D-A5HYCIRYirC0vp9cg==

GET
H2 200 www-player.css
www.youtube.com/s/player/5683fc5e/ Frame B279 366 KB
47 KB 23ms
23ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5683fc5e/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 23:43:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48183
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 05:24:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 18 Feb 2025 23:43:46 GMT

GET KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B279 0
0

GET KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B279 0
0

GET
H2 200 embed.js Show response
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame B279 53 KB
17 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adb0e74d3179802bb946d3487d460e61a98cdddfc16528a27fedb74e7f01de99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 08:32:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 492400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16886
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 05:24:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Feb 2025 08:32:31 GMT

GET
H2 200 www-embed-player.js
www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/ Frame B279 113 KB
0 30ms
29ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 23:29:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96927
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 05:24:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 18 Feb 2025 23:29:02 GMT

GET base.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame B279 0
0

GET
H2 200 embed-wall_v2.js Show response
plugins.flockler.com/embed/v3/ Frame 245E 293 KB
73 KB 20ms
20ms Script
text/javascript 2600:9000:237d:2600:15:c796:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://plugins.flockler.com/embed/v3/embed-wall_v2.js

Requested by

Host: plugins.flockler.com
URL: https://plugins.flockler.com/embed/17159abba35059d6930d36c151dafd54/17c99bb329c0536ada95a26503b5197c?extra[popup]=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:2600:15:c796:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

463d6c4e1e1ca78645a28d1cce638ccf31273ae17ee786fd4a7b33ee1979570e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:10:35 GMT
content-encoding: br
via: 1.1 e5f838cca0e0de4bbf3520e7a4d3ae3e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P2
age: 517
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 06 Feb 2024 08:32:29 GMT
server: AmazonS3
etag: W/"993cc1cc1b52448f8a2bafd492b34c52"
vary: Accept-Encoding, Origin
x-frame-options: DENY
content-type: text/javascript
cache-control: public, max-age=900, must-revalidate
x-amz-cf-id: cEceTIOudPOucWG9e-8HWBJ6d1T9ekpP2hqoOPmjahuspyhma88UNw==

GET
H2 200 print.css
winterthur.com/files/design_assets/design-winterthur/css/ 18 KB
3 KB 24ms
24ms Stylesheet
text/css 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to

Full URL: https://winterthur.com/files/design_assets/design-winterthur/css/print.css
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 5e7d1261a5c6a2d85b01cdba390614c8ecc370fdaa38b45fdb100934b942afc2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
content-encoding: gzip
last-modified: Tue, 06 Feb 2024 13:18:10 GMT
server: nginx
etag: "4931-610b668e53033-gzip"
vary: Accept-Encoding,Origin
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3337
expires: Wed, 19 Feb 2025 01:19:11 GMT

GET
H2 200 preloader.gif
winterthur.com/layout/images/ 2 KB
2 KB 42ms
41ms Image
image/gif 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/layout/images/preloader.gif
Requested by: Host: winterthur.com
URL: https://winterthur.com/layout/styles/bundle-all.css?v=4aac27bd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 6d5768ebfbbe4754cda8f077aa765f5b0f462e1dc7e2937f48c44b9c390bb527

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Thu, 20 Jul 2023 08:08:57 GMT
server: nginx
etag: "864-600e6a8ef5840"
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2148
expires: Thu, 21 Mar 2024 01:19:11 GMT

GET
H3 200 qRgctrFz7_s Show response
www.youtube.com/embed/ Frame 32D5 92 KB
39 KB 82ms
81ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1

Requested by

Host: winterthur.com
URL: https://winterthur.com/layout/scripts/jquery.js?v=ea40c615

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f01557338618032766d6a32f838968bb1b52e1a1f370caa7937704a7fc5134b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winterthur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 01:19:11 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
25 KB 78ms
36ms Script
application/javascript 2606:4700::6811:faa8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9194921.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:faa8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67a2ef843448fd18bbff44f59c6347d9ac79b757722a14988efbc9210a02e0a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
x-amz-version-id: pcABCp7aTfnslFOuXS9T9WQPLRPjzj27
via: 1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 275
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.15480/bundles/project.js&cfRay=8582e4c78f351e56-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 0ee354b4-7bbd-4a4a-aff4-76e1937c6c13
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0ee354b4-7bbd-4a4a-aff4-76e1937c6c13
last-modified: Thu, 15 Feb 2024 15:13:02 UTC
server: cloudflare
etag: W/"daadcf17e8fb7d655d233f6a0f1e4d72"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-t25qt
cf-ray: 8582eb7ff8e01e4d-FRA
x-amz-cf-id: SwhCkdWETk7Jwo0vM3tLWIM3lIHCSsiES_ce94-qDqGDt8E3-ezmvQ==
x-hs-target-asset: conversations-embed/static-1.15480/bundles/project.js

GET
H2 200 9194921.js Show response
js.hs-analytics.net/analytics/1708391700000/ 66 KB
21 KB 471ms
429ms Script
text/javascript 2606:4700::6810:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1708391700000/9194921.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9194921.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e86068178794bda0bdb8bd9e78217a13d86553f01115fcb549cc50ba844062

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: Q4NC3D91CTW4KDFA
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: e27bf431-4bed-4733-b587-1d4481350b92
x-envoy-upstream-service-time: 26
x-amz-id-2: YAPw4PjTqH4tTeEqCBov8OxEm9X8KH7HqPTStwQG6XfRclrcVGcM0Edq0WbRvKVu1U5CqZJ3N5E=
x-evy-trace-listener: listener_https
x-request-id: e27bf431-4bed-4733-b587-1d4481350b92
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 03 Jan 2024 16:47:48 GMT
server: cloudflare
etag: W/"0a4de3e2e87b1aa46bd31e45d5532386"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-pbs6d
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8582eb7ff9909213-FRA
expires: Tue, 20 Feb 2024 01:24:11 GMT

GET
H2 200 9194921.js Show response
js.hs-banner.com/ 65 KB
18 KB 372ms
322ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/9194921.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/9194921.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb5378a30ee4ccb9328aa91047d7204296a91f04f7431d78fe83765f420d5acc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
x-amz-version-id: Zq258MIcc4t7g7aJ1OjIrJUXwADuVq7W
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: KHA4BPZR27ZGA33G
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 3a0ff4cc-2c05-446a-ba74-d96090e76ee3
x-envoy-upstream-service-time: 18
x-amz-id-2: J7vlyDok4wUYN9efBC/yxrztdWiVLV7U0PKdT1me0NPDn2XRaFPWdwLDVc52rPEuM23YCut3Gy0=
x-evy-trace-listener: listener_https
x-request-id: 3a0ff4cc-2c05-446a-ba74-d96090e76ee3
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 06 Feb 2024 16:58:07 GMT
server: cloudflare
etag: W/"25bcb65988169c47704fb3fdf8f42a20"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://winterthur.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-rk9w9
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8582eb800e624d95-FRA
expires: Tue, 20 Feb 2024 01:24:11 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/5683fc5e/ Frame 32D5 366 KB
47 KB 23ms
23ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5683fc5e/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 23:43:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48183
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 05:24:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 18 Feb 2025 23:43:46 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame 32D5 53 KB
17 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adb0e74d3179802bb946d3487d460e61a98cdddfc16528a27fedb74e7f01de99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 08:32:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 492400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16886
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 05:24:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Feb 2025 08:32:31 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/ Frame 32D5 318 KB
95 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30eb44d1bd919de19f5884ded89d326c05c5537aed690c6aac1175dc4aa6179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 23:29:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96927
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 05:24:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 18 Feb 2025 23:29:02 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame 32D5 2 MB
777 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a625134502f8fae2ae5f7d003418199f4dce50c1c63b89178f95455e87b9b1e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 08:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795740
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 05:24:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Feb 2025 08:32:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 32D5 15 KB
15 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.youtube.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:04:02 GMT
x-content-type-options: nosniff
age: 576909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 09:04:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 32D5 15 KB
15 KB 32ms
32ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.youtube.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 13:40:25 GMT
x-content-type-options: nosniff
age: 387526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Feb 2025 13:40:25 GMT

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 235ms
166ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=9194921&conversations-embed=static-1.15480&mobile=false&messagesUtk=4d832c02183f45d393ef565599dadc6b&traceId=4d832c02183f45d393ef565599dadc6b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://winterthur.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://winterthur.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8582eb80cb2835e8-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Tue, 20 Feb 2024 01:19:11 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgI%2BghySlYCpbW8xSN2FhkXI0ZPpQ0EhnycVw0w%2F0E1JIZlZf8nsrecFxJ5Xd0SzzEzWimr4Eg%2BxCr6TJ5QZPa%2F2VI5s3fAa4DHvJLzz0LUJ0KwncsIFNbOSBVq1SoG2OaqARtsPrw%2FwbJjmLA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 17
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-f7f4ffb8f-vxj62
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 2534fe9f-2d75-4a20-ad3a-b60666b85db9
x-request-id: 2534fe9f-2d75-4a20-ad3a-b60666b85db9
x-trace: 2B23C451BF5F673E715A5DC6BDD139542BBC58220C000000000000000000

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 249ms
249ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c17ce2f539969b2bb5137b9218d4ae4d3e113587999aa949d994dcde1f91f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
X-HubSpot-Messages-Uri: https://winterthur.com/de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9a9f0e7f-ae04-4272-a4ab-713ee23fe0a8
x-envoy-upstream-service-time: 114
content-length: 1474
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9a9f0e7f-ae04-4272-a4ab-713ee23fe0a8
server: cloudflare
x-trace: 2BEA65B74A0F41748D62877D3C294CD4C8B9F5EDAD000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://winterthur.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-f7f4ffb8f-mh9f5
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1ynYip6TGKLeVruZlEdNVn2hlf6AQ5kvZ3f145SbIhSSNvi1k0X54CvYbwH9z2Q1mmWPxY8aYYtTBETGtOzER%2Fe7va8573wWYwvCnnVcxTHUVsLteK3kgWXd0MTSx08Hdmn5tGSQpJCxo2Y6w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8582eb81bb7435e8-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 263 KB
89 KB 47ms
34ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KHK8PDQJZV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GCZZLT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6e13eb85aa1918ca89f5375aa00cef75d64445ac78b3c258a1f3da00365cf40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91383
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 20 Feb 2024 01:19:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 92ms
21ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GCZZLT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Feb 2024 23:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5462
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 20 Feb 2024 01:48:09 GMT

GET
H2 200 geschenkbox-mood-724e9597.webp
winterthur.com/assets/images/0/ 94 KB
95 KB 54ms
52ms Image
image/webp 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/assets/images/0/geschenkbox-mood-724e9597.webp
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 3ba20842bc686bf0737ae9db6d0162d8df73781bddb2f65494a2f93f3e480b57

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Thu, 01 Feb 2024 01:38:21 GMT
server: nginx
etag: "178e6-610480cfbdc01"
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 96486

GET
H2 200 weinwanderung-galluskapelle-6b14c6f4.webp
winterthur.com/assets/images/d/ 199 KB
199 KB 54ms
52ms Image
image/webp 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/assets/images/d/weinwanderung-galluskapelle-6b14c6f4.webp
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 6f17fdb45a0c68fc471e5f45aed588768e97dc0242ea75ce4d4be96a70efc9df

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Wed, 14 Feb 2024 04:42:55 GMT
server: nginx
etag: "31c64-6115024f283ef"
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 203876

GET
H2 200 Hofladen%20Martella%20Hof%20Herbst%202023_1-c2054631.webp
winterthur.com/assets/images/2/ 142 KB
142 KB 55ms
53ms Image
image/webp 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/assets/images/2/Hofladen%20Martella%20Hof%20Herbst%202023_1-c2054631.webp
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: b1d2b57c4cc6dddac218204fb58256abbe0fc42302a1ae8d4fb505ef75f6f2ef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Sat, 03 Feb 2024 00:17:30 GMT
server: nginx
etag: "23696-6106f277aed46"
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 145046

GET
H2 200 team%20grab-4fde4904.webp
winterthur.com/assets/images/0/ 133 KB
134 KB 67ms
66ms Image
image/webp 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/assets/images/0/team%20grab-4fde4904.webp
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 3a3172b01ced74fd7589eb5dc59fffc7f36942120aa6bcffbe65b9e300357e92

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Thu, 01 Feb 2024 01:38:20 GMT
server: nginx
etag: "21574-610480cedce59"
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 136564

GET
H2 200 restaurant-strickers-62ad4513.webp
winterthur.com/assets/images/b/ 84 KB
84 KB 71ms
69ms Image
image/webp 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/assets/images/b/restaurant-strickers-62ad4513.webp
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: c16d053dfd33fa8404fa522de0f2be81622ce0c3eb7deb8088a49c8ec45121a4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Mon, 12 Feb 2024 00:29:22 GMT
server: nginx
etag: "14eba-611245e8053e0"
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 85690

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 117ms
40ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KHK8PDQJZV&gtm=45je42e0v871324153z8855358186za200&_p=1708391951011&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1804087311.1708391952&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708391951&sct=1&seg=0&dl=https%3A%2F%2Fwinterthur.com%2Fde%2F&dt=Winterthur%20Switzerland%20-%20House%20of%20Winterthur&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1749
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHK8PDQJZV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 01:19:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winterthur.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 111ms
35ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KHK8PDQJZV&cid=1804087311.1708391952&gtm=45je42e0v871324153z8855358186za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KHK8PDQJZV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 01:19:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winterthur.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
408 B 120ms
45ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KHK8PDQJZV&cid=1804087311.1708391952&gtm=45je42e0v871324153z8855358186za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&z=247191149

Requested by

Host: winterthur.com
URL: https://winterthur.com/de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 01:19:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 32D5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

29ms
28ms

XHR
application/json

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d0cb0d3fdd3b5d367bc257582f488104eec50a8003a3241f07de4b121a68203

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Feb 2024 01:19:11 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 32D5 29 B
495 B 75ms
22ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:12:15 GMT
x-content-type-options: nosniff
age: 416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Feb 2024 01:27:15 GMT

OPTIONS
H2 200 posts
api.flockler.app/v2/17159abba35059d6930d36c151dafd54/ Frame 0
0 109ms
43ms Preflight 2600:9000:20c3:7a00:1:1ee4:a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.flockler.app/v2/17159abba35059d6930d36c151dafd54/posts?embedUuid=17c99bb329c0536ada95a26503b5197c&count=12&filterBySectionIds[]=40298&include[products]=true&reqType=loadInitial

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20c3:7a00:1:1ee4:a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-fl-api-key,x-fl-embed-location
Access-Control-Request-Method: GET
Origin: https://plugins.flockler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public, max-age=5, must-revalidate
date: Tue, 20 Feb 2024 01:19:11 GMT
server: openresty
strict-transport-security: max-age=63072000; preload
vary: Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 6f5ba49c3df973a476d63dbb743d9b22.cloudfront.net (CloudFront)
x-amz-cf-id: Gd3SzMNGfgtgwN0D4A_RxJVo27Vxpiykg4wMTkhaOkq2kwpSKG3pnw==
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 loading.gif
fl-1.cdn.flockler.com/embed/ Frame 245E 4 KB
4 KB 23ms
22ms Image
image/gif 2600:9000:225e:c200:1a:4777:d980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fl-1.cdn.flockler.com/embed/loading.gif
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c200:1a:4777:d980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d3392bf20045832b864377d90961d6d34e066c0dc3098bf9585e2fabed40283c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:16:41 GMT
via: 1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 210
x-cache: Hit from cloudfront
content-length: 3796
x-trans-id: tx25da465c9c6c470fa6a9c-0065cde5d1lon3
last-modified: Fri, 20 Nov 2020 07:16:56 GMT
etag: "4547445219ed36d13458aa3a229b9828"
content-type: image/gif
x-timestamp: 1605856615.62796
cache-control: public, max-age=858
x-static-large-object: True
accept-ranges: bytes
x-amz-cf-id: GJCFdU27Bah8VnXTuSFjf1haFXqqpGyiW12GTXtWQBQy_0GKmRqugA==
expires: Tue, 20 Feb 2024 01:29:59 GMT

GET
H2 200 posts Show response
api.flockler.app/v2/17159abba35059d6930d36c151dafd54/ Frame 245E 30 KB
7 KB 160ms
160ms Fetch
application/json 2600:9000:20c3:7a00:1:1ee4:a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.flockler.app/v2/17159abba35059d6930d36c151dafd54/posts?embedUuid=17c99bb329c0536ada95a26503b5197c&count=12&filterBySectionIds[]=40298&include[products]=true&reqType=loadInitial

Requested by

Host: plugins.flockler.com
URL: https://plugins.flockler.com/embed/v3/embed-wall_v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20c3:7a00:1:1ee4:a40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

c35a245f0be517e3bfd57278300abb58f2b367d3598048cb0c3edc1105cedf3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
X-FL-Embed-Location: https://plugins.flockler.com/embed/iframe/17159abba35059d6930d36c151dafd54/17c99bb329c0536ada95a26503b5197c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
X-FL-API-Key: 552803d8911ea315334ac57ef4839ebd625beb64

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
strict-transport-security: max-age=63072000; preload
x-content-type-options: nosniff
content-encoding: gzip
x-amz-cf-pop: MUC50-C1
via: 1.1 6f5ba49c3df973a476d63dbb743d9b22.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-request-id: a9f71bb32024e287f52d98498b41ada9
x-ua-compatible: IE=edge
x-runtime: 0.113841
last-modified: Tue, 20 Feb 2024 01:19:11 GMT
server: openresty
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5, must-revalidate
access-control-allow-max-age: 86400
x-amz-cf-id: _KaEJw1ID8zWKr0ypv-NybChOO76P4CPJc7Et2PMP4usx8FEEgSHiw==

GET
H2 200 velo-faescht-2-min-a8046bcc.webp
winterthur.com/assets/images/6/ 173 KB
174 KB 44ms
43ms Image
image/webp 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/assets/images/6/velo-faescht-2-min-a8046bcc.webp
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 808fe531c6e9695d82459cfada6e511f6042900d39f5f01d9149bddd5b178ab7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
last-modified: Wed, 07 Feb 2024 03:01:57 GMT
server: nginx
etag: "2b53a-610c1eb03134b"
vary: Origin
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 177466

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
221 B 28ms
27ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1170849849&t=pageview&_s=1&dl=https%3A%2F%2Fwinterthur.com%2Fde%2F&ul=en-us&de=UTF-8&dt=Winterthur%20Switzerland%20-%20House%20of%20Winterthur&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1832594686&gjid=79104857&cid=1804087311.1708391952&tid=UA-100570488-8&_gid=1569242104.1708391952&_r=1&_slc=1&gtm=45He42e0n815GCZZLTv855358186za200&gcd=13l3l3l3l1&dma=0&z=644795034

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

c1923ab7c1ee44da0c91fac0b206a82f45553b13f91dbd1fff8b6bdd90e1d519

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Feb 2024 01:19:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winterthur.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 84ms
30ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 20 Feb 2024 01:19:11 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 32D5 86 KB
40 KB 41ms
41ms XHR
application/json+protobuf 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71860dfb9583c313d757437483894d70ffca9405fc373d6919c73516f37dd95b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.google.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40755
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame 32D5 118 KB
33 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

995d911b164843c6c2eb0a86d028f14e5d08971da5b51681b60f478bd781d8f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 08:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 492359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34032
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 05:24:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 13 Feb 2025 08:33:12 GMT

GET
H2 200 nML6sO0rp_owOkRMsF5s0qJry7DmnW_dXxSd8CRnFU8.js Show response
www.google.com/js/th/ Frame 32D5 50 KB
20 KB 76ms
23ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/nML6sO0rp_owOkRMsF5s0qJry7DmnW_dXxSd8CRnFU8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cc2fab0ed2ba7fa303a444cb05e6cd2a26bcbb0e69d6fdd5f149df02467154f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 23:46:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 351188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 23:46:03 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/qRgctrFz7_s/ Frame 32D5 44 KB
45 KB 86ms
31ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/qRgctrFz7_s/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGEsgYyhlMA8=&rs=AOn4CLApOoYhIBuhHsmovrBmldK3EYkX0w

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb263439edf30551f985827ca0f5c11710a1a0060aba81a8b4e11bd9f85e81dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45158
x-xss-protection: 0
server: sffe
etag: "1677240224"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Feb 2024 03:19:11 GMT

GET
DATA 200
OK truncated
/ Frame 32D5 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AIf8zZSIRiI9GP2Kiv58iD7asEE8x-4AwjCRBgey01qVoA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 32D5 3 KB
3 KB 119ms
37ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIf8zZSIRiI9GP2Kiv58iD7asEE8x-4AwjCRBgey01qVoA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9d7cf625a0c4138f704ff1c7a396205e31080f517891d04d672628ba8a3c1861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 21:55:59 GMT
x-content-type-options: nosniff
age: 12192
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2855
x-xss-protection: 0
server: fife
etag: "v4d8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 20 Feb 2024 21:55:59 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 33ms
33ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-100570488-8&cid=1804087311.1708391952&jid=1832594686&gjid=79104857&_gid=1569242104.1708391952&_u=YADAAEAAAAAAACAAI~&z=1892570674

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Feb 2024 01:19:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://winterthur.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 404 js
www.googletagmanager.com/gtag/ 0
0 34ms
34ms Script
text/html 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.googletagmanager.com/gtag/js?id=G-R27XQF5LVW&cx=c&_slc=1
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

POST
H2 204 view Show response
js.hs-banner.com/cookie-banner-public/v1/activity/ 0
173 B 138ms
138ms XHR
text/plain 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-banner.com/cookie-banner-public/v1/activity/view

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/9194921.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7f9a011b-9b0f-4f1c-9b34-289e808e4153
x-envoy-upstream-service-time: 17
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7f9a011b-9b0f-4f1c-9b34-289e808e4153
server: cloudflare
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://winterthur.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary: origin
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-rk9w9
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8582eb84cfb335f3-FRA

OPTIONS
H2 200 view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 0
0 354ms
309ms Preflight
application/octet-stream 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://winterthur.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://winterthur.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 8582eb82df2b35f3-FRA
content-length: 0
content-type: application/octet-stream
date: Tue, 20 Feb 2024 01:19:12 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 0
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-hgmm2
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 46d9c4d5-3d6f-42f6-9f11-f1196e2f622d
x-request-id: 46d9c4d5-3d6f-42f6-9f11-f1196e2f622d

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 32D5 4 KB
2 KB 105ms
51ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 01:19:11 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 32D5 0
10 B 23ms
23ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?unIjRg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/qRgctrFz7_s?modestbranding=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 32D5 90 B
134 B 35ms
35ms XHR
application/json+protobuf 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c01cf3910e58c009f6774db999e6f6ca451f09e4206cb8c88e8d9224d4b57fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.google.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 20 Feb 2024 01:19:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 31ms
30ms Preflight
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 20 Feb 2024 01:19:11 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 4d832c02183f45d393ef565599dadc6b Show response
app.hubspot.com/conversations-visitor/9194921/threads/utk/ Frame 8D5E 52 KB
20 KB 230ms
188ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/9194921/threads/utk/4d832c02183f45d393ef565599dadc6b?uuid=544085e2860a4c77b06256b6c4031925&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=winterthur.com&inApp53=false&messagesUtk=4d832c02183f45d393ef565599dadc6b&url=https%3A%2F%2Fwinterthur.com%2Fde%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00f82510fc38c1d97a2d1ffc9741f063c2c24a6358fd357f52dca89892c8778d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Referer: https://winterthur.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

access-control-allow-credentials: false
age: 789
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 8582eb83a9cf4d94-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.17932/html/index.html&cfRay=8582eb83a9cf4d94&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F9194921%2Fthreads%2Futk%2F4d832c02183f45d393ef565599dadc6b%3Fuuid%3D544085e2860a4c77b06256b6c4031925%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dwinterthur.com%26inApp53%3Dfalse%26messagesUtk%3D4d832c02183f45d393ef565599dadc6b%26url%3Dhttps%253A%252F%252Fwinterthur.com%252Fde%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fwinterthur.com%2F&cfenv=prod&pdt=2024-02-20&csp=ro
content-type: text/html; charset=utf-8
date: Tue, 20 Feb 2024 01:19:12 GMT
etag: W/"d4aa93d87df56bd57c89ae337ce0d155"
last-modified: Thu, 15 Feb 2024 15:13:02 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=8582eb83a9cf4d94&resource=conversations-visitor-ui/static-1.17932/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 caafbc8a9aa04b09dd564a3ddef60622.cloudfront.net (CloudFront)
x-amz-cf-id: UkmRYUrAbVWMZiiX3la0rGDEq4UISSg_dHgYvgTIM3BNPiuEKG7SHA==
x-amz-cf-pop: IAD12-P3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: O.AlTENDwtCGVNAvszq8XbdWDSqkkDoa
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-748b697-mjwfl
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.17932/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: c1e2af5a-350e-4412-94d4-7e5ce1c35177
x-request-id: c1e2af5a-350e-4412-94d4-7e5ce1c35177

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/121/ Frame 32D5 50 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/121/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 05:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 16:05:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 20 Feb 2024 05:08:05 GMT

OPTIONS
H2 200 17159abba35059d6930d36c151dafd54
stats-api.flockler.app/v1/stats/ Frame 0
0 104ms
20ms Preflight
application/json 13.225.78.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stats-api.flockler.app/v1/stats/17159abba35059d6930d36c151dafd54?campaignId=4698&postIds=138631150,138678754,138865303,138941243,138942061,139284795,139290475,139349161,139448824,139661250,139717900,139803087&sig=2586ed71328f75ed1a218ea35d8b2d389355f1863029a6b8b92e50ee277283b5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-114.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://plugins.flockler.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,X-Amzn-Trace-Id
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: *
age: 46197
content-length: 0
content-type: application/json
date: Mon, 19 Feb 2024 12:29:15 GMT
via: 1.1 d147b4a7fe31d4e8683f7d8b15b71906.cloudfront.net (CloudFront), 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
x-amz-apigw-id: TYhwSHT3liAEZ7w=
x-amz-cf-id: e2mLU4Rk3CvILe7Xu16JCDTosdrSqUKX_JO8HqaedCW5YoJNwcF6uw==
x-amz-cf-pop: FRA60-P5 FRA2-C2
x-amzn-requestid: 7abd7164-3853-4ee3-8463-1b4f2037bdb3
x-cache: Hit from cloudfront

GET
H2 200 17159abba35059d6930d36c151dafd54 Show response
stats-api.flockler.app/v1/stats/ Frame 245E 2 KB
823 B 78ms
78ms Fetch
application/json 13.225.78.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stats-api.flockler.app/v1/stats/17159abba35059d6930d36c151dafd54?campaignId=4698&postIds=138631150,138678754,138865303,138941243,138942061,139284795,139290475,139349161,139448824,139661250,139717900,139803087&sig=2586ed71328f75ed1a218ea35d8b2d389355f1863029a6b8b92e50ee277283b5
Requested by: Host: plugins.flockler.com
URL: https://plugins.flockler.com/embed/v3/embed-wall_v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-114.fra2.r.cloudfront.net
Software: /
Resource Hash: 90d0b15bf00752cb624b1bd82eb8884633c89ac4d54f9f069c89195175916c2f

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
content-encoding: gzip
via: 1.1 b459d8cae3f218ce39711fc3ecdcc998.cloudfront.net (CloudFront), 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5, FRA2-C2
x-amzn-requestid: 3da1b8fc-8f12-4afc-9255-8158f5a1d260
x-amzn-trace-id: Root=1-65d3fe10-75288acc400b5e3f7c49ebea;Parent=54ce490ac91ddbb8;Sampled=0;lineage=4b587ea5:0
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=900, stale-while-revalidate=30, stale-if-error=30
x-amz-apigw-id: TaSijFxSFiAEQrA=
content-length: 283
x-amz-cf-id: 5X8yjTF5CkHjc99xGZs_Fiss47nE6vc6mIGlF-dvwZyrnNq5Hnr5vA==

GET
DATA 200
OK truncated
/ Frame 245E 551 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 329eba2ea07aa894509e990ca7a2b11765d386135beda3827e63e54c0f6a71d5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

424706677_811745000993399_5139466497225258440_n.jpg
scontent-fra5-2.xx.fbcdn.net/v/t39.30808-6/ Frame 245E
Redirect Chain

https://media-api.flockler.com/facebook/image/169059432553_811746610993238
https://scontent-fra5-2.xx.fbcdn.net/v/t39.30808-6/424706677_811745000993399_5139466497225258440_n.jpg?stp=dst-jpg_p720x720&_nc_cat=109&ccb=1-7&_nc_sid=3635dc&_nc_ohc=YkrcY9QFnyMAX95VAek&_nc_ht=sco...

66 KB
66 KB

65ms
23ms

Image
image/jpeg

2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra5-2.xx.fbcdn.net/v/t39.30808-6/424706677_811745000993399_5139466497225258440_n.jpg?stp=dst-jpg_p720x720&_nc_cat=109&ccb=1-7&_nc_sid=3635dc&_nc_ohc=YkrcY9QFnyMAX95VAek&_nc_ht=scontent-fra5-2.xx&edm=AKIiGfEEAAAA&oh=00_AfBnknE38O8iy_DpxcE3k2ATdCMTfxOu64Y69vs_mWmyUw&oe=65D4E364
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Server: 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: dc877dded5a6b7a7ddb2a493cd735de9b5a418b0ce2ba20497666e2778b5b706

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 16 Feb 2024 12:08:39 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=23154903
thrift_fmhk: GBD5iViB1zAbg+SXBKd50uIrFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 374707696
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 67597

Redirect headers

date: Fri, 16 Feb 2024 12:24:46 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
last-modified: Fri, 16 Feb 2024 12:18:46 GMT
x-amz-cf-pop: FRA56-P7
age: 305666
x-cache: Hit from cloudfront
location: https://scontent-fra5-2.xx.fbcdn.net/v/t39.30808-6/424706677_811745000993399_5139466497225258440_n.jpg?stp=dst-jpg_p720x720&_nc_cat=109&ccb=1-7&_nc_sid=3635dc&_nc_ohc=YkrcY9QFnyMAX95VAek&_nc_ht=scontent-fra5-2.xx&edm=AKIiGfEEAAAA&oh=00_AfBnknE38O8iy_DpxcE3k2ATdCMTfxOu64Y69vs_mWmyUw&oe=65D4E364
cache-control: public, must-revalidate
x-robots-tag: noindex
x-amz-cf-id: AZLhwoMHNI85gpFMAF8QXXpJ5uGAkEBlM-afnRMI8Y88PfZ417ruHQ==
content-length: 0
apigw-requestid: TOoSShCpFiAEMiQ=
expires: Tue, 20 Feb 2024 17:37:40 GMT

GET
H2

200

327546155_913219429692259_9117198788145340909_n.png
scontent-fra5-2.xx.fbcdn.net/v/t39.30808-1/ Frame 245E
Redirect Chain

https://media-api.flockler.com/facebook/profile_image/169059432553
https://scontent-fra5-2.xx.fbcdn.net/v/t39.30808-1/327546155_913219429692259_9117198788145340909_n.png?stp=cp0_dst-png_p50x50&_nc_cat=106&ccb=1-7&_nc_sid=4da83f&_nc_ohc=PD9VFKZnhxoAX9kUMTH&_nc_oc=A...

2 KB
2 KB

64ms
22ms

Image
image/png

2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra5-2.xx.fbcdn.net/v/t39.30808-1/327546155_913219429692259_9117198788145340909_n.png?stp=cp0_dst-png_p50x50&_nc_cat=106&ccb=1-7&_nc_sid=4da83f&_nc_ohc=PD9VFKZnhxoAX9kUMTH&_nc_oc=AQm5Dv4A3LIeZVktrIzv1zX8NkRViX6xJhNwMOcaGOpyI6yVVuv4ELnOjH-w1axRHEQ&_nc_ht=scontent-fra5-2.xx&edm=AKIiGfEEAAAA&oh=00_AfC_MjTCTroYixQjKXB_oxP0Q0RyBIdToYHIzMGGKMdQlA&oe=65D4D13C
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Server: 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3e25ccb231e522e36bd9e4fb569c327b5c9f5665c7fe66ab2504fb64fff349c6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 25 Jan 2023 13:17:58 GMT
content-type: image/png
access-control-allow-origin: *
content-digest: adler32=3128163943
thrift_fmhk: GBC9NEY/4Rafz/kFW2LAka/MFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3565916033
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1617

Redirect headers

date: Mon, 19 Feb 2024 14:03:51 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
last-modified: Fri, 16 Feb 2024 12:18:47 GMT
x-amz-cf-pop: FRA56-P7
age: 40521
x-cache: Hit from cloudfront
location: https://scontent-fra5-2.xx.fbcdn.net/v/t39.30808-1/327546155_913219429692259_9117198788145340909_n.png?stp=cp0_dst-png_p50x50&_nc_cat=106&ccb=1-7&_nc_sid=4da83f&_nc_ohc=PD9VFKZnhxoAX9kUMTH&_nc_oc=AQm5Dv4A3LIeZVktrIzv1zX8NkRViX6xJhNwMOcaGOpyI6yVVuv4ELnOjH-w1axRHEQ&_nc_ht=scontent-fra5-2.xx&edm=AKIiGfEEAAAA&oh=00_AfC_MjTCTroYixQjKXB_oxP0Q0RyBIdToYHIzMGGKMdQlA&oe=65D4D13C
cache-control: public, must-revalidate
x-robots-tag: noindex
x-amz-cf-id: 4WyiH_JT9q7_qX-AGJ65f8tYRpz3tBJC-lYbtz9iOR7DVm9KZN60PQ==
content-length: 0
apigw-requestid: TYvnRg1sliAEMdw=
expires: Tue, 20 Feb 2024 02:03:51 GMT

GET
H2

200

426672577_947607583465618_4463081975513825703_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/ Frame 245E
Redirect Chain

https://media-api.flockler.com/instagram/video_cover/3302699096513013041
https://scontent.cdninstagram.com/v/t51.2885-15/426672577_947607583465618_4463081975513825703_n.jpg?stp=dst-jpg_e35_p640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=110&_nc_ohc=3sRdE23jRUwA...

162 KB
162 KB

427ms
399ms

Image
image/jpeg

2a03:2880:f276:1c3:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/426672577_947607583465618_4463081975513825703_n.jpg?stp=dst-jpg_e35_p640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=110&_nc_ohc=3sRdE23jRUwAX9vPmkO&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfB7wmhG33_fwThvB4pbeSwS-77fIlaa0g1CAZofC4fzqw&oe=65D45C3F&_nc_sid=cc8940
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Server: 2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b4cc378621eebcf1a0bd676ddb79323607aa5d4e5b4330dcfbe5b593b4118217

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 14 Feb 2024 17:45:39 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=332150464
thrift_fmhk: GBBnfzFRrRQiSKUXlAvsD9U8Feq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: tf0NDGatKuyMyDVbev8tNiEe8VIZ-G-5ncoWKqmtqhKoJdxpIY1A8_CZA9aRTSCdkWgRKHAM6BBocWr-xZNDl1h1-0tcCU9RdVT5Yk4CXlRmAST2nzwgP_s0DTZKEMDm
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2696651645
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 165716

Redirect headers

date: Mon, 19 Feb 2024 23:51:56 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
last-modified: Mon, 19 Feb 2024 23:51:55 GMT
x-amz-cf-pop: FRA56-P7
age: 5236
x-cache: Hit from cloudfront
location: https://scontent.cdninstagram.com/v/t51.2885-15/426672577_947607583465618_4463081975513825703_n.jpg?stp=dst-jpg_e35_p640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=110&_nc_ohc=3sRdE23jRUwAX9vPmkO&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfB7wmhG33_fwThvB4pbeSwS-77fIlaa0g1CAZofC4fzqw&oe=65D45C3F&_nc_sid=cc8940
cache-control: public, must-revalidate
x-robots-tag: noindex
x-amz-cf-id: ICjDTXNLyOCK1SfRLva7c3lt18gHnD2YdcqIll_hYDhVBa_6FZIzSg==
content-length: 0
apigw-requestid: TaFwXjw3liAEPPA=
expires: Tue, 20 Feb 2024 08:01:03 GMT

GET
H2

200

66315719_1132101773658894_3652110584138170368_n.jpg
scontent-fra3-1.xx.fbcdn.net/v/t51.2885-15/ Frame 245E
Redirect Chain

https://media-api.flockler.com/instagram/profile_image/lovewinterthur
https://scontent-fra3-1.xx.fbcdn.net/v/t51.2885-15/66315719_1132101773658894_3652110584138170368_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=7d201b&_nc_ohc=wXtdPw7jlLMAX8M3MSF&_nc_ht=scontent-fra3-1.xx&edm=A...

39 KB
39 KB

71ms
23ms

Image
image/jpeg

2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra3-1.xx.fbcdn.net/v/t51.2885-15/66315719_1132101773658894_3652110584138170368_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=7d201b&_nc_ohc=wXtdPw7jlLMAX8M3MSF&_nc_ht=scontent-fra3-1.xx&edm=AL-3X8kEAAAA&oh=00_AfCkmqYHvYyj-kwJmXJ-Jb0OJKWspkrE72h_1P1xv5foUg&oe=65D6F4B0
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Server: 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 9c404a6bdc894bcff014a94189321d8722c3c5a4273a0ddee7eb2d01680c03e1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 12 Jul 2019 13:22:47 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=561382833
thrift_fmhk: GBCtt2mMTTndBVGTTFSNjY9sFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 561382833
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 39850

Redirect headers

date: Mon, 19 Feb 2024 14:03:51 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
last-modified: Sat, 17 Feb 2024 19:28:02 GMT
x-amz-cf-pop: FRA56-P7
age: 40521
x-cache: Hit from cloudfront
location: https://scontent-fra3-1.xx.fbcdn.net/v/t51.2885-15/66315719_1132101773658894_3652110584138170368_n.jpg?_nc_cat=105&ccb=1-7&_nc_sid=7d201b&_nc_ohc=wXtdPw7jlLMAX8M3MSF&_nc_ht=scontent-fra3-1.xx&edm=AL-3X8kEAAAA&oh=00_AfCkmqYHvYyj-kwJmXJ-Jb0OJKWspkrE72h_1P1xv5foUg&oe=65D6F4B0
cache-control: public, must-revalidate
x-robots-tag: noindex
x-amz-cf-id: rWRbCFiqgL3Pk3LOqMmcCv1CIELXGEWCdrRrZlRdff5LbM_5nxOWKA==
content-length: 0
apigw-requestid: TYvnSjpgFiAEJmA=
expires: Tue, 20 Feb 2024 02:03:51 GMT

GET
H2

200

424583467_809597181208181_3585606812642374513_n.jpg
scontent-fra5-2.xx.fbcdn.net/v/t39.30808-6/ Frame 245E
Redirect Chain

https://media-api.flockler.com/facebook/image/169059432553_809887271179172
https://scontent-fra5-2.xx.fbcdn.net/v/t39.30808-6/424583467_809597181208181_3585606812642374513_n.jpg?stp=cp1_dst-jpg_p720x720&_nc_cat=109&ccb=1-7&_nc_sid=3635dc&_nc_ohc=FwZ9SkkdNjsAX9bTd1C&_nc_ht...

88 KB
88 KB

65ms
23ms

Image
image/jpeg

2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra5-2.xx.fbcdn.net/v/t39.30808-6/424583467_809597181208181_3585606812642374513_n.jpg?stp=cp1_dst-jpg_p720x720&_nc_cat=109&ccb=1-7&_nc_sid=3635dc&_nc_ohc=FwZ9SkkdNjsAX9bTd1C&_nc_ht=scontent-fra5-2.xx&edm=AJfPMC4EAAAA&oh=00_AfDJPWU96id9hgl48Jf6hjINdkSbO2t2Ti9c3vOpwkcrSg&oe=65D66B4A
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Server: 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e11e925b2b99903d54881e76720976d1ba30e6b0300559248f829e580034895e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 13 Feb 2024 07:49:13 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2355931444
thrift_fmhk: GBCD2wB81Ud6b1abwT3cb4xKFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1839180581
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 89749

Redirect headers

date: Sat, 17 Feb 2024 10:23:16 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
last-modified: Sat, 17 Feb 2024 10:23:16 GMT
x-amz-cf-pop: FRA56-P7
age: 226556
x-cache: Hit from cloudfront
location: https://scontent-fra5-2.xx.fbcdn.net/v/t39.30808-6/424583467_809597181208181_3585606812642374513_n.jpg?stp=cp1_dst-jpg_p720x720&_nc_cat=109&ccb=1-7&_nc_sid=3635dc&_nc_ohc=FwZ9SkkdNjsAX9bTd1C&_nc_ht=scontent-fra5-2.xx&edm=AJfPMC4EAAAA&oh=00_AfDJPWU96id9hgl48Jf6hjINdkSbO2t2Ti9c3vOpwkcrSg&oe=65D66B4A
cache-control: public, must-revalidate
x-robots-tag: noindex
x-amz-cf-id: doNWU6doePrAEel8WxDFCFtPYfhUs06ClUuAcTI3y42MbDjYldL5-A==
content-length: 0
apigw-requestid: TRpbJgOGliAEJug=
expires: Wed, 21 Feb 2024 21:29:46 GMT

GET
H2

200

425750198_1594576537947617_3430253196178176143_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/ Frame 245E
Redirect Chain

https://media-api.flockler.com/instagram/image/3298882588699568101
https://scontent.cdninstagram.com/v/t51.2885-15/425750198_1594576537947617_3430253196178176143_n.jpg?stp=dst-jpg_e35_s640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=105&_nc_ohc=2LNaptDK39E...

87 KB
87 KB

125ms
79ms

Image
image/jpeg

2a03:2880:f276:1c3:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/425750198_1594576537947617_3430253196178176143_n.jpg?stp=dst-jpg_e35_s640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=105&_nc_ohc=2LNaptDK39EAX-Jw7td&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfDnvuaiO7b0mQDSVr7o_yacBwC9CPj_FS7B_jQi6bdefg&oe=65D4401B&_nc_sid=cc8940
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Server: 2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b82ecc39937f2a933a2306ea967d87333ee9a6a67e03788201927c1467ec4bfa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 09 Feb 2024 11:12:16 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3679184779
thrift_fmhk: GBAKmao07v1LhPZvEc/5s3VNFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: e5Kceccr5DS2Mrej7kZkqH84oVj3I2o2mM3iyHrItl9CJSrcGq5WF5tffesSlc5-YbXiLubtrcrxYUNR7T2_NxpQGXmkv1379xGH6muMCX2wnKGd-ZOjoS4vEVnlNpnw
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3078724028
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 88858

Redirect headers

date: Mon, 19 Feb 2024 22:29:06 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
last-modified: Mon, 19 Feb 2024 22:29:06 GMT
x-amz-cf-pop: FRA56-P7
age: 10206
x-cache: Hit from cloudfront
location: https://scontent.cdninstagram.com/v/t51.2885-15/425750198_1594576537947617_3430253196178176143_n.jpg?stp=dst-jpg_e35_s640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=105&_nc_ohc=2LNaptDK39EAX-Jw7td&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfDnvuaiO7b0mQDSVr7o_yacBwC9CPj_FS7B_jQi6bdefg&oe=65D4401B&_nc_sid=cc8940
cache-control: public, must-revalidate
x-robots-tag: noindex
x-amz-cf-id: 4Ul-Qc-OpDwTrRZ6RkqsJo0bTS4hHBom3UF1X77vo1A1uV1UTmdkNQ==
content-length: 0
apigw-requestid: TZ5n4jkUFiAEJ4w=
expires: Tue, 20 Feb 2024 06:00:59 GMT

GET
H2

200

424974540_804924015008831_6828235389321307188_n.jpg
scontent-fra3-2.xx.fbcdn.net/v/t39.30808-6/ Frame 245E
Redirect Chain

https://media-api.flockler.com/facebook/image/169059432553_805693591598540
https://scontent-fra3-2.xx.fbcdn.net/v/t39.30808-6/424974540_804924015008831_6828235389321307188_n.jpg?stp=dst-jpg_p720x720&_nc_cat=104&ccb=1-7&_nc_sid=3635dc&_nc_ohc=EsIijLVJ9_AAX8soymP&_nc_ht=sco...

76 KB
76 KB

63ms
21ms

Image
image/jpeg

2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra3-2.xx.fbcdn.net/v/t39.30808-6/424974540_804924015008831_6828235389321307188_n.jpg?stp=dst-jpg_p720x720&_nc_cat=104&ccb=1-7&_nc_sid=3635dc&_nc_ohc=EsIijLVJ9_AAX8soymP&_nc_ht=scontent-fra3-2.xx&edm=AJfPMC4EAAAA&oh=00_AfDeX4n034qJ0Q7Z__HlsKosbK1ONLldMWMUUfVx7Y7Qvg&oe=65D4933A
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 58b47872d76a1a7410192d142d09a21932938fcff1f8564d248d53d510ca4edb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 06 Feb 2024 12:49:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2586959373
thrift_fmhk: GBB6ogQkn/5sEzG7DGa2jAmKFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 78421682
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 77469

Redirect headers

date: Fri, 16 Feb 2024 00:29:55 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
last-modified: Fri, 16 Feb 2024 00:29:55 GMT
x-amz-cf-pop: FRA56-P7
age: 348557
x-cache: Hit from cloudfront
location: https://scontent-fra3-2.xx.fbcdn.net/v/t39.30808-6/424974540_804924015008831_6828235389321307188_n.jpg?stp=dst-jpg_p720x720&_nc_cat=104&ccb=1-7&_nc_sid=3635dc&_nc_ohc=EsIijLVJ9_AAX8soymP&_nc_ht=scontent-fra3-2.xx&edm=AJfPMC4EAAAA&oh=00_AfDeX4n034qJ0Q7Z__HlsKosbK1ONLldMWMUUfVx7Y7Qvg&oe=65D4933A
cache-control: public, must-revalidate
x-robots-tag: noindex
x-amz-cf-id: a1DS-vU9IrbcW9ID-kzehHovcGgAd8NZcXRyUKuI1Gnm2-pzkeVDpw==
content-length: 0
apigw-requestid: TM_kjjX7liAEMBA=
expires: Tue, 20 Feb 2024 11:55:38 GMT

GET
H2

200

417418933_18414829366055462_8404860809410558075_n.jpg
scontent.cdninstagram.com/v/t39.30808-6/ Frame 245E
Redirect Chain

https://media-api.flockler.com/instagram/image/3296808885577047520
https://scontent.cdninstagram.com/v/t39.30808-6/417418933_18414829366055462_8404860809410558075_n.jpg?stp=dst-jpg_e35_s640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=102&_nc_ohc=B_eWbhQhZP...

77 KB
77 KB

64ms
36ms

Image
image/jpeg

2a03:2880:f276:1c3:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t39.30808-6/417418933_18414829366055462_8404860809410558075_n.jpg?stp=dst-jpg_e35_s640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=102&_nc_ohc=B_eWbhQhZPkAX-m-I2C&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfAyQtKTi-TzFapWzKN_ddjB324Fg1gRwFHa6YJs3DeEkg&oe=65D46ED8&_nc_sid=cc8940
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Server: 2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: caf5923b8dd6d7465690aee71c86bb3e3a6966010be0ab236118e992b499fc2d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 06 Feb 2024 14:19:27 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3053520779
thrift_fmhk: GBDisMNy6g/3Izgl8kTm/XpqFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: bg7x0LuGwz5HhesGoxJOZx3uVwZPb-bAjr1cvhvyaYjVdKqn3vP9P5kSz2YPPSmHRDchf8vQrR18ab5Fs7r5SW2VW0tfWCx_uoXMXMkGt7HJzMgrKMjFEYJYL-osHFEI
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2428388844
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 78451

Redirect headers

date: Tue, 20 Feb 2024 00:29:13 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Feb 2024 00:29:12 GMT
x-amz-cf-pop: FRA56-P7
age: 2999
x-cache: Hit from cloudfront
location: https://scontent.cdninstagram.com/v/t39.30808-6/417418933_18414829366055462_8404860809410558075_n.jpg?stp=dst-jpg_e35_s640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=102&_nc_ohc=B_eWbhQhZPkAX-m-I2C&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfAyQtKTi-TzFapWzKN_ddjB324Fg1gRwFHa6YJs3DeEkg&oe=65D46ED8&_nc_sid=cc8940
cache-control: public, must-revalidate
x-robots-tag: noindex
x-amz-cf-id: OeKJGrYuvQu7sQgtal8s1uERrwcUJ6e0dtHKHSmvaykq4GIa6mMbTQ==
content-length: 0
apigw-requestid: TaLN0hBZFiAEJNw=
expires: Tue, 20 Feb 2024 09:20:24 GMT

GET
H2

200

8620226403532133371
external-fra5-2.xx.fbcdn.net/emg1/v/t13/ Frame 245E
Redirect Chain

https://media-api.flockler.com/facebook/image/169059432553_804919368342629
https://external-fra5-2.xx.fbcdn.net/emg1/v/t13/8620226403532133371?url=https%3A%2F%2Fwww.casinotheater.ch%2Fwp-content%2Fuploads%2F2023%2F10%2FFoto_mit_Titel_web-breit.jpg&fb_obo=1&utld=casinothea...

83 KB
83 KB

74ms
24ms

Image
image/jpeg

2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://external-fra5-2.xx.fbcdn.net/emg1/v/t13/8620226403532133371?url=https%3A%2F%2Fwww.casinotheater.ch%2Fwp-content%2Fuploads%2F2023%2F10%2FFoto_mit_Titel_web-breit.jpg&fb_obo=1&utld=casinotheater.ch&stp=c0.5000x0.5000f_dst-emg0_p720x720_q75&ccb=13-1&oh=06_AbGz_pOk-pp2CIwOMzLlVXqEpl1Gd1WnBdk-KgaU7jHLpw&oe=65D57069&_nc_sid=ef6713
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Server: 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 13a39634396af1deac84d96472cee0e42b227db13946e5e84eeb4440e34d1b49

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
last-modified: Mon, 19 Feb 2024 15:42:14 GMT
x-fb-original-response-code: 200
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=40124945
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
x-fb-original-response-reason: OK
content-length: 84494
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 19 Feb 2024 15:42:13 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
last-modified: Mon, 19 Feb 2024 15:42:13 GMT
x-amz-cf-pop: FRA56-P7
age: 34619
x-cache: Hit from cloudfront
location: https://external-fra5-2.xx.fbcdn.net/emg1/v/t13/8620226403532133371?url=https%3A%2F%2Fwww.casinotheater.ch%2Fwp-content%2Fuploads%2F2023%2F10%2FFoto_mit_Titel_web-breit.jpg&fb_obo=1&utld=casinotheater.ch&stp=c0.5000x0.5000f_dst-emg0_p720x720_q75&ccb=13-1&oh=06_AbGz_pOk-pp2CIwOMzLlVXqEpl1Gd1WnBdk-KgaU7jHLpw&oe=65D57069&_nc_sid=ef6713
cache-control: public, must-revalidate
x-robots-tag: noindex
x-amz-cf-id: Y4PGpd-pPH99pIdNyuyNQvspI01Ti4Gb7WzxzT5xfMkPpL-yyxAqDw==
content-length: 0
apigw-requestid: TY-BWicLFiAEJBw=
expires: Wed, 21 Feb 2024 03:39:21 GMT

GET
H2

200

421877428_800349022132997_4849432815086296271_n.jpg
scontent-fra5-1.xx.fbcdn.net/v/t39.30808-6/ Frame 245E
Redirect Chain

https://media-api.flockler.com/facebook/image/169059432553_801030578731508
https://scontent-fra5-1.xx.fbcdn.net/v/t39.30808-6/421877428_800349022132997_4849432815086296271_n.jpg?stp=dst-jpg_p720x720&_nc_cat=102&ccb=1-7&_nc_sid=3635dc&_nc_ohc=jmPY-RLinM8AX8qe4-T&_nc_ht=sco...

154 KB
154 KB

65ms
20ms

Image
image/jpeg

2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra5-1.xx.fbcdn.net/v/t39.30808-6/421877428_800349022132997_4849432815086296271_n.jpg?stp=dst-jpg_p720x720&_nc_cat=102&ccb=1-7&_nc_sid=3635dc&_nc_ohc=jmPY-RLinM8AX8qe4-T&_nc_ht=scontent-fra5-1.xx&edm=AJfPMC4EAAAA&oh=00_AfDHGwbVabWdlo0F75lm3gmZeHnksw6MOWREPBYYw9wghg&oe=65D7D0F3
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 23b809f5974a53909a4a9f5c1ad4a90757697b00143cb7da4dcd226b478fc85c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 30 Jan 2024 12:36:28 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=574087585
thrift_fmhk: GBCfvVKWZWu2OikwIu2OgWWcFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2503364908
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 157600

Redirect headers

date: Sun, 18 Feb 2024 11:47:08 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
last-modified: Sun, 18 Feb 2024 11:47:08 GMT
x-amz-cf-pop: FRA56-P7
age: 135124
x-cache: Hit from cloudfront
location: https://scontent-fra5-1.xx.fbcdn.net/v/t39.30808-6/421877428_800349022132997_4849432815086296271_n.jpg?stp=dst-jpg_p720x720&_nc_cat=102&ccb=1-7&_nc_sid=3635dc&_nc_ohc=jmPY-RLinM8AX8qe4-T&_nc_ht=scontent-fra5-1.xx&edm=AJfPMC4EAAAA&oh=00_AfDHGwbVabWdlo0F75lm3gmZeHnksw6MOWREPBYYw9wghg&oe=65D7D0F3
cache-control: public, must-revalidate
x-robots-tag: noindex
x-amz-cf-id: Jj5qmfvvOWU2OQGmfA0Bg3Q7uPpyqlODUoHUFJP6_X1AvVJRZOuG7w==
content-length: 0
apigw-requestid: TVIpfiK4liAEPug=
expires: Thu, 22 Feb 2024 22:55:47 GMT

GET
H2

200

424581706_800350785466154_5466806842722875300_n.jpg
scontent.cdninstagram.com/v/t39.30808-6/ Frame 245E
Redirect Chain

https://media-api.flockler.com/instagram/image/3292502031657013608
https://scontent.cdninstagram.com/v/t39.30808-6/424581706_800350785466154_5466806842722875300_n.jpg?stp=dst-jpg_e35_p640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=102&_nc_ohc=c4WvizbbnWwA...

127 KB
127 KB

125ms
79ms

Image
image/jpeg

2a03:2880:f276:1c3:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t39.30808-6/424581706_800350785466154_5466806842722875300_n.jpg?stp=dst-jpg_e35_p640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=102&_nc_ohc=c4WvizbbnWwAX9OwFVy&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfBE0JrSeCC4wlf3bPb8Qjpgm9SLDgH4lo6zmEmH6tmJuA&oe=65D4190E&_nc_sid=cc8940
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Server: 2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8b5e61e07a160f7756179994a2db653c60f8e62e784d0a2e2bf2436e9069b80e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 30 Jan 2024 12:40:12 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2786312155
thrift_fmhk: GBDI4CFbs7gvn4J8SD8BORriFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: AWCooazlNB6Fo9sLt0XaxHNrRL8BK4NyGDzh8zRVfZtqUHkrP587JbpsV6JtqQYLgggV8SXnLYi1a9hJQFjin5omCiRbDf1XI5OBtcSukedH66pfiWUqpnZvVphcCgLW
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3295127272
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 130093

Redirect headers

date: Mon, 19 Feb 2024 18:29:10 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
last-modified: Mon, 19 Feb 2024 18:29:10 GMT
x-amz-cf-pop: FRA56-P7
age: 24602
x-cache: Hit from cloudfront
location: https://scontent.cdninstagram.com/v/t39.30808-6/424581706_800350785466154_5466806842722875300_n.jpg?stp=dst-jpg_e35_p640x640_sh0.08&_nc_ht=scontent.cdninstagram.com&_nc_cat=102&_nc_ohc=c4WvizbbnWwAX9OwFVy&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfBE0JrSeCC4wlf3bPb8Qjpgm9SLDgH4lo6zmEmH6tmJuA&oe=65D4190E&_nc_sid=cc8940
cache-control: public, must-revalidate
x-robots-tag: noindex
x-amz-cf-id: o3cJyHzyQCFAjKD-Dd9pzaeyImm2P9XMXk8yjdrUCIXbxKcn1y29zQ==
content-length: 0
apigw-requestid: TZWefjTOFiAEJrA=
expires: Tue, 20 Feb 2024 03:14:22 GMT

GET
H2

200

422029758_800269478807618_4218359626499342538_n.jpg
scontent-fra3-2.xx.fbcdn.net/v/t39.30808-6/ Frame 245E
Redirect Chain

https://media-api.flockler.com/facebook/image/169059432553_800272935473939
https://scontent-fra3-2.xx.fbcdn.net/v/t39.30808-6/422029758_800269478807618_4218359626499342538_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=3635dc&_nc_ohc=NG852FVD4sAAX8cyHwS&_nc_ht=scontent-fra3-2.xx&edm=A...

22 KB
22 KB

86ms
62ms

Image
image/jpeg

2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra3-2.xx.fbcdn.net/v/t39.30808-6/422029758_800269478807618_4218359626499342538_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=3635dc&_nc_ohc=NG852FVD4sAAX8cyHwS&_nc_ht=scontent-fra3-2.xx&edm=AJfPMC4EAAAA&oh=00_AfBqXGko6W3M4zZSBrytdGOG28DjFiGzk3miA2n9H5WrqA&oe=65D531D8
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Server: 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a28dd4cfe8632282c36afcc7751b82fce0e41e414fab274c6ff65962b43c6dfa

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Tue, 30 Jan 2024 09:42:16 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1412607707
thrift_fmhk: GBBk+ldFy4HhSSkmW3y2cjtrFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1412607707
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 22225

Redirect headers

date: Fri, 16 Feb 2024 12:02:37 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
last-modified: Fri, 16 Feb 2024 11:59:46 GMT
x-amz-cf-pop: FRA56-P7
age: 306995
x-cache: Hit from cloudfront
location: https://scontent-fra3-2.xx.fbcdn.net/v/t39.30808-6/422029758_800269478807618_4218359626499342538_n.jpg?_nc_cat=107&ccb=1-7&_nc_sid=3635dc&_nc_ohc=NG852FVD4sAAX8cyHwS&_nc_ht=scontent-fra3-2.xx&edm=AJfPMC4EAAAA&oh=00_AfBqXGko6W3M4zZSBrytdGOG28DjFiGzk3miA2n9H5WrqA&oe=65D531D8
cache-control: public, must-revalidate
x-robots-tag: noindex
x-amz-cf-id: 1QCVnq_XPegeloyprmNVA-g3cAJMZ_bCPsbY-Av5GJqLoqpqkcWJDg==
content-length: 0
apigw-requestid: TOlClhFiliAEJpw=
expires: Tue, 20 Feb 2024 23:12:24 GMT

GET
H2

200

421901061_797601705741062_5391146600518689613_n.jpg
scontent-fra5-1.xx.fbcdn.net/v/t39.30808-6/ Frame 245E
Redirect Chain

https://media-api.flockler.com/facebook/image/169059432553_797602632407636
https://scontent-fra5-1.xx.fbcdn.net/v/t39.30808-6/421901061_797601705741062_5391146600518689613_n.jpg?stp=dst-jpg_p720x720&_nc_cat=110&ccb=1-7&_nc_sid=3635dc&_nc_ohc=m93dsoHM9ZcAX9CzpMS&_nc_ht=sco...

133 KB
134 KB

47ms
20ms

Image
image/jpeg

2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fra5-1.xx.fbcdn.net/v/t39.30808-6/421901061_797601705741062_5391146600518689613_n.jpg?stp=dst-jpg_p720x720&_nc_cat=110&ccb=1-7&_nc_sid=3635dc&_nc_ohc=m93dsoHM9ZcAX9CzpMS&_nc_ht=scontent-fra5-1.xx&edm=AJfPMC4EAAAA&oh=00_AfAHnByvwhGHqFtQX7EfgL1U1Mul90WMzNDt9JLjk3ft6g&oe=65D64770
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Server: 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fab62a8b2cbe29c2089fc8691bf581417e00814d956cce49a4184647d2364a34

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 26 Jan 2024 12:32:22 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=4292221592
thrift_fmhk: GBBSkShTNYqdogy+aFwUtmKIFfDr4Z0EvFUAAAA=
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2391926181
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 136551

Redirect headers

date: Sat, 17 Feb 2024 08:29:08 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
last-modified: Sat, 17 Feb 2024 08:29:08 GMT
x-amz-cf-pop: FRA56-P7
age: 233404
x-cache: Hit from cloudfront
location: https://scontent-fra5-1.xx.fbcdn.net/v/t39.30808-6/421901061_797601705741062_5391146600518689613_n.jpg?stp=dst-jpg_p720x720&_nc_cat=110&ccb=1-7&_nc_sid=3635dc&_nc_ohc=m93dsoHM9ZcAX9CzpMS&_nc_ht=scontent-fra5-1.xx&edm=AJfPMC4EAAAA&oh=00_AfAHnByvwhGHqFtQX7EfgL1U1Mul90WMzNDt9JLjk3ft6g&oe=65D64770
cache-control: public, must-revalidate
x-robots-tag: noindex
x-amz-cf-id: pZRsZlNM8ZRBf_Bk83AzIvEjXzfPFwBrg6J6J2zs3iDtzPWrU3AzDw==
content-length: 0
apigw-requestid: TRYtCjCWFiAEJWA=
expires: Wed, 21 Feb 2024 18:56:48 GMT

GET
H2

200

421731123_265764486388344_870056995808101300_n.jpg
scontent.cdninstagram.com/v/t51.2885-15/ Frame 245E
Redirect Chain

https://media-api.flockler.com/instagram/video_cover/3288102141749217134
https://scontent.cdninstagram.com/v/t51.2885-15/421731123_265764486388344_870056995808101300_n.jpg?stp=dst-jpg_e15_p640x640&_nc_ht=scontent.cdninstagram.com&_nc_cat=100&_nc_ohc=6tuOnktt56oAX_SUyhe&...

63 KB
63 KB

158ms
130ms

Image
image/jpeg

2a03:2880:f276:1c3:face:b00c:0:43fe
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.cdninstagram.com/v/t51.2885-15/421731123_265764486388344_870056995808101300_n.jpg?stp=dst-jpg_e15_p640x640&_nc_ht=scontent.cdninstagram.com&_nc_cat=100&_nc_ohc=6tuOnktt56oAX_SUyhe&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfABfyS0aYzpT2Jq6zeoyrNddFmEC813mzBcN59FMWXezg&oe=65D4615E&_nc_sid=cc8940
Requested by: Host: winterthur.com
URL: https://winterthur.com/de/
Protocol: H2
Server: 2a03:2880:f276:1c3:face:b00c:0:43fe Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 055afb25b1bf6f9820aa6a562cc8ed2688693e1026549aca2272090f8bbf84fd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 25 Jan 2024 14:23:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1163054438
thrift_fmhk: GBB0u8HxIIG6W8DuaD9/lWdkFeq3uckLvFUAAAA=
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: xezmdp5XwpcQ3WHifdROku17vmEvo3AqU9rE9aSSYTPrxYM7g9a7McjIossN0y62uTMugbc7iSD5xmYn-8XDXiDXr8BD8ngGn4Tjt_JLpEKNjkMofHfyG2UfHGevO_1Y
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1576512786
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 64141

Redirect headers

date: Mon, 19 Feb 2024 23:51:56 GMT
via: 1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
last-modified: Mon, 19 Feb 2024 23:51:56 GMT
x-amz-cf-pop: FRA56-P7
age: 5236
x-cache: Hit from cloudfront
location: https://scontent.cdninstagram.com/v/t51.2885-15/421731123_265764486388344_870056995808101300_n.jpg?stp=dst-jpg_e15_p640x640&_nc_ht=scontent.cdninstagram.com&_nc_cat=100&_nc_ohc=6tuOnktt56oAX_SUyhe&edm=AMO9-JQAAAAA&ccb=7-5&oh=00_AfABfyS0aYzpT2Jq6zeoyrNddFmEC813mzBcN59FMWXezg&oe=65D4615E&_nc_sid=cc8940
cache-control: public, must-revalidate
x-robots-tag: noindex
x-amz-cf-id: TswMI1PpCQQyoWbIzGcVETBjMnu2e9QX00QhdOjqAETJlkqY0X9ALw==
content-length: 0
apigw-requestid: TaFwXjcDliAEP6Q=
expires: Tue, 20 Feb 2024 08:22:54 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.368/ Frame 8D5E 44 KB
17 KB 74ms
31ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.368/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/conversations-visitor/9194921/threads/utk/4d832c02183f45d393ef565599dadc6b?uuid=544085e2860a4c77b06256b6c4031925&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=winterthur.com&inApp53=false&messagesUtk=4d832c02183f45d393ef565599dadc6b&url=https%3A%2F%2Fwinterthur.com%2Fde%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15da0333da024365f065c44b1861355fac0211292dd57a0bb5f482ebcd166f4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.google.com/
Origin: https://app.hubspot.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-amz-version-id: wWLMJ6qW0lXJfco2m026CzodYMop32jV
via: 1.1 218c6128df18321f9758e53ccc351448.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
age: 2417383
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 11 Jul 2023 18:31:41 GMT
server: cloudflare
etag: W/"63ec2a77119dfb2ddcae56ab3a029230"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4d7DJjlJkirHhr4eXnaeDNrmEXr1E9QLC9pkHfuxBAwbt2itU9vrcZJjWmOCUcfyY7yYV3ef0HtLNgNemMHEKaAl9rZSXEDvpmm7%2BKxypG3OGYHNXLZRIKjI%2FvqI2Y4LjOkpa3XZz0PTUmf2muglDSjEUMA%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 8582eb852a141e66-FRA
x-amz-cf-id: DxkNEZjKUayxU8InGhLoy_8jikxFe9XhMqmBtrY_dRlz6ySp8JmDdg==
expires: Wed, 19 Feb 2025 01:19:12 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.17110/sass/ Frame 8D5E 19 KB
4 KB 76ms
32ms Stylesheet
text/css 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.17110/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

405767448d618a7a326a509bf3c8484414ddf0f9518dad53f90794e7796bdde8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-amz-version-id: 8JK3Qs8SBE2zTXCiSEFRAiP414rxQpaa
via: 1.1 b4f72de8ce5f3b4b4240eccfbd3d12a6.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
age: 2198829
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Nov 2023 14:28:10 GMT
server: cloudflare
etag: W/"686ebda4c47b0bdb5d9460221c8036d1"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOow2YjveyUOTcTgZfZ3cA9jLF4ftK8JTpBtNOqdkXqgRODVKuLUnxOXygAY4S63NimFB8Aauwrb5wkZfZ1K37%2Faogzrw4TLyzfljNKKziN9oCivzmsSxfDZXjPTcO5sH88aLDWiMOlzl8GHxU8ZTKL5PAY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 8582eb852b1f5d4d-FRA
x-amz-cf-id: FU0D1S82ezwWOpp3yINpKDXre8JzM3Z36daRfkbMnbR1SX8VairSBA==
expires: Wed, 19 Feb 2025 01:19:12 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.522/ Frame 8D5E 295 KB
94 KB 74ms
31ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.522/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59f6d8db6a6b4d9aa01991c751c30e4b6aef7a4197da21be7e61a41448c5ae69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.google.com/
Origin: https://app.hubspot.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-amz-version-id: rKh51R63oxz5N3dfuB2VkIuksUjUA_yy
via: 1.1 debf5a1694fcb96cc13d895660321eda.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
age: 1072770
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 Jan 2024 19:59:33 GMT
server: cloudflare
etag: W/"7625f1a8376f1cb513c308136c837d2d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FOVZf3%2F9Pn%2Ffkqsw676ANpHuroCdpgNs9kQvN4WhfjYepWezSvJIurB3VEi6LrnAYD5Bk4VBodUycrvujBlW8Ge1vnpKDmbuP%2F8mfl%2FEtgYgqN9ran3YAdtuDRxKp%2BxrUvYm3%2B5roDaCrEzwXekLX957yc%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 8582eb852a111e66-FRA
x-amz-cf-id: W_DA70Nr4C5RIbr0shoMZXnTFftkHS_8xzg3RsyKzac0_4-eIx_LnA==
expires: Wed, 19 Feb 2025 01:19:12 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.17932/bundles/ Frame 8D5E 663 KB
197 KB 74ms
32ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.17932/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80477f70c94c953cf712803b2ce220437bbd8b87e168020838a755dae5ff5ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.google.com/
Origin: https://app.hubspot.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-amz-version-id: vHBBj4.g1Yqhv2Chn83F6eNkqq6j0y0y
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 1277
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 15 Feb 2024 14:00:55 GMT
server: cloudflare
etag: W/"bf6ab28701426bb5d3fcaf6e005e1e0c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCI4DTGcJOAdhXmtNKIsvtPTVXgpp7qy2L%2B4Jjd4jLFQff16OZBvz9DgwbPisj9nxz5OnwDIj1RupXw25Y900sN%2B37NtH9xg7o8WShJcf%2F6Zl4wxmP%2Bq2jmxXZow4JzH4ftnMV5Oe%2FWyAoZhiDdkqFGVGd4%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 8582eb852a101e66-FRA
x-amz-cf-id: SBTsM7H4M78Jk4FlNb6wS7c8Y_m-uB8aoHZhkN9QdUMlwmUM7QZOQw==
expires: Wed, 19 Feb 2025 01:19:12 GMT

GET
H2 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.17922/ Frame 8D5E 841 B
912 B 28ms
26ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.17922/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.17932/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

411efae901b962b3eeb4112ae0d1004c5da2aa0c34d5b35a57fb0dc0f044619d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.google.com/
Origin: https://app.hubspot.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-amz-version-id: BtMat2i1TKYjHdvlby1A3ZtXnBj74Hmb
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 381960
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Feb 2024 16:00:59 GMT
server: cloudflare
etag: W/"3acab88f5e524a64246da2ebadbb1cc4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRKOPbozYm4E2j%2BT%2Fq%2Fs%2BPQW7HNLKzhbUWd%2BFSh4WbKh%2BOMxngbAvQNaNv3EvSW8jPOtoNhwV2HYZ8vUcO1YyZO%2BvOUdQwOrN2hYNWdSQpcePwq8JOoMK8z7TzUxjjOxPYuH%2F%2BbNjG0U9pIlmNfqWxvaskA%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 8582eb860a921e66-FRA
x-amz-cf-id: 3lKfGeOASJKAXffCuCOKVfQvj7oWSZU70I0uPJI5MpGGWUy7SJ59yQ==
expires: Wed, 19 Feb 2025 01:19:12 GMT

GET
H2 200 Logo_winterthur_switzerland-04c0c124.svg
winterthur.com/assets/images/e/ 5 KB
2 KB 52ms
52ms Image
image/svg+xml 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/assets/images/e/Logo_winterthur_switzerland-04c0c124.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 6b3c0c659d02d1a5bf563a82fa025775198a8aaa678c5628b78e508b8080ee46

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
content-encoding: gzip
last-modified: Thu, 15 Feb 2024 00:29:27 GMT
server: nginx
etag: "13f0-61160b85b206b-gzip"
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1983
expires: Thu, 21 Mar 2024 01:19:12 GMT

GET
H2 200 Logo_winterthur_switzerland-e3a5ada4.svg
winterthur.com/assets/images/b/ 5 KB
2 KB 41ms
41ms Image
image/svg+xml 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/assets/images/b/Logo_winterthur_switzerland-e3a5ada4.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 999690f3bea5eb4c28401bb9191bf91eb41cd8e960ee1cdffb8db8da92f18eeb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
content-encoding: gzip
last-modified: Mon, 12 Feb 2024 00:18:11 GMT
server: nginx
etag: "13f0-611243689cf9c-gzip"
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1985
expires: Thu, 21 Mar 2024 01:19:12 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
710 B 136ms
136ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4158071004&v=1.1&a=9194921&pu=https%3A%2F%2Fwinterthur.com%2Fde%2F&t=Winterthur+Switzerland+-+House+of+Winterthur&cts=1708391952365&vi=6d9b538e9327c22112066f5e52b6ca95&nc=true&ce=false&pt=3&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4c22efd1-13d2-41ae-b1a0-195f18f88762
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4c22efd1-13d2-41ae-b1a0-195f18f88762
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yabzyqeZw6PD0W%2B26rZyquq7hHhus0Fnkyx46BVvBgFq%2BYIl02VOBRWlav2uxxW6B%2FInWP5B4m7AlFSaW%2F6mHYZ90%2FHIu5rjQqTJEGfW1ytIzm9BTXIr1VLvipfUrp%2F6jNtZLxkyqQRU21o88cP9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-68f68ffdf9-qfmq5
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8582eb865af04d94-FRA
x-robots-tag: none

GET
H2 200 conversations-visitor-ui-lang-de.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.17922/ Frame 8D5E 15 KB
5 KB 31ms
31ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.17922/conversations-visitor-ui-lang-de.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.17932/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6845aeea7271fdd72329264bcb9b9e93a57d296628a15fe8713f47c6db117d87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.google.com/
Origin: https://app.hubspot.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-amz-version-id: _BNOTsIf_5FlYcKghBKht0Yn54t_jXxh
via: 1.1 e221f111ed3ebc025b531e81056d37a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
age: 4
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Feb 2024 16:00:58 GMT
server: cloudflare
etag: W/"2316106e55ed39c40aea076b41f7af28"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnZ%2FQ45mTuiCwqCzkKHQQzTtrrPe14wdipS9Nknwh%2Fx%2FwBL2g%2BgEF0y34yK72h8Xirm%2Fx1e%2Byb%2Fr1v%2F8fTP4qLdvtcsdfc2PHJiBO%2FOGRvWNL3%2B7uEqucKPYg4SKzoXkt2UrqdlY9Jz4CflyDAHIMuo262s%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 8582eb865ab51e66-FRA
x-amz-cf-id: OMynYAlkv7D_uHqtqxD0lhgb3rbPzmdDVI_6u6TWNsk90PNMnMacdQ==
expires: Wed, 19 Feb 2025 01:19:12 GMT

GET
H2 200 I18n-lang-de.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.17922/ Frame 8D5E 845 B
1 KB 26ms
26ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.17922/I18n-lang-de.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.17932/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2119d647bc9f45a981d8fe57675a062a97e32533bd3cebd1b74cf3d6ea5fcb13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.google.com/
Origin: https://app.hubspot.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-amz-version-id: GRGGIl4Gbw0mWREYSidfU2QLUjlOa_cX
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 381956
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Feb 2024 16:00:57 GMT
server: cloudflare
etag: W/"f07437b87f006bb2c4ca65280748acfb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2F48kJUe4rCrscRqhYOFauhhyxcw83gChUbObLfRu4iBJJOln31%2BqUP6qcSno1yvSfpZe5wpsTEVpLUGE70c4gU6NUVkKsXdY8qWmDxnzNgZ6a%2FSrRCxvFZ6nSwIP%2BFZt3qY9WS0gGPySlBjyE9a2S0QFkk%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 8582eb865ab61e66-FRA
x-amz-cf-id: L_VtKlakP7LcO3h3e4JujqcpOBygTaq-Jb3ATOgr2PmyNTJGtyG79A==
expires: Wed, 19 Feb 2025 01:19:12 GMT

GET
H2 200 i18n-data-data-locales-de.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.17922/ Frame 8D5E 2 KB
1 KB 30ms
30ms Script
application/javascript 2606:4700::6812:b05d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.17922/i18n-data-data-locales-de.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.17932/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b05d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7427662cf66c0c076bd1aa91b5c3535be8d652a9ea9352600dc7e88f56de646e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.google.com/
Origin: https://app.hubspot.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
x-amz-version-id: ZcYYz_A7D7eO8LzpbubHfJRZLRcHUw8e
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 381956
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 14 Feb 2024 16:00:59 GMT
server: cloudflare
etag: W/"b41120bc94cfbcf0b2a46b58a00fe4ce"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYFDxmWq7MVAiNXNxPuae4PhEYvYcGvUXa%2FhWLmwUWQfZ4oIh208gVe98CCQk8Lan6jEpTNYKtV5cmbSJwhT5dxbAHrn5swrOfIiO8FZrNNQvs0FSVqvaJwjTQtBBGjrJ75mhRV8KIczW69QvnV6OHCCRqY%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 8582eb865ab71e66-FRA
x-amz-cf-id: tVZpzoWqE9uJKmao7k9DdxQVPEb6YHwDewjUSPNFk7xAfDhDJJhA-g==
expires: Wed, 19 Feb 2025 01:19:12 GMT

POST
H2 204 rhumb
app.hubspot.com/api/cartographer/v1/ Frame 8D5E 0
1 KB 145ms
145ms Ping
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.17932

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.17932/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 20 Feb 2024 01:19:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b7e88901-0153-4bc4-bd40-d115d6ddc40c
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b7e88901-0153-4bc4-bd40-d115d6ddc40c
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7f4HjXZEnnhZGt%2FDbLFAdFJ2Y0mTDSgCyb8x4oj%2BM8Bi%2FJ%2B2kmDudlFGWWc0OYJuWdO6BhWFFCzl9u3g2kfqg6nviN7HZgFPGmLRHQTutqhTIFRTPU93CBq6tSUNzBMC%2FApyWaUBvTGfQu900g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app.hubspot.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-f7f4ffb8f-kzxzg
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure
access-control-max-age: 604800
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 8582eb86ab094d94-FRA
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Dpl-Correlation-Group-Id, X-HubSpot-Dpl-Parent-Log-Id
timing-allow-origin: *

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 32D5 28 B
50 B 35ms
35ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
X-Goog-Request-Time: 1708391953777
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.google.com/
X-YouTube-Client-Version: 1.20240213.01.00
X-YouTube-Time-Zone: Europe/Zurich
X-Goog-Visitor-Id: CgtRQzhqbjZZVWw3WSiP_M-uBjIKCgJDSBIEGgAgWw%3D%3D
X-YouTube-Ad-Signals: dt=1708391951473&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1140%2C641&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 20 Feb 2024 01:19:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

GET
H2 200 Logo_winterthur_switzerland-04c0c124.svg
winterthur.com/assets/images/e/ 5 KB
2 KB 20ms
19ms Image
image/svg+xml 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/assets/images/e/Logo_winterthur_switzerland-04c0c124.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 6b3c0c659d02d1a5bf563a82fa025775198a8aaa678c5628b78e508b8080ee46

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:16 GMT
content-encoding: gzip
last-modified: Thu, 15 Feb 2024 00:29:27 GMT
server: nginx
etag: "13f0-61160b85b206b-gzip"
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1983
expires: Thu, 21 Mar 2024 01:19:16 GMT

GET
H2 200 Logo_winterthur_switzerland-e3a5ada4.svg
winterthur.com/assets/images/b/ 5 KB
2 KB 23ms
23ms Image
image/svg+xml 46.231.200.190
ASN-METANET Routi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winterthur.com/assets/images/b/Logo_winterthur_switzerland-e3a5ada4.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 46.231.200.190 Zurich, Switzerland, ASN21069 (ASN-METANET Routingpeering issues: noc@metanet.ch, CH),
Reverse DNS: hosting.tso.ch
Software: nginx /
Resource Hash: 999690f3bea5eb4c28401bb9191bf91eb41cd8e960ee1cdffb8db8da92f18eeb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 01:19:16 GMT
content-encoding: gzip
last-modified: Mon, 12 Feb 2024 00:18:11 GMT
server: nginx
etag: "13f0-611243689cf9c-gzip"
vary: Accept-Encoding,Origin
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1985
expires: Thu, 21 Mar 2024 01:19:16 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Domain: fonts.gstatic.com
URL: https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Domain: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: UxjyO5RDYCY
.youtube.com/	1970-01-20 22:52:23	Name: VISITOR_INFO1_LIVE Value: QC8jn6YUl7Y
.winterthur.com/	1970-01-21 04:09:11	Name: _ga_KHK8PDQJZV Value: GS1.1.1708391951.1.0.1708391951.60.0.0
.winterthur.com/	1970-01-21 04:09:11	Name: _ga Value: GA1.2.1804087311.1708391952
.winterthur.com/	1970-01-20 18:34:38	Name: _gid Value: GA1.2.1569242104.1708391952
.winterthur.com/	1970-01-20 18:33:12	Name: _gat_UA-100570488-8 Value: 1
.hubspot.com/	1970-01-20 18:33:13	Name: __cf_bm Value: mM_IadwrU9A5EPTA6OYFVy.kWfJPZbnZpAho9McTWEI-1708391952-1.0-AQhgoDXjkyxbic18NAN7VCSh7cmZFaT0v98zmkhy1VHRrhD5ovCoZOVb1EqBz9imU8dOPM2CcPJHb/U8QJmxums=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 0SYqGNoSESiqg9jiIUr0aAkrYOrABQgU6kUkoFfq0m4-1708391952117-0.0-604800000

36 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other	warning	URL: https://winterthur.com/de/(Line 1570) Message: Allow attribute will take precedence over 'allowfullscreen'.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/(Line 2189) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/(Line 2189) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/(Line 2228) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/(Line 2228) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.googletagmanager.com/gtag/js?id=G-R27XQF5LVW&cx=c&_slc=1 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://winterthur.com/de/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://plugins.flockler.com/embed/iframe/17159abba35059d6930d36c151dafd54/17c99bb329c0536ada95a26503b5197c Message: The resource https://fl-1.cdn.flockler.com/embed/embed-v2.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.flockler.app
api.hubspot.com
app.hubspot.com
external-fra5-2.xx.fbcdn.net
fl-1.cdn.flockler.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.usemessages.com
media-api.flockler.com
plugins.flockler.com
region1.analytics.google.com
scontent-fra3-1.xx.fbcdn.net
scontent-fra3-2.xx.fbcdn.net
scontent-fra5-1.xx.fbcdn.net
scontent-fra5-2.xx.fbcdn.net
scontent.cdninstagram.com
static.doubleclick.net
static.hsappstatic.net
stats-api.flockler.app
stats.g.doubleclick.net
track.hubspot.com
winterthur-event.ch
winterthur.com
www.google-analytics.com
www.google.ch
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
fonts.gstatic.com
www.youtube.com
13.225.78.114
2001:4860:4802:34::36
2600:9000:20c3:7a00:1:1ee4:a40:93a1
2600:9000:225e:c200:1a:4777:d980:93a1
2600:9000:237d:2600:15:c796:3780:93a1
2600:9000:2491:5200:1a:1610:3ac0:93a1
2606:4700:4400::ac40:991b
2606:4700::6810:4eba
2606:4700::6810:bf59
2606:4700::6811:faa8
2606:4700::6812:b05d
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:803::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::2016
2a00:1450:4001:829::2006
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f276:1c3:face:b00c:0:43fe
46.231.200.190
007b9aa4dc9940c38cc6036fa27744ceb8e48eed42ef3ac4829fe6caa1202c45
00f82510fc38c1d97a2d1ffc9741f063c2c24a6358fd357f52dca89892c8778d
0277f527788175164ede55f48d4271b9b0663a54b72b21e6ee5c14a2add963b5
055afb25b1bf6f9820aa6a562cc8ed2688693e1026549aca2272090f8bbf84fd
05e4b076afe7acb75c319321adca031258042575398196e52ee10af56d37536f
12d6c218fe8a300ee98d6acb85ebfd9d08d53b4febc4f1571d8a900c8fdeae2b
13a39634396af1deac84d96472cee0e42b227db13946e5e84eeb4440e34d1b49
15da0333da024365f065c44b1861355fac0211292dd57a0bb5f482ebcd166f4b
2119d647bc9f45a981d8fe57675a062a97e32533bd3cebd1b74cf3d6ea5fcb13
23b809f5974a53909a4a9f5c1ad4a90757697b00143cb7da4dcd226b478fc85c
25e02096bcb10848413baec193a86983995a78b60a04bf28830911e37062278c
2803b18ce07ffc6fe5c507a94164a7cbd80120c2a13fd0e57fa352e2a3d554af
2a6a3186dc876a2b4bc9fe3b375f7d37d51aa1c8ac3f8819cd51b00475a6f9b0
30a8e4002e91934de3dce201ae5fb905289e22d01bfdc173dea7a4d321bfd005
329eba2ea07aa894509e990ca7a2b11765d386135beda3827e63e54c0f6a71d5
382cd5166adfa5e843796310848599d1b053797d206d26e33044465c3ca899ce
39c5d1ed54e49102939d0280aeb20f01ef021bf5ffa74dc25fcafb43fce62ff3
3a3172b01ced74fd7589eb5dc59fffc7f36942120aa6bcffbe65b9e300357e92
3ba20842bc686bf0737ae9db6d0162d8df73781bddb2f65494a2f93f3e480b57
3d0cb0d3fdd3b5d367bc257582f488104eec50a8003a3241f07de4b121a68203
3dcf421fddabea5e40e1db046ac9e993a3c67c0ade4af67cf1d7b00be321ec24
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e25ccb231e522e36bd9e4fb569c327b5c9f5665c7fe66ab2504fb64fff349c6
405767448d618a7a326a509bf3c8484414ddf0f9518dad53f90794e7796bdde8
411efae901b962b3eeb4112ae0d1004c5da2aa0c34d5b35a57fb0dc0f044619d
463d6c4e1e1ca78645a28d1cce638ccf31273ae17ee786fd4a7b33ee1979570e
46e86068178794bda0bdb8bd9e78217a13d86553f01115fcb549cc50ba844062
4e7a2860de63d551f34de7a617c713e8f4d3e8937e35fd2b62b1f8e8d783e6ee
52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3
58b47872d76a1a7410192d142d09a21932938fcff1f8564d248d53d510ca4edb
59f6d8db6a6b4d9aa01991c751c30e4b6aef7a4197da21be7e61a41448c5ae69
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e7d1261a5c6a2d85b01cdba390614c8ecc370fdaa38b45fdb100934b942afc2
603fb54886912237fddacf25c3e631ab60dc82cc56b56c2c4d2ff49f49d4a2bc
64e22b7ab1fdd353a1a08b86f2df85dc70f49d7bf5e8b449be6fa3d099a8e35c
6551bd43824406c3af0c0ea4b60aec0dbc816857a85f115948ae475a8fccfc58
67a2ef843448fd18bbff44f59c6347d9ac79b757722a14988efbc9210a02e0a4
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6845aeea7271fdd72329264bcb9b9e93a57d296628a15fe8713f47c6db117d87
6b3c0c659d02d1a5bf563a82fa025775198a8aaa678c5628b78e508b8080ee46
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c17ce2f539969b2bb5137b9218d4ae4d3e113587999aa949d994dcde1f91f13
6d5768ebfbbe4754cda8f077aa765f5b0f462e1dc7e2937f48c44b9c390bb527
6f17fdb45a0c68fc471e5f45aed588768e97dc0242ea75ce4d4be96a70efc9df
6fe04cc16e4da41a7438043be893b3999fdf5a80d96de925f19d52a8f1a0b190
71860dfb9583c313d757437483894d70ffca9405fc373d6919c73516f37dd95b
7427662cf66c0c076bd1aa91b5c3535be8d652a9ea9352600dc7e88f56de646e
808fe531c6e9695d82459cfada6e511f6042900d39f5f01d9149bddd5b178ab7
824911724acf33ecf4f68e3f2a3a40e8a8a2900456eb7141de0d0e65fdd265ba
839ed22d92bdccec42b7df6db855650db311a481aacdda1c5221706f89385dbb
8421a2a9cd692523add6259df2a919cf17e1f480b5d048ba34fe6b714e93cdaa
8b5e61e07a160f7756179994a2db653c60f8e62e784d0a2e2bf2436e9069b80e
90d0b15bf00752cb624b1bd82eb8884633c89ac4d54f9f069c89195175916c2f
91fc9e35d78acffef6862406294559ad59ca8c94400bbbea87ae5f26efdb60a8
995d911b164843c6c2eb0a86d028f14e5d08971da5b51681b60f478bd781d8f7
999690f3bea5eb4c28401bb9191bf91eb41cd8e960ee1cdffb8db8da92f18eeb
9c404a6bdc894bcff014a94189321d8722c3c5a4273a0ddee7eb2d01680c03e1
9cc2fab0ed2ba7fa303a444cb05e6cd2a26bcbb0e69d6fdd5f149df02467154f
9d7cf625a0c4138f704ff1c7a396205e31080f517891d04d672628ba8a3c1861
a28dd4cfe8632282c36afcc7751b82fce0e41e414fab274c6ff65962b43c6dfa
a625134502f8fae2ae5f7d003418199f4dce50c1c63b89178f95455e87b9b1e5
adb0e74d3179802bb946d3487d460e61a98cdddfc16528a27fedb74e7f01de99
b1d2b57c4cc6dddac218204fb58256abbe0fc42302a1ae8d4fb505ef75f6f2ef
b3810eec60b497648ae3e2790e5c1178cd6c179f0de83975b165e295df2d0493
b4cc378621eebcf1a0bd676ddb79323607aa5d4e5b4330dcfbe5b593b4118217
b82ecc39937f2a933a2306ea967d87333ee9a6a67e03788201927c1467ec4bfa
bc828c3b65298718150f602e677cfedd7f4b3af5a271fccd641b8f06d082773c
c0064709b53f140dbbdebfe1b5fd2f6d0e1a65a818cf66bbe7ec657598cdb688
c01cf3910e58c009f6774db999e6f6ca451f09e4206cb8c88e8d9224d4b57fc9
c16d053dfd33fa8404fa522de0f2be81622ce0c3eb7deb8088a49c8ec45121a4
c1923ab7c1ee44da0c91fac0b206a82f45553b13f91dbd1fff8b6bdd90e1d519
c35a245f0be517e3bfd57278300abb58f2b367d3598048cb0c3edc1105cedf3a
c54cc923c53a3ae7b6125d87d732de9f27cfc7b603b92b52f0d796022c5b82ea
c69ed412de52f0b0e4eabc487f093403bbbc1d8f696034b78d6c75c204f60cac
caf5923b8dd6d7465690aee71c86bb3e3a6966010be0ab236118e992b499fc2d
cb263439edf30551f985827ca0f5c11710a1a0060aba81a8b4e11bd9f85e81dc
d3392bf20045832b864377d90961d6d34e066c0dc3098bf9585e2fabed40283c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc877dded5a6b7a7ddb2a493cd735de9b5a418b0ce2ba20497666e2778b5b706
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df4df46a6d431a7d08afa9380cd395065e165c00fd3ae22c2ed4c22709a494ab
e11e925b2b99903d54881e76720976d1ba30e6b0300559248f829e580034895e
e3084d9ad88bc192de5a89d9c19ab4f549901db38d296c7aa02731ccfaca79a2
e30eb44d1bd919de19f5884ded89d326c05c5537aed690c6aac1175dc4aa6179
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e13eb85aa1918ca89f5375aa00cef75d64445ac78b3c258a1f3da00365cf40
e80477f70c94c953cf712803b2ce220437bbd8b87e168020838a755dae5ff5ec
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee5082b3d02bc225d021aa9e99ead0dce1bc91289269fd66ac679d3ba36ab8dd
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc6f3ca8d5471179b7e764907866589c5d275b02e775d0491cb55e5430f7545
f01557338618032766d6a32f838968bb1b52e1a1f370caa7937704a7fc5134b7
f0d1abb081d619f809b6adf54539335cc8dfe5102cab05cca85b9c35aa35bea7
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5781d06ed480e6b542359b341c8a993e01a560d91f82cf04f0f757d0c85f78c
fab62a8b2cbe29c2089fc8691bf581417e00814d956cce49a4184647d2364a34
fb5378a30ee4ccb9328aa91047d7204296a91f04f7431d78fe83765f420d5acc

winterthur.com Open in urlscan Pro 46.231.200.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

118 Requests

85 %HTTPS

94 %IPv6

22 Domains

36 Subdomains

33 IPs

4 Countries

5645 kBTransfer

11469 kBSize

8 Cookies

16 Outgoing links

Page URL History

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

winterthur.com Open in urlscan Pro
46.231.200.190 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

85 %
HTTPS

94 %
IPv6

22
Domains

36
Subdomains

33
IPs

4
Countries

5645 kB
Transfer

11469 kB
Size

8
Cookies

118 HTTP transactions
2 data transactions